Tencent/AI-Infra-Guard v4.1 on GitHub

[v4.1] - 2026-03-23

New Scan Port: Added port 18789 to the default AI infrastructure scan port list for broader AI component coverage
New Vulnerability Rules: Added AIG Rules (2026-03-20 batch), continuously expanding the AI component vulnerability detection rule library
OpenClaw Vulnerability Database: Added 281 new CVE/GHSA entries for OpenClaw components, covering a wide range of AI infrastructure security advisories
YAML CI/CD Validation: Introduced automated YAML format validation pipeline via CSCD; triggered on PR and Push events to ensure rule compliance before merge
Task API Enhancement: Improved taskapi lifecycle management and Agent Scan support
edgeone-clawscan Skill: Added EdgeOne-based ClawScan security scanning Skill powered by Tencent Zhuque Lab AI-Infra-Guard

License Migration: Migrated from MIT to Apache 2.0; added NOTICE file with attribution requirements
License Headers: Added Apache 2.0 license headers to all .go and .py source files

CodeQL Hardening: Completed CodeQL path-injection remediation (Round 2), closing all related security alerts
Score Normalization: Fixed severity case inconsistency in CalcSecScore and added support for Chinese severity levels (#178)
Agent Config Path Validation: Fixed path injection risk in readAgentConfigContent, added input validation and boundary checks
Documentation Fixes: Fixed ClawScan URL formatting, broken links, and other documentation errors

Added AI coding assistant guideline files: CLAUDE.md, CODEBUDDY.md, AGENTS.md
Updated README and README_ZH.md with v4.0 feature descriptions and capability overview
Moved license section to bottom of README_ZH.md; fixed license filename reference to LICENSE

Enforced open-source standards across README, CHANGELOG, NOTICE, and YAML CI configuration