[v4.1.6] - 2026-04-23
Added
- Docker: Add git to runtime dependencies in Dockerfile (69f7430)
- Vuln Rules: Add AIG vulnerability rules [2026-04-23] (#350)
- Vuln Rules: Detect exposed AI agent config files (claude_desktop_config.json, mcp.json, etc.) (#340)
- Vuln Rules: Add Trae IDE and CodeBuddy MCP config paths, extend .env key patterns
- Data Sync: Replace zip download with git clone, remove github_token dependency (#327)
- Manual Updates: Support manual updates to the latest jailbreak datasets, fingerprints, and vulnerability databases
- Update API: Merge update-status into update-data endpoint
Fixed
- Vuln Rules: Revert .env matcher to API key pattern matching
- Vuln Rules: Remove mcpServers field dependency, match on file format only
- Vuln Rules: Replace substring match with regex to reduce false positives
- Update API: Return status=1 when last sync failed
- Update API: Unify response format to {status, message, data}
- Update API: Remove request params, always sync main branch
- Data Sync: Harden update_api against CodeQL path-injection and command-injection alerts
- Vuln Rules: Update GHSA-8fmp-37rc-p5g7.yaml and OpenClaw versioning rule
Contributors
Special thanks to @feiyang666, @zhuque, @boyhack, @aigsec, @aig-doc-bot