pdurlej/patchwarden

Fork 0

bezpieczenstwo wywajbowanego kodu #67

New issue

Closed

opened 2026-06-06 17:58:24 +02:00 by pdurlej · 3 comments

pdurlej commented

2026-06-06 17:58:24 +02:00

Owner

Do wdrożenia u nas, jako też lepsze zabezpieczenie bezpieczeństwa, jako dependencja czy moduł https://github.com/trynullsec/nullsec-s1

claude commented

2026-06-08 16:59:16 +02:00

Collaborator

Triage (claude, 2026-06-08) — research via subagent

What nullsec-s1 is: open-source security-specialized LLM for auditing AI-generated/"vibecoded" code across 16 vuln categories. Fine-tuned PEFT/QLoRA adapter over Qwen2.5-Coder-7B-Instruct, Python ~93% + TS CLI. Returns structured JSON verdicts (finding/severity/exploit/fix). ~232★, active (v1.1/RC ~2026-05-31). License: Apache-2.0 → clean match with ours.

⚠️ Note for triage: the issue link author org (trynullsec) == the repo org, so treat as a self/affiliated suggestion — evaluate on merits.

How it would fit (without breaking our rules):

❌ NOT a Python runtime dep (would break stdlib-only).
✅ M2-compatible path = CI-workflow subprocess calling the TS CLI: npx @s1-clm/s1 scan . --json --output nullsec-report.json, then Patchwarden consumes the JSON into the existing --findings-file channel — exactly the pyfallow/Option-D pattern.
The CLI defaults to a hosted backend (https://s1.trynullsec.com/api); self-hosting needs GPU/VRAM.

Two real caveats before adoption:

D20 sensor-not-gate: nullsec's --fail-on high is a gate (non-zero exit). We must consume findings + comment, NEVER let it block merge directly.
Data egress: default backend ships code off-box to a 3rd-party API — a genuine data-governance concern for a self-hosted tool. Self-host or explicit operator opt-in required.

Fit verdict: genuinely on-mission and complementary — pyfallow = structural, Ollama = generic LLM, nullsec-s1 = security-specialized. Not redundant.

Recommendation: (a) worth a planning doc + M2 evaluation (mirror pyfallow-integration-plan.md shape). License-clean + on-mission, but the data-egress + sensor-vs-gate decisions must be deliberate, and it's a new integration → parked under M2/D21 like Luka 3. Suggest labels: kind/research, judge/p2, area:v0-core, and a flow/refining until the plan doc is written.

## Triage (claude, 2026-06-08) — research via subagent **What nullsec-s1 is:** open-source security-specialized LLM for auditing AI-generated/"vibecoded" code across 16 vuln categories. Fine-tuned PEFT/QLoRA adapter over `Qwen2.5-Coder-7B-Instruct`, Python ~93% + TS CLI. Returns structured JSON verdicts (finding/severity/exploit/fix). ~232★, active (v1.1/RC ~2026-05-31). **License: Apache-2.0** → clean match with ours. > ⚠️ Note for triage: the issue link author org (`trynullsec`) == the repo org, so treat as a self/affiliated suggestion — evaluate on merits. **How it would fit (without breaking our rules):** - ❌ NOT a Python runtime dep (would break stdlib-only). - ✅ M2-compatible path = **CI-workflow subprocess** calling the TS CLI: `npx @s1-clm/s1 scan . --json --output nullsec-report.json`, then Patchwarden consumes the JSON into the existing `--findings-file` channel — exactly the pyfallow/Option-D pattern. - The CLI defaults to a **hosted backend** (`https://s1.trynullsec.com/api`); self-hosting needs GPU/VRAM. **Two real caveats before adoption:** 1. **D20 sensor-not-gate**: nullsec's `--fail-on high` is a *gate* (non-zero exit). We must consume findings + comment, NEVER let it block merge directly. 2. **Data egress**: default backend ships code off-box to a 3rd-party API — a genuine data-governance concern for a self-hosted tool. Self-host or explicit operator opt-in required. **Fit verdict:** genuinely on-mission and *complementary* — pyfallow = structural, Ollama = generic LLM, nullsec-s1 = security-specialized. Not redundant. **Recommendation: (a) worth a planning doc + M2 evaluation** (mirror `pyfallow-integration-plan.md` shape). License-clean + on-mission, but the data-egress + sensor-vs-gate decisions must be deliberate, and it's a new integration → parked under M2/D21 like Luka 3. Suggest labels: `kind/research`, `judge/p2`, `area:v0-core`, and a `flow/refining` until the plan doc is written.

claude referenced this issue from a commit

2026-06-08 21:41:19 +02:00

docs(v0): nullsec-s1 security-LLM integration plan (refs #67)

claude referenced this issue

2026-06-08 21:41:47 +02:00

docs(v0): nullsec-s1 security-LLM integration plan (refs #67) #79

pdurlej referenced this issue from a commit

2026-06-08 21:46:31 +02:00

Merge pull request 'docs(v0): nullsec-s1 security-LLM integration plan (refs #67)' (#79) from gemini/issue-67 into main

Iskra commented

2026-06-09 03:04:59 +02:00

Collaborator

{
"confidence": 3,
"effort_hint": "unknown",
"escalation": {
"kind": "none",
"reason": ""
},
"evidence_refs": [
{
"note": "Issue proposes using nullsec-s1 as a dependency or module for better security.",
"type": "forgejo",
"value": "issue-title-body-labels-and-target-snapshot"
},
{
"note": "Body is currently a short security idea with an external repository link but no scoped acceptance criteria.",
"type": "forgejo",
"value": "issue-body-excerpt"
},
{
"note": "Target snapshot has no labels, so priority is inferred from sparse public issue text only.",
"type": "snapshot",
"value": "target-snapshot-labels"
}
],
"impact": 3,
"judge_actor": {
"name": "iskra",
"runtime": "openclaw"
},
"judged_at": "2026-06-09T01:03:00Z",
"labels_to_apply": [
"judge/p2",
"judge/needs-refinement"
],
"piotr_fit": "medium",
"priority": "p2",
"rationale_summary": "This is P2 but needs refinement because security hardening for generated code could matter, yet the issue lacks scope, threat model, and integration criteria.",
"reach": 3,
"recommended_next_action": "needs_refinement",
"rerun_reason": "no_prior_judgment",
"schema": "openclaw.judge.v0",
"target": {
"kind": "issue",
"number": 67,
"repo": "pdurlej/patchwarden"
},
"target_snapshot": {
"body_hash": "sha256:ded9f23a7803045353d807e53bf88893325741851885bb7f974657a158ca74c4",
"commit_count": null,
"evidence_hash": "sha256:d45bad5c07d42da443ea35491e360fe978b8d256d0d6be255198101e0d4b455f",
"head_sha": null,
"labels": [],
"labels_hash": "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"state": "open",
"title_hash": "sha256:f0118b284b76ff3199a9e3b2451f6d17e57eca6d9551779f7545ed4a3620394a",
"updated_at": "2026-06-08T21:46:31+02:00"
},
"top_caveat": "Do not add a security dependency until its license, behavior, supply-chain risk, and concrete Patchwarden use case are reviewed."
}

{ "confidence": 3, "effort_hint": "unknown", "escalation": { "kind": "none", "reason": "" }, "evidence_refs": [ { "note": "Issue proposes using nullsec-s1 as a dependency or module for better security.", "type": "forgejo", "value": "issue-title-body-labels-and-target-snapshot" }, { "note": "Body is currently a short security idea with an external repository link but no scoped acceptance criteria.", "type": "forgejo", "value": "issue-body-excerpt" }, { "note": "Target snapshot has no labels, so priority is inferred from sparse public issue text only.", "type": "snapshot", "value": "target-snapshot-labels" } ], "impact": 3, "judge_actor": { "name": "iskra", "runtime": "openclaw" }, "judged_at": "2026-06-09T01:03:00Z", "labels_to_apply": [ "judge/p2", "judge/needs-refinement" ], "piotr_fit": "medium", "priority": "p2", "rationale_summary": "This is P2 but needs refinement because security hardening for generated code could matter, yet the issue lacks scope, threat model, and integration criteria.", "reach": 3, "recommended_next_action": "needs_refinement", "rerun_reason": "no_prior_judgment", "schema": "openclaw.judge.v0", "target": { "kind": "issue", "number": 67, "repo": "pdurlej/patchwarden" }, "target_snapshot": { "body_hash": "sha256:ded9f23a7803045353d807e53bf88893325741851885bb7f974657a158ca74c4", "commit_count": null, "evidence_hash": "sha256:d45bad5c07d42da443ea35491e360fe978b8d256d0d6be255198101e0d4b455f", "head_sha": null, "labels": [], "labels_hash": "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "state": "open", "title_hash": "sha256:f0118b284b76ff3199a9e3b2451f6d17e57eca6d9551779f7545ed4a3620394a", "updated_at": "2026-06-08T21:46:31+02:00" }, "top_caveat": "Do not add a security dependency until its license, behavior, supply-chain risk, and concrete Patchwarden use case are reviewed." }

Iskra added the

judge/needs-refinement

judge/p2

labels

2026-06-09 03:04:59 +02:00

codex referenced this issue

2026-06-23 10:34:12 +02:00

Implement Patchwarden June vision slices #111

codex commented

2026-06-23 10:34:45 +02:00

Collaborator

Progress in #111: added the first Patchwarden-native security slice without introducing nullsec-s1 as a dependency or sending code to a third-party backend.

What landed:

patchwarden.pr.security_path_sensor as an opt-in deterministic Core module;
blocks local secret config, credential JSON, SSH private-key, key/certificate, and secrets/ path changes before low-friction review lanes;
keeps the D20 split: Patchwarden emits a Contract Run module verdict only, with no repo mutation, no network, no LLM call, and no secret reading;
updated Core registry specs/examples, status docs, architecture docs, and PW-G002 status.

Verification: PYTHONPATH=src:. python3 -m unittest discover -s tests -> 514 tests OK. CLI smoke: .env.production blocks with patchwarden.pr.security_path_sensor; docs/.env.example passes with empty security evidence.

Boundary: this does not close #67 yet. The broader nullsec-s1/security-specialized model integration remains a separate design/evaluation item because of egress and sensor-vs-gate policy.

Progress in #111: added the first Patchwarden-native security slice without introducing `nullsec-s1` as a dependency or sending code to a third-party backend. What landed: - `patchwarden.pr.security_path_sensor` as an opt-in deterministic Core module; - blocks local secret config, credential JSON, SSH private-key, key/certificate, and `secrets/` path changes before low-friction review lanes; - keeps the D20 split: Patchwarden emits a Contract Run module verdict only, with no repo mutation, no network, no LLM call, and no secret reading; - updated Core registry specs/examples, status docs, architecture docs, and PW-G002 status. Verification: `PYTHONPATH=src:. python3 -m unittest discover -s tests` -> 514 tests OK. CLI smoke: `.env.production` blocks with `patchwarden.pr.security_path_sensor`; `docs/.env.example` passes with empty security evidence. Boundary: this does not close #67 yet. The broader nullsec-s1/security-specialized model integration remains a separate design/evaluation item because of egress and sensor-vs-gate policy.

codex referenced this issue from a pull request that will close it,

2026-06-23 15:32:29 +02:00

feat: add Nullsec-S1 artifact gate #112

pdurlej closed this issue

2026-06-23 15:53:35 +02:00

codex referenced this issue

2026-06-23 15:57:12 +02:00

docs: sync Nullsec status ledger #113