This release adds 2 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Affected surfaces
Summary
AI summaryUpdates fix, feat, and cl-0jsq across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | High |
Add ssh-family security rules to block insecure SSH traffic Add ssh-family security rules to block insecure SSH traffic Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Intercept raw-IP HTTPS endpoints on declared ports Intercept raw-IP HTTPS endpoints on declared ports Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Add per‑agent HITL channel routing, device‑page pending bar, Slack verdict sync Add per‑agent HITL channel routing, device‑page pending bar, Slack verdict sync Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Add configurable body caps for rules engine and actions table Add configurable body caps for rules engine and actions table Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Introduce `passthrough` credential type for credential‑less endpoints Introduce `passthrough` credential type for credential‑less endpoints Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Low |
Add schema_version to gateway config Add schema_version to gateway config Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Low |
Require typed confirmation to change device profile in dashboard Require typed confirmation to change device profile in dashboard Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Bugfix | Medium |
Drive relay recv/send through SyscallConn.Read/Write Drive relay recv/send through SyscallConn.Read/Write Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Bugfix | Medium |
Stop k8s tunnel jump pods from leaking resources Stop k8s tunnel jump pods from leaking resources Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Bugfix | Medium |
Resolve credential before rule matching on HTTPS path Resolve credential before rule matching on HTTPS path Source: llm_adapter@2026-06-09 Confidence: high |
— |
Full changelog
What's Changed
- Intercept raw-IP HTTPS endpoints on declared ports by @divybot in https://github.com/denoland/clawpatrol/pull/611
- fix: drive relay recv/send through SyscallConn.Read/Write (cl-0jsq) by @arnauorriols in https://github.com/denoland/clawpatrol/pull/585
- feat: per-agent HITL channel routing, device-page pending bar, Slack verdict sync by @littledivy in https://github.com/denoland/clawpatrol/pull/613
- Add schema_version to gateway config by @piscisaureus in https://github.com/denoland/clawpatrol/pull/616
- run: forward wrapped-cmd 127.0.0.0/8 connects to host loopback (cl-1clt) by @arnauorriols in https://github.com/denoland/clawpatrol/pull/589
- fix: resolve credential before rule matching on HTTPS path by @magurotuna in https://github.com/denoland/clawpatrol/pull/619
- feat: configurable body caps for rules engine and actions table (cl-ipw8) by @arnauorriols in https://github.com/denoland/clawpatrol/pull/623
- feat:
passthroughcredential type for credential-less endpoints (cl-snuf) by @arnauorriols in https://github.com/denoland/clawpatrol/pull/621 - fix: stop k8s tunnel jump pods leaking (cl-acxv) by @arnauorriols in https://github.com/denoland/clawpatrol/pull/627
- ci: set DO_NOT_TRACK=1 to keep CI out of telemetry by @ry in https://github.com/denoland/clawpatrol/pull/628
- telemetry: drop dev-version pings on both ends by @ry in https://github.com/denoland/clawpatrol/pull/629
- dashboard: require typed confirmation to change device profile by @ry in https://github.com/denoland/clawpatrol/pull/631
- Add ssh-family security rules by @piscisaureus in https://github.com/denoland/clawpatrol/pull/618
- docs: document the gateway { } block in config-reference by @ry in https://github.com/denoland/clawpatrol/pull/632
- fix: enable Claude Code /remote-control under clawpatrol env pushdown by @divybot in https://github.com/denoland/clawpatrol/pull/576
- Block requests like this by @ry in https://github.com/denoland/clawpatrol/pull/614
- rules: fail closed via viral CEL unknowns instead of dispatch gates by @piscisaureus in https://github.com/denoland/clawpatrol/pull/633
Full Changelog: https://github.com/denoland/clawpatrol/compare/v0.2.4...v0.2.5
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Claw Patrol
All releases →Beta — feedback welcome: [email protected]