Jovancoding/Network-AI

v5.5.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 17d MCP Developer Tools

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agent-framework agent-orchestration ai-agents autogen blackboard blackboard-architecture

+14 more

crewai hermes hermes-agent langchain llm mcp multi-agent nemoclaw nodejs openclaw orchestration rlm typescript workflow-engine

Affected surfaces

auth

ReleasePort's take

Light signal

editorial:auto 9d

Grant tokens now include HMAC‑SHA256 signatures to protect against tampering.

Why it matters: HMAC verification blocks unauthorized modifications of active_grants.json; all deployments must upgrade to v5.5.2 immediately.

Summary

AI summary

Grant token integrity enforced with HMAC‑SHA256 signatures, fixing forgery vulnerability.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Grant tokens now include HMAC-SHA256 signature for integrity protection against tampering. Grant tokens now include HMAC-SHA256 signature for integrity protection against tampering. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high	—
Feature	Medium	`check_permission.py` generates a signing key and computes HMAC signatures for grant records. `check_permission.py` generates a signing key and computes HMAC signatures for grant records. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low	—
Feature	Low	Backward‑compatible handling of pre‑v5.5.2 tokens without `_sig`. Backward‑compatible handling of pre‑v5.5.2 tokens without `_sig`. Source: granite4.1:30b@2026-05-21-audit Confidence: low	—
Dependency	Medium	No new dependencies added; uses Python stdlib hmac and hashlib only. No new dependencies added; uses Python stdlib hmac and hashlib only. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low	—
Bugfix	Medium	Prevents unauthorized modification of `data/active_grants.json` by verifying token signatures. Prevents unauthorized modification of `data/active_grants.json` by verifying token signatures. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low	—
Bugfix	Medium	`validate_token.py` verifies token signatures, rejecting tampered `active_grants.json` entries. `validate_token.py` verifies token signatures, rejecting tampered `active_grants.json` entries. Source: granite4.1:30b@2026-05-21-audit Confidence: low	—
Other	Medium	Updated `references/auth-guardian.md` to describe `_sig` field and lifecycle steps. Updated `references/auth-guardian.md` to describe `_sig` field and lifecycle steps. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low	—

Full changelog

What's changed

Fixed

scripts/check_permission.py + scripts/validate_token.py — HMAC-SHA256 grant token integrity (ClawScan ASI03)

Grant tokens previously had no integrity protection. Anyone with local file access could edit data/active_grants.json to forge elevated permissions (e.g. change resource_type from EMAIL to PAYMENTS).

v5.5.2 fix:
- check_permission.py generates a 32-byte signing key at data[/<env>]/.signing_key (chmod 0o600, auto-created on first run) and computes an HMAC-SHA256 signature over each grant's canonical fields — stored as _sig in the grant record
- validate_token.py verifies _sig before returning valid: true; a tampered record returns {"valid": false, "reason": "Token signature invalid"}
- Pre-v5.5.2 tokens (no _sig) remain backward-compatible and return "sig_verified": false
- Uses Python stdlib hmac + hashlib only — zero new dependencies
The advisory-identity note (caller-supplied identity is not externally authenticated) is by design and explained in the ClawHub publisher note.

Documentation

references/auth-guardian.md: token structure updated with _sig field, lifecycle step added, advisory note updated
All version references bumped 5.5.1 -> 5.5.2 across 12 files
SECURITY.md, SKILL.md (new ASI03 token-integrity row), ENTERPRISE.md, CHANGELOG updated

Full changelog: https://github.com/Jovancoding/Network-AI/blob/main/CHANGELOG.md

No breaking changes. Pre-existing tokens continue to validate. Patch release.

Security Fixes

Added HMAC‑SHA256 signature verification for grant tokens (ClawScan ASI03) — prevents local file tampering of `data/active_grants.json` to forge elevated permissions.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Jovancoding/Network-AI

Get notified when new releases ship.

About Jovancoding/Network-AI

Multi-agent orchestration MCP server with race-condition-safe shared blackboard. 20+ MCP tools: blackboard read/write, agent spawn/stop, FSM transitions, budget tracking, token management, and audit log query. `npx network-ai-server --port 3001`.

All releases →