Gitpulse
Merged
Size
XL
Change Breakdown
Security75%
Feature25%
#60517Plugins: verify ClawHub archive integrity

Plugin installs now cryptographically verified

GH
ghost
·Apr 7, 2026

ClawHub plugin archives are now checked against SHA-256 checksums before installation, with the system refusing to proceed if hashes are missing or mismatched.

Plugin installations from ClawHub now include cryptographic verification. Before a plugin archive is installed, its SHA-256 hash is computed and compared against the expected value in version metadata. If the hashes don't match—or if the metadata lacks an integrity hash entirely—the installation fails closed, preventing potentially tampered or incomplete plugins from being loaded.

The implementation normalizes multiple hash formats that ClawHub may return, including base64 with sha256- prefixes, hex with sha256: prefixes, and raw hex strings. This flexibility prevents installations from breaking if ClawHub changes its metadata format, while still maintaining strict verification. Fallback ZIP verification has also been tightened for cases where metadata is malformed.

This change protects users from corrupted downloads, man-in-the-middle attacks during plugin fetching, and potentially malicious packages masquerading as legitimate ClawHub plugins. Plugin authors and administrators should see more reliable installs with clearer failures when something goes wrong.

View Original GitHub Description

Summary

  • verify ClawHub archive integrity before installing plugin archives
  • accept the archive hash from the version metadata shapes currently returned by ClawHub

Changes

  • add SHA-256 integrity normalization for supported ClawHub metadata formats
  • extract expected archive integrity from version metadata and fail closed when it is missing
  • reject installs when the downloaded archive integrity does not match the version metadata
  • add targeted regression coverage for accepted metadata shapes and failure paths

Validation

  • Ran pnpm test -- src/plugins/clawhub.test.ts src/infra/clawhub.test.ts
  • Verified installs fail closed when version metadata has no archive hash
  • Ran local agentic review gate with claude -p "/review"; follow-up PR review requested after PR creation

Notes

  • Residual risk or follow-up: behavior depends on ClawHub continuing to expose one of the supported archive hash fields on version metadata
© 2026 · via Gitpulse