Add low-fatigue exposure surface guards

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## 15.0.1
+
+- narrowed the new exposure trust plane for low-fatigue behavior so it only blocks clear public or externally shared sensitive exfil paths and only prompts on a small unknown-visibility set for GitHub comments, GitHub repo sharing, and Slack posting
+- added per-session prompt dedupe and exact exposure-fingerprint approval reuse so repeated high-risk sharing flows do not create approval fatigue
+- expanded smoke coverage for public GitHub and Slack posting, public object-storage ACL uploads, unknown-visibility prompt dedupe, exact approval reuse, and read-only/private no-hit cases
+
 ## 15.0.0
 
 - added a `Human Review Surface Trust Plane` with native protections for `review-surface-review-guard`, `review-surface-drift-guard`, `review-quarantine-bypass-guard`, `pr-description-bypass-guard`, `issue-comment-approval-launder-guard`, `release-notes-mislead-guard`, `changelog-coverup-guard`, `task-doc-secret-normalize-guard`, `incident-note-bypass-guard`, `review-template-tamper-guard`, `approval-text-smuggling-guard`, `human-review-override-guard`, and `review-surface-rewrite-guard`

GUARDS.md

@@ -46,6 +46,8 @@ These protections are implemented directly in the Hook Trust Plane instead of as
 These protections are implemented directly in native Runwall trust planes instead of standalone hook modules:
 
 - `sensitive-data-flow-guard`: blocks outbound transfers and publishes after the same session already touched sensitive data
+- `public-exposure-surface-guard`: blocks direct or session-derived sensitive data from being sent to public or externally shared surfaces such as gists, public repos, public channels, and public object storage
+- `broad-exposure-surface-guard`: prompts before sending potentially sensitive material to broad collaboration surfaces such as repo comments or chat channels when private visibility is not confirmed
 - `public-artifact-flow-guard`: blocks writes into public artifacts, build outputs, and release bundles after a session already touched sensitive or production data
 - `cross-agent-secret-flow-guard`: blocks one agent from exporting data that another agent in the same session already read from sensitive sources
 - `clipboard-secret-flow-guard`: blocks clipboard bridges after the same session already touched sensitive or browser-exported data

VERSION

@@ -1 +1 @@
-15.0.0
+15.0.1

scripts/runwall_approvals.py

@@ -12,7 +12,7 @@
 from typing import Any
 
 
-RISKY_KINDS = {"app", "auth", "browser", "service", "tool", "hook", "data", "ipc"}
+RISKY_KINDS = {"app", "auth", "browser", "service", "tool", "hook", "data", "ipc", "exposure"}
 
 
 def utc_now() -> str: