admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

security: add skill/plugin code safety scanner (#9806)

Browse Source 
* security: add skill/plugin code safety scanner module

* security: integrate skill scanner into security audit

* security: add pre-install code safety scan for plugins

* style: fix curly brace lint errors in skill-scanner.ts

* docs: add changelog entry for skill code safety scanner

* style: append ellipsis to truncated evidence strings

* fix(security): harden plugin code safety scanning

* fix: scan skills on install and report code-safety details

* fix: dedupe audit-extra import

* fix(security): make code safety scan failures observable

* fix(test): stabilize smoke + gateway timeouts (#9806) (thanks @abdelsfane)

---------

Co-authored-by: Darshil <ddhameliya@mail.sfsu.edu>
Co-authored-by: Darshil <81693876+dvrshil@users.noreply.github.com>
Co-authored-by: George Pickett <gpickett00@gmail.com>
This commit is contained in:
Abdel Sy Fane
2026-02-05 17:06:11 -07:00
committed by GitHub
parent 141f551a4c
commit bc88e58fcf
16 changed files with 1722 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/cli/program.smoke.test.ts
View File

@@ -10,6 +10,9 @@ const callGateway = vi.fn();
const runChannelLogin = vi.fn();
const runChannelLogout = vi.fn();
const runTui = vi.fn();
const loadAndMaybeMigrateDoctorConfig = vi.fn();
const ensureConfigReady = vi.fn();
const ensurePluginRegistryLoaded = vi.fn();
const runtime = {
log: vi.fn(),
@@ -37,9 +40,12 @@ vi.mock("../commands/configure.js", () => ({
}));
vi.mock("../commands/setup.js", () => ({ setupCommand }));
vi.mock("../commands/onboard.js", () => ({ onboardCommand }));
vi.mock("../commands/doctor-config-flow.js", () => ({ loadAndMaybeMigrateDoctorConfig }));
vi.mock("../runtime.js", () => ({ defaultRuntime: runtime }));
vi.mock("./channel-auth.js", () => ({ runChannelLogin, runChannelLogout }));
vi.mock("../tui/tui.js", () => ({ runTui }));
vi.mock("./plugin-registry.js", () => ({ ensurePluginRegistryLoaded }));
vi.mock("./program/config-guard.js", () => ({ ensureConfigReady }));
vi.mock("../gateway/call.js", () => ({
callGateway,
randomIdempotencyKey: () => "idem-test",
@@ -58,6 +64,7 @@ describe("cli program (smoke)", () => {
beforeEach(() => {
vi.clearAllMocks();
runTui.mockResolvedValue(undefined);
ensureConfigReady.mockResolvedValue(undefined);
});
it("runs message with required options", async () => {