admin/Moltbot
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
12,217 Commits 1 Branch 0 Tags
442fdbf3d897e61e06d2ab308ed2048ef45fc85c
Commit Graph

12217 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Steinberger
442fdbf3d8 fix(security): block SSRF IPv6 transition bypasses 2026-02-18 04:53:09 +01:00
Peter Steinberger
50e5553533 fix: align retry backoff semantics and test mock signatures 2026-02-18 04:53:09 +01:00
Gustavo Madeira Santana
0bf1b38cc0 Agents: fix subagent completion thread routing 2026-02-17 22:52:58 -05:00
Peter Steinberger
35851cdaff chore(changelog): move cron SSRF fix into 2026.2.18 2026-02-18 04:52:13 +01:00
Peter Steinberger
516046dba8 fix: avoid doctor token regeneration on invalid repairs 2026-02-18 04:51:25 +01:00
Peter Steinberger
797ea7ed27 perf(test): cut slow monitor/subagent test overhead 2026-02-18 03:50:30 +00:00
Peter Steinberger
99db4d13e5 fix(gateway): guard cron webhook delivery against SSRF 2026-02-18 04:48:08 +01:00
Peter Steinberger
bc00c7d156 refactor: dedupe sandbox registry helpers 2026-02-18 04:46:38 +01:00
Ayaan Zaidi
6a5f887b3d test: harden Telegram command menu sanitization coverage (#19703) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: 6a41b115902cafb5f5d79666850d4f3cd6b603ec
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Co-authored-by: obviyus <22031114+obviyus@users.noreply.github.com>
Reviewed-by: @obviyus
 2026-02-18 09:16:31 +05:30
Peter Steinberger
cc29be8c9b fix: serialize sandbox registry writes 2026-02-18 04:44:56 +01:00
Peter Steinberger
8278903f0a fix: update deep links handling 2026-02-18 04:40:42 +01:00
Peter Steinberger
4bf3338834 chore: bump version to 2026.2.18 unreleased 2026-02-18 04:40:06 +01:00
Peter Steinberger
f25bbbc37e feat: switch anthropic onboarding defaults to sonnet 2026-02-18 04:37:58 +01:00
Gustavo Madeira Santana
e8816c554f Agents: fix subagent completion delivery to origin channel 2026-02-17 22:36:14 -05:00
Peter Steinberger
ca43efa965 fix(ci): force npm install path in smoke docker tests 2026-02-18 03:25:14 +00:00
Peter Steinberger
91e9684e8c test: add normalization coverage for shared and slack allow-list 2026-02-18 03:17:54 +00:00
Peter Steinberger
8407eeb33c refactor: extract shared string normalization helpers 2026-02-18 03:17:54 +00:00
Peter Steinberger
8984f31876 fix(agents): correct completion announce retry backoff schedule 2026-02-18 03:07:47 +00:00
Peter Steinberger
a420fa0417 fix(test): align subagent announce chat history mock typing 2026-02-18 03:02:20 +00:00
Peter Steinberger
289f215b31 fix(agents): make manual subagent completion announce deterministic 2026-02-18 03:00:27 +00:00
sebslight
d30492823c chore(auto-reply): format subagent command files 2026-02-17 21:55:47 -05:00
Peter Steinberger
34851a78b2 fix: route manual subagent spawn replies via OriginatingTo fallback 2026-02-18 03:48:18 +01:00
Peter Steinberger
4134875c31 fix: route discord native subagent announce to channel target 2026-02-18 02:42:52 +00:00
Peter Steinberger
c1928845ac fix: route native subagent spawns to target session 2026-02-18 02:35:58 +00:00
Gustavo Madeira Santana
40a6661597 test(cli): fix option-collision mock typings 2026-02-17 21:32:04 -05:00
Peter Steinberger
c90b09cb02 feat(agents): support Anthropic 1M context beta header 2026-02-18 03:29:48 +01:00
Peter Steinberger
d1c00dbb7c fix: harden include confinement edge cases (#18652) (thanks @aether-ai-agent) 2026-02-18 03:27:16 +01:00
aether-ai-agent
b5f551d716 fix(security): OC-06 prevent path traversal in config includes 
Fixed CWE-22 path traversal vulnerability allowing arbitrary file reads
through the $include directive in OpenClaw configuration files.

Security Impact:
- CVSS 8.6 (High) - Arbitrary file read vulnerability
- Attack vector: Malicious config files with path traversal sequences
- Impact: Exposure of /etc/passwd, SSH keys, cloud credentials, secrets

Implementation:
- Added path boundary validation in resolvePath() (lines 169-198)
- Implemented symlink resolution to prevent bypass attacks
- Restrict includes to config directory only
- Throw ConfigIncludeError for escaping paths

Testing:
- Added 23 comprehensive security tests
- 48/48 includes.test.ts tests passing
- 5,063/5,063 full suite tests passing
- 95.55% coverage on includes.ts
- Zero regressions, zero breaking changes

Attack Vectors Blocked:
✓ Absolute paths (/etc/passwd, /etc/shadow)
✓ Relative traversal (../../etc/passwd)
✓ Symlink bypass attempts
✓ Home directory access (~/.ssh/id_rsa)

Legitimate Use Cases Preserved:
✓ Same directory includes (./config.json)
✓ Subdirectory includes (./clients/config.json)
✓ Deep nesting (./a/b/c/config.json)

Aether AI Agent Security Research
 2026-02-18 03:27:16 +01:00
Peter Steinberger
ae3637b23b test: expand subagent announce completion coverage 2026-02-18 03:21:52 +01:00
Peter Steinberger
edf7d6af61 fix: harden subagent completion announce retries 2026-02-18 03:19:50 +01:00
Peter Steinberger
d7c6136c1f test: add sonnet 4.6 and opus 4.6 setup-token model tests 2026-02-18 03:12:32 +01:00
Gustavo Madeira Santana
5a31da8eec chore: format imports in gateway and session tools 2026-02-17 21:10:38 -05:00
Peter Steinberger
81db059627 fix(subagents): always read latest assistant/tool output on subagent completion 2026-02-18 02:59:40 +01:00
Peter Steinberger
0dd97feb41 fix(subagents): include tool role in subagent completion output 2026-02-18 02:57:33 +01:00
Gustavo Madeira Santana
985ec71c55 CLI: resolve parent/subcommand option collisions (#18725) 
Merged via /review-pr -> /prepare-pr -> /merge-pr.

Prepared head SHA: b7e51cf90950cdd3049ac3c7a3a949717b8ba261
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Co-authored-by: gumadeiras <5599352+gumadeiras@users.noreply.github.com>
Reviewed-by: @gumadeiras
 2026-02-17 20:57:09 -05:00
Peter Steinberger
fa4f66255c fix(subagents): return completion message for manual session spawns 2026-02-18 02:52:35 +01:00
Peter Steinberger
f6f5cda6ca style: format subagent command files 2026-02-18 01:50:11 +00:00
Peter Steinberger
e2dd827ca4 fix: guarantee manual subagent spawn sends completion message 2026-02-18 02:45:05 +01:00
Peter Steinberger
5bd95bef5a fix(protocol): regenerate swift gateway models 2026-02-18 01:37:34 +00:00
Peter Steinberger
b8b43175c5 style: align formatting with oxfmt 0.33 2026-02-18 01:34:35 +00:00
Peter Steinberger
31f9be126c style: run oxfmt and fix gate failures 2026-02-18 01:29:02 +00:00
Peter Steinberger
638853c6d2 fix(security): sanitize sandbox env vars before docker launch 2026-02-18 02:18:05 +01:00
Peter Steinberger
5487c9adeb feat(security): add sandbox env sanitization helpers + tests 2026-02-18 02:18:02 +01:00
Peter Steinberger
71ad357bbe test: remove obsolete mesh test file 2026-02-18 02:18:02 +01:00
Peter Steinberger
972d1b74d0 Revert "Add mesh orchestration gateway methods with DAG execution and retry" 
This reverts commit 83990ed542.
 2026-02-18 02:18:02 +01:00
Peter Steinberger
01672a8f25 Revert "Add mesh auto-planning with chat command UX and hardened auth/session behavior" 
This reverts commit 16e59b26a6.

# Conflicts:
#	src/auto-reply/reply/commands-mesh.ts
#	src/gateway/server-methods/mesh.ts
#	src/gateway/server-methods/server-methods.test.ts
 2026-02-18 02:18:02 +01:00
Peter Steinberger
6dcc052bb4 fix: stabilize model catalog and pi discovery auth storage compatibility 2026-02-18 02:09:40 +01:00
Peter Steinberger
653add918b chore: bump workspace dependencies 2026-02-18 01:59:08 +01:00
Peter Steinberger
414b996b0c fix(agents): make image resize logs single-line with size 2026-02-18 01:58:33 +01:00
Peter Steinberger
3459200444 docs: reorder unreleased changelog by user-impact highlights 2026-02-18 01:51:28 +01:00