goclaw

tiennm99/goclaw

Fork 0

mirror of https://github.com/tiennm99/goclaw.git synced 2026-06-14 16:12:00 +00:00

Commit Graph

Author	SHA1	Message	Date
Viet Tran	ce333c70f3	fix(security): followup hardening — ILIKE ESCAPE, allowlist logging, shell deny, tests (#251 ) - Add explicit ESCAPE '\' clause to all ILIKE queries (knowledge_graph, custom_tools, channel_instances, channel_contacts) for correct wildcard escaping regardless of PostgreSQL standard_conforming_strings setting - Log warning when filterAllowedKeys drops unknown fields for debuggability - Widen base64 decode shell deny pattern to catch -di, -dw0 variants - Add unit tests for filterAllowedKeys, pqStringArray, scanStringArray, pqStringArray↔scanStringArray roundtrip, limitedBuffer, base64 deny	2026-03-18 07:48:48 +07:00
Luan Vu	a7f5acc1e3	fix(security): harden SQL injection, MCP prompt injection, sandbox fallback, and file serving (#246 ) - execMapUpdate: validate column names with strict regex to prevent SQL injection - HTTP update handlers: add field allowlists (agents, providers, custom_tools, mcp, channel_instances) - pqStringArray: properly escape array elements to prevent PostgreSQL array literal injection - scanStringArray: handle quoted elements in PostgreSQL array format - MCP bridge: wrap tool results as external/untrusted content to prevent prompt injection - File serving: block access to sensitive system directories (/etc, /proc, /sys, etc.) - Sandbox: fail closed when Docker unavailable instead of silent fallback to host - Shell deny: fix base64 --decode bypass, add host exec 1MB output limit - ILIKE queries: escape % and _ wildcards in knowledge_graph, custom_tools, channel_instances Co-authored-by: Luvu182 <208665161+Luvu182@users.noreply.github.com>	2026-03-18 07:42:38 +07:00
viettranx	63eff188ad	feat(kg): add knowledge graph with LLM extraction, traversal, and graph visualization - KnowledgeGraphStore interface + PostgreSQL implementation (recursive CTE traversal, 5s timeout) - LLM entity extraction pipeline triggered on memory writes (background goroutine) - knowledge_graph_search agent tool with search + traversal modes - HTTP API: CRUD entities, traverse, extract, stats, graph endpoints - Web UI: KG tab on memory page with table/graph toggle, entity detail, manual extraction - Force-directed graph visualization using @xyflow/react + d3-force - Builtin tool seed with configurable provider/model/confidence settings	2026-03-09 17:11:20 +07:00

Author

SHA1

Message

Date

Viet Tran

ce333c70f3

fix(security): followup hardening — ILIKE ESCAPE, allowlist logging, shell deny, tests (#251 )

- Add explicit ESCAPE '\' clause to all ILIKE queries (knowledge_graph,
  custom_tools, channel_instances, channel_contacts) for correct wildcard
  escaping regardless of PostgreSQL standard_conforming_strings setting
- Log warning when filterAllowedKeys drops unknown fields for debuggability
- Widen base64 decode shell deny pattern to catch -di, -dw0 variants
- Add unit tests for filterAllowedKeys, pqStringArray, scanStringArray,
  pqStringArray↔scanStringArray roundtrip, limitedBuffer, base64 deny

2026-03-18 07:48:48 +07:00

Luan Vu

a7f5acc1e3

fix(security): harden SQL injection, MCP prompt injection, sandbox fallback, and file serving (#246 )

- execMapUpdate: validate column names with strict regex to prevent SQL injection
- HTTP update handlers: add field allowlists (agents, providers, custom_tools, mcp, channel_instances)
- pqStringArray: properly escape array elements to prevent PostgreSQL array literal injection
- scanStringArray: handle quoted elements in PostgreSQL array format
- MCP bridge: wrap tool results as external/untrusted content to prevent prompt injection
- File serving: block access to sensitive system directories (/etc, /proc, /sys, etc.)
- Sandbox: fail closed when Docker unavailable instead of silent fallback to host
- Shell deny: fix base64 --decode bypass, add host exec 1MB output limit
- ILIKE queries: escape % and _ wildcards in knowledge_graph, custom_tools, channel_instances

Co-authored-by: Luvu182 <208665161+Luvu182@users.noreply.github.com>

2026-03-18 07:42:38 +07:00

viettranx

63eff188ad

feat(kg): add knowledge graph with LLM extraction, traversal, and graph visualization

- KnowledgeGraphStore interface + PostgreSQL implementation (recursive CTE traversal, 5s timeout)
- LLM entity extraction pipeline triggered on memory writes (background goroutine)
- knowledge_graph_search agent tool with search + traversal modes
- HTTP API: CRUD entities, traverse, extract, stats, graph endpoints
- Web UI: KG tab on memory page with table/graph toggle, entity detail, manual extraction
- Force-directed graph visualization using @xyflow/react + d3-force
- Builtin tool seed with configurable provider/model/confidence settings

2026-03-09 17:11:20 +07:00

3 Commits