goclaw

mirror of https://github.com/tiennm99/goclaw.git synced 2026-06-10 06:10:46 +00:00

Files

T

Luan Vu a7f5acc1e3 fix(security): harden SQL injection, MCP prompt injection, sandbox fallback, and file serving (#246 )

- execMapUpdate: validate column names with strict regex to prevent SQL injection
- HTTP update handlers: add field allowlists (agents, providers, custom_tools, mcp, channel_instances)
- pqStringArray: properly escape array elements to prevent PostgreSQL array literal injection
- scanStringArray: handle quoted elements in PostgreSQL array format
- MCP bridge: wrap tool results as external/untrusted content to prevent prompt injection
- File serving: block access to sensitive system directories (/etc, /proc, /sys, etc.)
- Sandbox: fail closed when Docker unavailable instead of silent fallback to host
- Shell deny: fix base64 --decode bypass, add host exec 1MB output limit
- ILIKE queries: escape % and _ wildcards in knowledge_graph, custom_tools, channel_instances

Co-authored-by: Luvu182 <208665161+Luvu182@users.noreply.github.com>

2026-03-18 07:42:38 +07:00

bm25_index.go

feat(mcp): add dynamic tool search and shared connection pool

2026-03-07 18:52:37 +07:00

bridge_server.go

chore(teams): remove deprecated delegation tools

2026-03-16 22:46:18 +07:00

bridge_tool_test.go

feat(mcp+skills): per-agent registry isolation, skill access filtering, managed skill lifecycle (#57 )

2026-03-04 23:14:31 +07:00

bridge_tool.go

fix(security): harden SQL injection, MCP prompt injection, sandbox fallback, and file serving (#246 )