From a6735517d225f95f2a31d7e55cddd0bf35c48758 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=A8=8B=E6=99=BA=E8=B6=850668000959?=
 <cheng.zhichao@xydigit.com>
Date: Fri, 5 Jun 2026 09:17:40 +0800
Subject: [PATCH] test(tools): add unit tests for scheme-less URL workspace
 guard detection

---
 pkg/tools/shell_test.go | 45 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/pkg/tools/shell_test.go b/pkg/tools/shell_test.go
index 83807dac6..b1460b9e3 100644
--- a/pkg/tools/shell_test.go
+++ b/pkg/tools/shell_test.go
@@ -1807,3 +1807,48 @@ func TestEncodeKeyTokenWithPtyKeyMode(t *testing.T) {
 		})
 	}
 }
+
+// TestShellTool_SchemelessURLDetection verifies that the scheme-less URL
+// detection logic in guardCommand correctly identifies web URL path components
+// (e.g., "//github.com" captured by the regex after "https:") and exempts them
+// from workspace sandbox checks. It also confirms that paths NOT preceded by a
+// recognized web scheme are still blocked.
+func TestShellTool_SchemelessURLDetection(t *testing.T) {
+	tmpDir := t.TempDir()
+	tool, err := NewExecTool(tmpDir, true)
+	if err != nil {
+		t.Fatalf("unable to configure exec tool: %s", err)
+	}
+
+	// Each of the 7 recognized web schemes should have its path component
+	// exempted from workspace boundary checks.
+	allowedCommands := []string{
+		"echo https://github.com",
+		"echo http://example.com",
+		"echo ftp://ftp.example.com",
+		"echo ftps://secure.example.com",
+		"echo sftp://sftp.example.com",
+		"echo ssh://git@github.com",
+		"echo git://github.com",
+	}
+
+	for _, cmd := range allowedCommands {
+		result := tool.Execute(context.Background(), map[string]any{"action": "run", "command": cmd})
+		if result.IsError && strings.Contains(result.ForLLM, "path outside working dir") {
+			t.Errorf("command with recognized web scheme should not be blocked: %s\n  error: %s", cmd, result.ForLLM)
+		}
+	}
+
+	// Multiple URLs with different schemes in a single command should all be exempt.
+	multiURLCommands := []string{
+		"echo https://github.com && curl http://example.com",
+		"wget ftp://a.com; curl https://b.com",
+	}
+
+	for _, cmd := range multiURLCommands {
+		result := tool.Execute(context.Background(), map[string]any{"action": "run", "command": cmd})
+		if result.IsError && strings.Contains(result.ForLLM, "path outside working dir") {
+			t.Errorf("command with multiple web URLs should not be blocked: %s\n  error: %s", cmd, result.ForLLM)
+		}
+	}
+}