lzh/picoclaw
1
0
Fork 0
mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,157 Commits 12 Branches 15 Tags
e00a3d9017165c4f90e339682a992e78cd6a09f6
Commit Graph

4 Commits

Author SHA1 Message Date
wenjie 7b9fdaec32 feat(config): add exec controls and gate cron commands on exec settings (#1685) 
- add a dedicated exec settings section in the config page
- support timeout and custom allow/deny regex patterns for exec
- validate custom exec regex patterns in the config API
- block cron command scheduling and execution when exec is disabled
- update tests and i18n strings for the new command settings
 2026-03-17 18:56:52 +08:00
wenjie fcb69860c4 feat(web): add configurable cron command execution settings (#1647) 
- add tools.cron.allow_command config with a default value of true
- require command_confirm only when cron command execution is disabled
- expose cron command permission and timeout settings in the config UI
- add backend tests and update i18n strings
 2026-03-17 09:44:32 +08:00
Hoshina f71eaaf7f8 fix(cron): default scheduled jobs to agent execution 2026-03-14 21:03:23 +08:00
wenjie 8c2a9332c6 fix(security): harden unauthenticated tool-exec paths (#1360) 
* fix(security): harden unauthenticated tool-exec paths (GHSA-pv8c-p6jf-3fpp)

- Exec tool: channel-based access control (default deny remote)
- Cron tool: command scheduling restricted to internal channels
- Web fetch: SSRF defense-in-depth (pre-flight + dial-time + redirect checks)
- File permissions: session/state dirs 0700, files 0600
- Registry: inject __channel/__chat_id into tool args (replaces racy SetContext)

28 new security regression tests.

(cherry picked from commit 191446ae19021604d3d5b0d9376b9655ab749105)

* fix(exec): revalidate working_dir before command start

* test(web): allow local oversized payload fixture

---------

Co-authored-by: xj <gh-xj@users.noreply.github.com>
 2026-03-11 19:22:20 +08:00