haitham/claw3d
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): close remaining path validation gaps (#77)

Browse Source 
Harden the SSH agent-state and skill-removal paths to match the local security model, and avoid rejecting valid local workspace skill removals.

Made-with: Cursor

Co-authored-by: iamlukethedev <lucas.guilherme@smartwayslfl.com>
This commit is contained in:
Luke The Dev
2026-03-27 22:21:41 -05:00
committed by GitHub
parent e0eb73111b
commit c3556d2daa
10 changed files with 69 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/unit/agentStateLocal.test.ts
+13
View File
@@ -39,5 +39,18 @@ describe("agent state local", () => {
expect(fs.existsSync(agentDir)).toBe(true);
expect(fs.readFileSync(path.join(workspace, "hello.txt"), "utf8")).toBe("hi");
});
it("rejects restore paths outside the agent-state trash root", () => {
const stateDir = mkTmpStateDir();
process.env.OPENCLAW_STATE_DIR = stateDir;
const agentId = "test-agent";
const fakeTrashDir = path.join(stateDir, "agents", agentId);
fs.mkdirSync(fakeTrashDir, { recursive: true });
expect(() => restoreAgentStateLocally({ agentId, trashDir: fakeTrashDir })).toThrow(
"trashDir is not under"
);
});
});