vikingowl b60aa02bfd feat(fs): enforce workspace boundary on fs tools ...

Adds a Guard that resolves every path against an allowlist of absolute
roots (default: cwd) and rejects anything escaping via relative segments,
absolute paths outside the root, or symlinks (including symlinked
parents on writes).

Closes audit finding C1: fs.read/fs.write/fs.edit/fs.glob/fs.grep/fs.ls
previously accepted any absolute path; the only protection was a
substring denylist (.env, .ssh/, ...) which missed /etc/shadow, kube
configs, IDE secrets, and anything reachable via symlink.

2026-05-19 16:07:29 +02:00

..

agent

test: M7 audit — quality feedback, coordinator, agent tool coverage

2026-04-06 00:59:12 +02:00

bash

feat(pty): Phase 2 — interactive shell and bash interactive detection

2026-05-07 15:52:56 +02:00

fs

feat(fs): enforce workspace boundary on fs tools

2026-05-19 16:07:29 +02:00

persist

fix: persist.Store — sanitize callID, log save errors, document List filter semantics

2026-04-05 21:44:03 +02:00

sysinfo

feat: compact system inventory with queryable system_info tool

2026-04-03 14:50:33 +02:00

registry_test.go

feat: complete M1 — core engine with Mistral provider

2026-04-03 12:01:55 +02:00

registry.go

feat: Ollama/gemma4 compat — /init flow, stream filter, safety fixes

2026-04-05 19:24:51 +02:00

result.go

feat: complete M1 — core engine with Mistral provider

2026-04-03 12:01:55 +02:00

tool.go

feat(engine): M8 cleanup — Wave B skill enforcement

2026-05-07 15:29:33 +02:00