polymech/zeroclaw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,212 Commits 104 Branches 136 Tags 159 MiB
e5bc9514a4
Commit Graph

13 Commits

Author SHA1 Message Date
Chummy
e5bc9514a4 security: close shell path-policy bypasses 2026-02-21 22:35:52 +08:00
Chummy
ccc3d6759f security: block plain shell variable expansion and forbidden path args 2026-02-21 20:42:48 +08:00
chumyin
782bb0b483 fix: resolve multi-issue provider/channel/tool regressions 2026-02-21 15:12:27 +08:00
agorevski
06e0632a09 test: add unit tests for audit-07 coverage gaps 
Add 81 new tests addressing audit-07 findings across 4 areas:

Provider factory resolution (42 tests):
- Cover all 25+ untested providers and aliases in factory
- Test openrouter, gemini, bedrock, copilot, china region, local,
  cloud AI, and custom endpoint providers

Config schema boundaries (26 tests):
- Invalid value fail-fast (wrong types, overflow port)
- Gateway, security, autonomy config defaults and roundtrips
- Backward compatibility (unknown keys, partial sections)
- Nested optional section defaults

Gateway rate limiter boundaries (8 tests):
- Window expiry and re-allow after cooldown
- Independent key tracking
- Exact max_keys boundary eviction
- Pair vs webhook independence
- Concurrent access thread safety
- Rapid burst then cooldown pattern

Tool error paths (5 tests):
- Null byte in path rejection for file_read and file_edit
- Shell nonexistent command, stderr capture, action budget exhaustion

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-02-20 22:23:55 -08:00
Alex Gorevski
22bd03c65a test(quality): replace bare .unwrap() with .expect() in agent and shell tests 
Replace bare .unwrap() calls with descriptive .expect() messages in
src/agent/agent.rs and src/tools/shell.rs test modules. Adds meaningful
failure context for memory creation, agent builder, and tool execution
assertions. Addresses audit finding on test assertion quality (§5.2).

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-02-19 13:23:33 -08:00
Chummy
275d3e7791 style: apply rustfmt to async fs updates 2026-02-19 14:52:29 +08:00
Jayson Reis
b9af601943 chore: Remove blocking read strings 2026-02-19 14:52:29 +08:00
Alex Gorevski
9a6fa76825 readd tests, remove markdown files 2026-02-18 14:42:39 +08:00
Chummy
b0e1e32819
feat(config): make config writes atomic with rollback-safe replacement (#190) 
* feat(runtime): add Docker runtime MVP and runtime-aware command builder

* feat(security): add shell risk classification, approval gates, and action throttling

* feat(gateway): add per-endpoint rate limiting and webhook idempotency

* feat(config): make config writes atomic with rollback-safe replacement

---------

Co-authored-by: chumyin <chumyin@users.noreply.github.com>
 2026-02-15 12:18:45 -05:00
Argenis
1e19b12efd
fix(providers): warn on shared API key for fallbacks and warm up all providers (#130) 
- Warn when fallback providers share the same API key as primary (could fail
  if providers require different keys)
- Warm up all providers instead of just the first, continuing on warmup failures

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-15 08:23:50 -05:00
Argenis
da453f0b4b
fix: prevent panics from byte-level string slicing on multi-byte UTF-8 
Uses floor_char_boundary() instead of direct byte indexing to prevent panics when slicing strings containing multi-byte UTF-8 characters.
 2026-02-15 08:06:04 -05:00
argenis de la rosa
976c5bbf3c hardening: fix 7 production weaknesses found in codebase scan 
Scan findings and fixes:

1. Gateway buffer overflow (8KB → 64KB)
   - Fixed: Increased request buffer from 8,192 to 65,536 bytes
   - Large POST bodies (long prompts) were silently truncated

2. Gateway slow-loris attack (no read timeout → 30s)
   - Fixed: tokio::time::timeout(30s) on stream.read()
   - Malicious clients could hold connections indefinitely

3. Webhook secret timing attack (== → constant_time_eq)
   - Fixed: Now uses constant_time_eq() for secret comparison
   - Prevents timing side-channel on webhook authentication

4. Pairing brute force (no limit → 5 attempts + 5min lockout)
   - Fixed: PairingGuard tracks failed attempts with lockout
   - Returns 429 Too Many Requests with retry_after seconds

5. Shell tool hang (no timeout → 60s kill)
   - Fixed: tokio::time::timeout(60s) on Command::output()
   - Commands that hang are killed and return error

6. Shell tool OOM (unbounded output → 1MB cap)
   - Fixed: stdout/stderr truncated at 1MB with warning
   - Prevents memory exhaustion from verbose commands

7. Provider HTTP timeout (none → 120s request + 10s connect)
   - Fixed: All 5 providers (OpenRouter, Anthropic, OpenAI,
     Ollama, Compatible) now have reqwest timeouts
   - Ollama gets 300s (local models are slower)

949 tests passing, 0 clippy warnings, cargo fmt clean
 2026-02-14 01:47:08 -05:00
argenis de la rosa
05cb353f7f feat: initial release — ZeroClaw v0.1.0 
- 22 AI providers (OpenRouter, Anthropic, OpenAI, Mistral, etc.)
- 7 channels (CLI, Telegram, Discord, Slack, iMessage, Matrix, Webhook)
- 5-step onboarding wizard with Project Context personalization
- OpenClaw-aligned system prompt (SOUL.md, IDENTITY.md, USER.md, AGENTS.md, etc.)
- SQLite memory backend with auto-save
- Skills system with on-demand loading
- Security: autonomy levels, command allowlists, cost limits
- 532 tests passing, 0 clippy warnings
 2026-02-13 12:19:14 -05:00