harivansh-afk/clanker-agent
1
1
Fork 0
mirror of https://github.com/harivansh-afk/clanker-agent.git synced 2026-04-17 18:02:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: validate computer snapshot ids

Browse source 
- reject unsafe snapshot ids in the TypeScript wrapper before spawning the helper
- reject unsafe snapshot ids in agent-computer before loading snapshot files
- add regression coverage for wrapper and helper traversal attempts

Co-authored-by: Codex <noreply@openai.com>
This commit is contained in:
Harivansh Rathi 2026-03-11 14:34:10 -04:00
parent a4250bad30
commit 8a43732b7e
2 changed files with 57 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
packages/coding-agent/src/core/tools/computer.ts
View file

@ -31,6 +31,7 @@ const computerActions = [
] as const;
const computerObservationModes = ["hybrid", "ocr"] as const;
const computerSnapshotIdPattern = /^[A-Za-z0-9_-]+$/;
const DEFAULT_COMPUTER_COMMAND =
process.env.COMPANION_AGENT_COMPUTER_COMMAND || "agent-computer";
@ -285,6 +286,12 @@ function hasDragDestination(input: ComputerToolInput): boolean {
);
}
function validateSnapshotId(snapshotId: string): void {
if (!computerSnapshotIdPattern.test(snapshotId)) {
throw new Error(`Invalid computer snapshotId: "${snapshotId}"`);
}
}
function validateWaitInput(input: ComputerToolInput): void {
const targetCount =
(input.ref !== undefined ? 1 : 0) +
@ -307,6 +314,10 @@ function validateWaitInput(input: ComputerToolInput): void {
}
function validateComputerInput(input: ComputerToolInput): void {
if (input.snapshotId !== undefined) {
validateSnapshotId(input.snapshotId);
}
switch (input.action) {
case "observe":
case "app_list":