refactor(exec): centralize safe-bin policy checks

2026-05-09 11:07:41 +00:00 · 2026-02-22 13:18:17 +01:00
parent bcad4f67a2
commit 0d0f4c6992
15 changed files with 806 additions and 68 deletions
--- a/src/security/audit.test.ts
+++ b/src/security/audit.test.ts
@@ -296,6 +296,70 @@ describe("security audit", () => {
    expect(hasFinding(res, "tools.exec.host_sandbox_no_sandbox_agents", "warn")).toBe(true);
  });

+  it("warns for interpreter safeBins entries without explicit profiles", async () => {
+    const cfg: OpenClawConfig = {
+      tools: {
+        exec: {
+          safeBins: ["python3"],
+        },
+      },
+      agents: {
+        list: [
+          {
+            id: "ops",
+            tools: {
+              exec: {
+                safeBins: ["node"],
+              },
+            },
+          },
+        ],
+      },
+    };
+
+    const res = await audit(cfg);
+
+    expect(hasFinding(res, "tools.exec.safe_bins_interpreter_unprofiled", "warn")).toBe(true);
+  });
+
+  it("does not warn for interpreter safeBins when explicit profiles are present", async () => {
+    const cfg: OpenClawConfig = {
+      tools: {
+        exec: {
+          safeBins: ["python3"],
+          safeBinProfiles: {
+            python3: {
+              maxPositional: 0,
+            },
+          },
+        },
+      },
+      agents: {
+        list: [
+          {
+            id: "ops",
+            tools: {
+              exec: {
+                safeBins: ["node"],
+                safeBinProfiles: {
+                  node: {
+                    maxPositional: 0,
+                  },
+                },
+              },
+            },
+          },
+        ],
+      },
+    };
+
+    const res = await audit(cfg);
+
+    expect(
+      res.findings.some((f) => f.checkId === "tools.exec.safe_bins_interpreter_unprofiled"),
+    ).toBe(false);
+  });
+
  it("warns when loopback control UI lacks trusted proxies", async () => {
    const cfg: OpenClawConfig = {
      gateway: {