github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 15:48:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden untrusted web tool transcripts

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-13 00:46:11 +01:00
parent 4543c401b4
commit da55d70fb0
13 changed files with 484 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/agents/pi-tools.before-tool-call.ts
View File

@@ -19,13 +19,14 @@ export async function runBeforeToolCallHook(args: {
toolCallId?: string;
ctx?: HookContext;
}): Promise<HookOutcome> {
const toolName = normalizeToolName(args.toolName || "tool");
const params = args.params;
const hookRunner = getGlobalHookRunner();
if (!hookRunner?.hasHooks("before_tool_call")) {
return { blocked: false, params: args.params };
}
const toolName = normalizeToolName(args.toolName || "tool");
const params = args.params;
try {
const normalizedParams = isPlainObject(params) ? params : {};
const hookResult = await hookRunner.runBeforeToolCall(