github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-01 01:11:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden untrusted web tool transcripts

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-13 00:46:11 +01:00
parent 4543c401b4
commit da55d70fb0
13 changed files with 484 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/agents/tools/web-tools.enabled-defaults.test.ts
View File

@@ -352,10 +352,18 @@ describe("web_search external content wrapping", () => {
const tool = createWebSearchTool({ config: undefined, sandboxed: true });
const result = await tool?.execute?.(1, { query: "test" });
const details = result?.details as { results?: Array<{ description?: string }> };
const details = result?.details as {
externalContent?: { untrusted?: boolean; source?: string; wrapped?: boolean };
results?: Array<{ description?: string }>;
};
expect(details.results?.[0]?.description).toContain("<<<EXTERNAL_UNTRUSTED_CONTENT>>>");
expect(details.results?.[0]?.description).toContain("Ignore previous instructions");
expect(details.externalContent).toMatchObject({
untrusted: true,
source: "web_search",
wrapped: true,
});
});
it("does not wrap Brave result urls (raw for tool chaining)", async () => {