github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-06-07 22:09:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: harden plugin command registration + telegram menu guard (#31997) (thanks @liuxiaopai-ai)

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-02 19:04:19 +00:00
parent 0958d11478
commit ee68fa86b5
3 changed files with 79 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/plugins/commands.ts
View File

@@ -119,23 +119,36 @@ export function registerPluginCommand(
return { ok: false, error: "Command handler must be a function" };
}
const validationError = validateCommandName(command.name);
if (typeof command.name !== "string") {
return { ok: false, error: "Command name must be a string" };
}
if (typeof command.description !== "string") {
return { ok: false, error: "Command description must be a string" };
}
const name = command.name.trim();
const description = command.description.trim();
if (!description) {
return { ok: false, error: "Command description cannot be empty" };
}
const validationError = validateCommandName(name);
if (validationError) {
return { ok: false, error: validationError };
}
const key = `/${command.name.toLowerCase()}`;
const key = `/${name.toLowerCase()}`;
// Check for duplicate registration
if (pluginCommands.has(key)) {
const existing = pluginCommands.get(key)!;
return {
ok: false,
error: `Command "${command.name}" already registered by plugin "${existing.pluginId}"`,
error: `Command "${name}" already registered by plugin "${existing.pluginId}"`,
};
}
pluginCommands.set(key, { ...command, pluginId });
pluginCommands.set(key, { ...command, name, description, pluginId });
logVerbose(`Registered plugin command: ${key} (plugin: ${pluginId})`);
return { ok: true };
}