github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-08 03:21:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): trust resolved skill-bin paths in allowlist auto-allow

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-24 03:12:22 +00:00
parent 204d9fb404
commit ffd63b7a2c
7 changed files with 243 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/infra/exec-approvals.test.ts
View File

@@ -621,7 +621,7 @@ describe("exec approvals allowlist evaluation", () => {
analysis,
allowlist: [],
safeBins: new Set(),
skillBins: new Set(["skill-bin"]),
skillBins: [{ name: "skill-bin", resolvedPath: "/opt/skills/skill-bin" }],
autoAllowSkills: true,
cwd: "/tmp",
});
@@ -647,7 +647,7 @@ describe("exec approvals allowlist evaluation", () => {
analysis,
allowlist: [],
safeBins: new Set(),
skillBins: new Set(["skill-bin"]),
skillBins: [{ name: "skill-bin", resolvedPath: "/tmp/skill-bin" }],
autoAllowSkills: true,
cwd: "/tmp",
});
@@ -673,7 +673,7 @@ describe("exec approvals allowlist evaluation", () => {
analysis,
allowlist: [],
safeBins: new Set(),
skillBins: new Set(["skill-bin"]),
skillBins: [{ name: "skill-bin", resolvedPath: "/opt/skills/skill-bin" }],
autoAllowSkills: true,
cwd: "/tmp",
});