Teknium 73a88a02fe fix(security): prevent shell injection in _expand_path via ~user path suffix (#2047) ...

echo was called with the full unquoted path (~username/suffix), allowing
command substitution in the suffix (e.g. ~user/$(malicious)) to execute
arbitrary shell commands. The fix expands only the validated ~username
portion via the shell and concatenates the suffix as a plain string.

Co-authored-by: Gutslabs <gutslabsxyz@gmail.com>

2026-03-23 16:00:34 -07:00

..

browser_providers

feat(browser): multi-provider cloud browser support + Browser Use integration

2026-03-17 00:16:34 -07:00

environments

fix(daytona): migrate sandbox lookup from find_one to get/list

2026-03-19 17:54:46 +01:00

neutts_samples

refactor(tts): replace NeuTTS optional skill with built-in provider + setup flow

2026-03-17 02:33:12 -07:00

__init__.py

feat: compress cron management into one tool

2026-03-14 12:21:50 -07:00

ansi_strip.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

approval.py

fix(approval): honor bare YAML approvals.mode: off (#2620)

2026-03-23 06:56:09 -07:00

browser_tool.py

chore: remove unused imports, dead code, and stale comments

2026-03-22 08:33:34 -07:00

checkpoint_manager.py

feat: major /rollback improvements — enabled by default, diff preview, file-level restore, conversation undo, terminal checkpoints

2026-03-16 04:43:37 -07:00

clarify_tool.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

code_execution_tool.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

cronjob_tools.py

fix: normalize repeat<=0 to None to prevent cron jobs deleting after first run (#2612)

2026-03-23 06:35:43 -07:00

debug_helpers.py

refactor: consolidate debug logging across tools with shared DebugSession class

2026-02-21 03:53:24 -08:00

delegate_tool.py

fix: 6 bugs in model metadata, reasoning detection, and delegate tool

2026-03-20 08:52:37 -07:00

file_operations.py

fix(security): prevent shell injection in _expand_path via ~user path suffix (#2047)

2026-03-23 16:00:34 -07:00

file_tools.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

fuzzy_match.py

fix(tools): browser handler safety + fuzzy_match docstring accuracy

2026-03-17 04:32:39 -07:00

homeassistant_tool.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

honcho_tools.py

fix(honcho): isolate session routing for multi-user gateway (#1500)

2026-03-16 00:23:47 -07:00

image_generation_tool.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

interrupt.py

feat: enhance interrupt handling and container resource configuration

2026-02-23 02:11:33 -08:00

mcp_oauth.py

fix(mcp-oauth): port mismatch, path traversal, and shared handler state (salvage #2521) (#2552)

2026-03-22 15:02:26 -07:00

mcp_tool.py

feat(cli): MCP server management CLI + OAuth 2.1 PKCE auth

2026-03-22 04:52:52 -07:00

memory_tool.py

fix(memory): file-lock read-modify-write to prevent concurrent data loss

2026-03-17 04:19:11 -07:00

mixture_of_agents_tool.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

neutts_synth.py

fix(tts): document NeuTTS provider and align install guidance (#1903)

2026-03-18 02:55:30 -07:00

openrouter_client.py

refactor: route ad-hoc LLM consumers through centralized provider router

2026-03-11 20:02:36 -07:00

patch_parser.py

fix(patch): use regex to detect line-number prefix to avoid corrupting pipe chars

2026-03-14 03:47:13 -07:00

process_registry.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

registry.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

rl_training_tool.py

fix: replace production print() calls with logger in rl_training_tool (salvage #1981) (#2462)

2026-03-22 04:35:23 -07:00

send_message_tool.py

fix: add missing platforms to cron/send_message delivery maps and tool schema

2026-03-20 08:52:21 -07:00

session_search_tool.py

fix(session_search): exclude current session lineage

2026-03-20 21:07:48 -07:00

skill_manager_tool.py

fix(skills_guard): agent-created dangerous skills ask instead of block

2026-03-22 03:56:02 -07:00

skills_guard.py

fix(skills_guard): agent-created dangerous skills ask instead of block

2026-03-22 03:56:02 -07:00

skills_hub.py

fix: skills hub inspect/resolve — 4 bugs

2026-03-22 04:03:28 -07:00

skills_sync.py

fix: make skills manifest writes atomic

2026-03-08 23:53:57 -07:00

skills_tool.py

fix: disabled skills respected across banner, system prompt, slash commands, and skill_view (#1897)

2026-03-18 03:17:37 -07:00

terminal_tool.py

fix: strip ANSI at the source — clean terminal output before it reaches the model

2026-03-23 07:43:12 -07:00

tirith_security.py

fix: send_animation metadata, MarkdownV2 inline code splitting, tirith cosign-free install (#1626)

2026-03-16 23:39:41 -07:00

todo_tool.py

feat(tools): centralize tool emoji metadata in registry + skin integration

2026-03-15 20:21:21 -07:00

transcription_tools.py

fix(stt): respect explicit provider config instead of env-var fallback (#1775)

2026-03-17 10:30:58 -07:00

tts_tool.py

feat(tools): add base_url support to OpenAI TTS provider

2026-03-19 23:55:13 +08:00

url_safety.py

fix(security): add SSRF protection to vision_tools and web_tools (hardened)

2026-03-23 15:40:42 -07:00

vision_tools.py

fix(vision): make SSRF redirect guard async for httpx.AsyncClient

2026-03-23 15:44:52 -07:00

voice_mode.py

fix: improve error message when PortAudio system library is missing

2026-03-22 04:38:17 -07:00

web_tools.py

fix(security): add SSRF protection to vision_tools and web_tools (hardened)

2026-03-23 15:40:42 -07:00

website_policy.py

fix: harden website blocklist — default off, TTL cache, fail-open, guarded imports

2026-03-17 03:11:26 -07:00