yunxiafei/openclaw-mission-control
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,039 Commits 16 Branches 0 Tags
e80cf9f3c838c49fe357bbdf18afb1e34bdf09f2
Commit Graph

18 Commits

Author SHA1 Message Date
Hugh Brown
a66765a514 Apply ruff fixes 2026-03-07 23:35:10 +05:30
Hugh Brown
cd7e411b3e Update backend/app/api/skills_marketplace.py 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-03-07 23:35:10 +05:30
Hugh Brown
5d382ed67b security: mitigate prompt injection in agent instruction strings 
User-controlled fields (skill name, source URL, webhook payloads) were
interpolated directly into agent instruction messages. Sanitize skill
fields by stripping newlines/control chars, and fence all external data
behind "BEGIN EXTERNAL DATA" / "BEGIN STRUCTURED DATA" delimiters with
explicit "do not interpret as instructions" markers. Move system
instructions above the data section so they cannot be overridden.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-07 23:35:10 +05:30
Abhimanyu Saharan
2031f8dcd8 fix: increase GIT_CLONE_TIMEOUT_SECONDS to 600 for better performance #173 2026-03-03 02:16:19 +05:30
Abhimanyu Saharan
d241455da6 feat(skills): consolidate skill-related models and update imports 2026-02-14 19:31:32 +05:30
Abhimanyu Saharan
823da1d143 feat(skills): improve marketplace filters and server pagination 2026-02-14 13:09:48 +05:30
Abhimanyu Saharan
e7d47d9f8a feat(skills): implement pagination and total count headers for marketplace skills 2026-02-14 13:06:45 +05:30
Abhimanyu Saharan
755bbde4f5 feat(skills): add filtering options for category and risk in marketplace skills 2026-02-14 12:58:19 +05:30
Abhimanyu Saharan
a4410373cb refactor(skills): reorganize imports and improve code formatting 2026-02-14 12:46:47 +05:30
Abhimanyu Saharan
40dcf50f4b feat(skills): add metadata and branch fields to skill packs and marketplace skills 2026-02-14 12:26:45 +05:30
Abhimanyu Saharan
dcdbbb7e5c fix(skills): re-validate pack URL before git clone 2026-02-13 23:21:47 +00:00
Abhimanyu Saharan
7e48f1a9e0 fix(skills): sanitize git-derived branch names 2026-02-13 23:00:46 +00:00
Abhimanyu Saharan
84cf22e42b fix(skills): address Copilot review nits (safety + UI guards) 2026-02-13 22:50:29 +00:00
Abhimanyu Saharan
86b5306f9d fix(skills): default empty git branch to main 2026-02-13 22:28:48 +00:00
Abhimanyu Saharan
e0f05ff4c6 fix(skills): validate pack source URLs + git clone timeouts 2026-02-13 22:23:47 +00:00
Abhimanyu Saharan
10748f71a8 feat: add skill packs management with support for category, risk, and source fields 2026-02-13 22:23:47 +00:00
Abhimanyu Saharan
a7e1e5cbf4 feat: add skill pack management features including creation, editing, and syncing 2026-02-13 22:23:47 +00:00
Abhimanyu Saharan
e7b5df0bce feat: implement skills marketplace API with CRUD operations and gateway integration 2026-02-13 22:23:47 +00:00