fix(security): Gemini API key header + Mutex safety + Agent validation
Some checks failed
CI / Build Frontend (push) Has been cancelled
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Build Frontend (push) Has been cancelled
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
M1-01: Move Gemini API key from URL query param to x-goog-api-key header,
preventing key leakage in logs/proxy/telemetry (matches Anthropic/OpenAI pattern)
M1-03/M1-04: Replace Mutex .unwrap() with .unwrap_or_else(|e| e.into_inner())
in MemoryMiddleware and LoopGuardMiddleware — recovers from poison
instead of panicking async runtime
M2-08: Add input validation to agent_create — reject empty names,
out-of-range temperature (0-2), and zero max_tokens
M11-06: Replace Date.now() message ID with crypto.randomUUID()
to prevent collisions in classroom chat
This commit is contained in:
iven
@@ -73,6 +73,18 @@ pub async fn agent_create(
|
||||
state: State<'_, KernelState>,
|
||||
request: CreateAgentRequest,
|
||||
) -> Result<CreateAgentResponse, String> {
|
||||
// Input validation
|
||||
let name_trimmed = request.name.trim();
|
||||
if name_trimmed.is_empty() {
|
||||
return Err("Agent name cannot be empty".to_string());
|
||||
}
|
||||
if request.temperature < 0.0 || request.temperature > 2.0 {
|
||||
return Err(format!("Temperature must be between 0 and 2, got {}", request.temperature));
|
||||
}
|
||||
if request.max_tokens == 0 {
|
||||
return Err("max_tokens must be greater than 0".to_string());
|
||||
}
|
||||
|
||||
let kernel_lock = state.lock().await;
|
||||
|
||||
let kernel = kernel_lock.as_ref()
|
||||
|
||||
Reference in New Issue
Block a user