iven/zclaw_openfang
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(security): add security configuration and tool validation

Browse Source 
Security Configuration:
- config/security.toml with shell_exec, file_read, file_write, web_fetch, browser, and mcp settings
- Command whitelist/blacklist for shell execution
- Path restrictions for file operations
- SSRF protection for web fetch

Tool Security Implementation:
- ShellSecurityConfig with whitelist/blacklist validation
- ShellExecTool with actual command execution
- Timeout and output size limits
- Security checks before command execution

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
iven
2026-03-24 03:10:32 +08:00
parent 84601776d9
commit e49ba4460b
4 changed files with 334 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crates/zclaw-runtime/Cargo.toml
View File

@@ -17,6 +17,7 @@ futures = { workspace = true }
async-stream = { workspace = true }
serde = { workspace = true }
serde_json = { workspace = true }
toml = { workspace = true }
thiserror = { workspace = true }
uuid = { workspace = true }
chrono = { workspace = true }