harald/zeroclaw
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 3

test(security): cover background-chain validation path

Browse source
This commit is contained in:
Lawyered 2026-02-16 22:34:39 -05:00 committed by Will Sarg
parent 0f56211892
commit e8088f624e
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/security/policy.rs
View file

@ -725,6 +725,14 @@ mod tests {
assert!(result.unwrap_err().contains("high-risk"));
}
#[test]
fn validate_command_rejects_background_chain_bypass() {
let p = default_policy();
let result = p.validate_command_execution("ls & python3 -c 'print(1)'", false);
assert!(result.is_err());
assert!(result.unwrap_err().contains("not allowed"));
}
// ── is_path_allowed ─────────────────────────────────────
#[test]