zeroclaw

History

Argenis 031683aae6 fix(security): use path-component matching for forbidden paths (#132 ) - Use Path::components() to check for actual .. path components instead of simple string matching (which was too conservative) - Block URL-encoded traversal attempts (e.g., ..%2f) - Expand tilde (~) for comparison - Use path-component-aware matching for forbidden paths - Update test to allow .. in filenames but block actual path traversal Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>		2026-02-15 08:30:48 -05:00
..
mod.rs	feat: add Composio tool provider + encrypted secret store + wizard integration	2026-02-14 02:41:29 -05:00
pairing.rs	test: add comprehensive pairing code consumption tests	2026-02-15 07:36:54 -05:00
policy.rs	fix(security): use path-component matching for forbidden paths (#132 )	2026-02-15 08:30:48 -05:00
secrets.rs	Merge pull request #68 from fettpl/fix/key-generation-csprng	2026-02-14 21:41:43 -05:00