fix(exec): block proxy-style env overrides (#58202)

* fix(exec): block proxy-style env overrides * fix(exec): keep trusted host proxy env inherited * fix(exec): block git tls override env vars * fix(skills): block dangerous env override keys
2026-04-04 13:51:30 +00:00 · 2026-03-31 21:25:36 +09:00
parent 28bb8c600e
commit 4d912e0451
7 changed files with 187 additions and 2 deletions
--- a/src/agents/bash-tools.exec.path.test.ts
+++ b/src/agents/bash-tools.exec.path.test.ts
@@ -228,6 +228,22 @@ describe("exec host env validation", () => {
    ).rejects.toThrow(/Security Violation: Environment variable 'LD_DEBUG' is forbidden/);
  });

+  it("blocks proxy and TLS override env vars on host execution", async () => {
+    const tool = createExecTool({ host: "gateway", security: "full", ask: "off" });
+
+    await expect(
+      tool.execute("call1", {
+        command: "echo ok",
+        env: {
+          HTTPS_PROXY: "http://proxy.example.test:8080",
+          NODE_TLS_REJECT_UNAUTHORIZED: "0",
+        },
+      }),
+    ).rejects.toThrow(
+      /Security Violation: blocked override keys: HTTPS_PROXY, NODE_TLS_REJECT_UNAUTHORIZED\./,
+    );
+  });
+
  it("strips dangerous inherited env vars from host execution", async () => {
    if (isWin) {
      return;