From 5a16ec4f083345215ddcdbeadb49342dbdde1a51 Mon Sep 17 00:00:00 2001
From: Peter Steinberger <steipete@gmail.com>
Date: Sat, 9 May 2026 23:06:28 +0100
Subject: [PATCH] test: tighten security audit source assertions

---
 ...udit-channel-source-config-discord.test.ts | 13 ++--
 .../audit-channel-source-config-slack.test.ts | 13 ++--
 src/security/dangerous-config-flags.test.ts   | 78 +++++++++----------
 3 files changed, 50 insertions(+), 54 deletions(-)

diff --git a/src/security/audit-channel-source-config-discord.test.ts b/src/security/audit-channel-source-config-discord.test.ts
index 1136d0be274..0080880cb54 100644
--- a/src/security/audit-channel-source-config-discord.test.ts
+++ b/src/security/audit-channel-source-config-discord.test.ts
@@ -113,13 +113,12 @@ describe("security audit channel source-config fallback discord", () => {
       ],
     });
 
-    expect(findings).toEqual(
-      expect.arrayContaining([
-        expect.objectContaining({
-          checkId: "channels.discord.commands.native.no_allowlists",
-          severity: "warn",
-        }),
-      ]),
+    const finding = findings.find(
+      (entry) => entry.checkId === "channels.discord.commands.native.no_allowlists",
     );
+    if (!finding) {
+      throw new Error("Expected Discord native command no-allowlists finding");
+    }
+    expect(finding.severity).toBe("warn");
   });
 });
diff --git a/src/security/audit-channel-source-config-slack.test.ts b/src/security/audit-channel-source-config-slack.test.ts
index 013047c64a1..7fc3434881b 100644
--- a/src/security/audit-channel-source-config-slack.test.ts
+++ b/src/security/audit-channel-source-config-slack.test.ts
@@ -128,14 +128,13 @@ describe("security audit channel source-config fallback slack", () => {
         plugins: [testCase.plugin(testCase.sourceConfig)],
       });
 
-      expect(findings, testCase.name).toEqual(
-        expect.arrayContaining([
-          expect.objectContaining({
-            checkId: "channels.slack.commands.slash.no_allowlists",
-            severity: "warn",
-          }),
-        ]),
+      const finding = findings.find(
+        (entry) => entry.checkId === "channels.slack.commands.slash.no_allowlists",
       );
+      if (!finding) {
+        throw new Error(`Expected Slack no-allowlists finding for ${testCase.name}`);
+      }
+      expect(finding.severity, testCase.name).toBe("warn");
     }
   });
 });
diff --git a/src/security/dangerous-config-flags.test.ts b/src/security/dangerous-config-flags.test.ts
index bcb8f12994b..47de31b1c1e 100644
--- a/src/security/dangerous-config-flags.test.ts
+++ b/src/security/dangerous-config-flags.test.ts
@@ -68,54 +68,52 @@ describe("collectEnabledInsecureOrDangerousFlags", () => {
   });
 
   it("collects dangerous sandbox, hook, browser, and fs flags", () => {
-    expect(
-      collectEnabledInsecureOrDangerousFlagsFromContracts(
-        asConfig({
-          agents: {
-            defaults: {
+    const flags = collectEnabledInsecureOrDangerousFlagsFromContracts(
+      asConfig({
+        agents: {
+          defaults: {
+            sandbox: {
+              docker: {
+                dangerouslyAllowReservedContainerTargets: true,
+                dangerouslyAllowContainerNamespaceJoin: true,
+              },
+            },
+          },
+          list: [
+            {
+              id: "worker",
               sandbox: {
                 docker: {
-                  dangerouslyAllowReservedContainerTargets: true,
-                  dangerouslyAllowContainerNamespaceJoin: true,
+                  dangerouslyAllowExternalBindSources: true,
                 },
               },
             },
-            list: [
-              {
-                id: "worker",
-                sandbox: {
-                  docker: {
-                    dangerouslyAllowExternalBindSources: true,
-                  },
-                },
-              },
-            ],
+          ],
+        },
+        hooks: {
+          allowRequestSessionKey: true,
+        },
+        browser: {
+          ssrfPolicy: {
+            dangerouslyAllowPrivateNetwork: true,
           },
-          hooks: {
-            allowRequestSessionKey: true,
+        },
+        tools: {
+          fs: {
+            workspaceOnly: false,
           },
-          browser: {
-            ssrfPolicy: {
-              dangerouslyAllowPrivateNetwork: true,
-            },
-          },
-          tools: {
-            fs: {
-              workspaceOnly: false,
-            },
-          },
-        }),
-      ),
-    ).toEqual(
-      expect.arrayContaining([
-        "agents.defaults.sandbox.docker.dangerouslyAllowReservedContainerTargets=true",
-        "agents.defaults.sandbox.docker.dangerouslyAllowContainerNamespaceJoin=true",
-        'agents.list[id="worker"].sandbox.docker.dangerouslyAllowExternalBindSources=true',
-        "hooks.allowRequestSessionKey=true",
-        "browser.ssrfPolicy.dangerouslyAllowPrivateNetwork=true",
-        "tools.fs.workspaceOnly=false",
-      ]),
+        },
+      }),
     );
+
+    expect(flags).toStrictEqual([
+      "hooks.allowRequestSessionKey=true",
+      "browser.ssrfPolicy.dangerouslyAllowPrivateNetwork=true",
+      "tools.fs.workspaceOnly=false",
+      "agents.defaults.sandbox.docker.dangerouslyAllowReservedContainerTargets=true",
+      "agents.defaults.sandbox.docker.dangerouslyAllowContainerNamespaceJoin=true",
+      'agents.list[id="worker"].sandbox.docker.dangerouslyAllowExternalBindSources=true',
+    ]);
   });
 
   it("uses stable agent ids for per-agent dangerous sandbox flags", () => {