vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-07 03:30:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(ci): add MCP process CodeQL shard

Browse Source 
Adds the focused MCP/process/tool-execution CodeQL security shard and documents it in CI docs.

Proof:
- Branch CodeQL security run https://github.com/openclaw/openclaw/actions/runs/25132942030 passed on 9d8ca2bae7.
- New mcp-process-tool-boundary analysis 1200250367 returned 0 results.
- Branch open CodeQL alerts: none.
- Workflow Sanity, Blacksmith Testbox, Blacksmith Build Artifacts Testbox, and OpenGrep PR Diff passed.
This commit is contained in:
Vincent Koc
2026-04-29 13:48:53 -07:00
committed by GitHub
parent 06fcd3b60e
commit cd6efd1a42
3 changed files with 68 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/codeql.yml vendored
View File

@@ -51,6 +51,11 @@ jobs:
runs_on: blacksmith-4vcpu-ubuntu-2404
timeout_minutes: 25
config_file: ./.github/codeql/codeql-network-ssrf-boundary-critical-security.yml
- language: javascript-typescript
category: mcp-process-tool-boundary
runs_on: blacksmith-4vcpu-ubuntu-2404
timeout_minutes: 25
config_file: ./.github/codeql/codeql-mcp-process-tool-boundary-critical-security.yml
- language: actions
category: actions
runs_on: blacksmith-8vcpu-ubuntu-2404