mirror of https://github.com/openclaw/openclaw.git synced 2026-06-24 19:19:35 +00:00

Files

Alix-007 605aede38c fix(exa): bound untrusted search JSON response reads (#96038 )

Exa search success responses were read via an unbounded `await
response.json()`, so a misbehaving or hostile endpoint could stream an
arbitrarily large body into memory before parsing. Read the success
body through the shared bounded reader (16 MiB cap, the same limit other
bundled providers use) and cancel the stream on overflow. This mirrors
the error-body bound already in place and the #95103/#95108 response
-limit campaign on the success-JSON side.

AI-assisted.

2026-06-24 10:57:37 -04:00

src

fix(exa): bound untrusted search JSON response reads (#96038 )

2026-06-24 10:57:37 -04:00

index.ts

docs: document small extension sources

2026-06-04 21:02:07 -04:00

npm-shrinkwrap.json

chore(release): close out 2026.6.10 on main (#96271 )

2026-06-24 11:51:14 +08:00

openclaw.plugin.json

refactor: internalize OpenClaw agent runtime (#85341 )

2026-05-27 19:24:04 +01:00

package.json

chore(release): close out 2026.6.10 on main (#96271 )

2026-06-24 11:51:14 +08:00

README.md

feat(plugins): externalize official provider batch

2026-06-19 01:05:52 +08:00

test-api.ts

docs: document small extension sources

2026-06-04 21:02:07 -04:00

tsconfig.json

…

web-search-contract-api.ts

docs: document small extension sources

2026-06-04 21:02:07 -04:00

web-search-provider.ts

docs: document small extension sources

2026-06-04 21:02:07 -04:00

README.md

OpenClaw Exa Plugin

Official OpenClaw plugin for Exa.

Install from OpenClaw:

openclaw plugins install @openclaw/exa-plugin
openclaw gateway restart

See https://docs.openclaw.ai/tools/exa-search for setup and configuration.