vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-13 11:00:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3daed77ba9161e66e86c98846bebfdcbcfb5244a
openclaw/src/auto-reply/reply
History
fuller-stack-dev 70a4f25ab1 fix(security): remove post-compaction audit injection message (#28507) 
* fix: remove post-compaction audit injection (Layer 3)

Remove the post-compaction read audit that injects fake system messages
into conversations after context compaction. This audit:

- Hardcodes WORKFLOW_AUTO.md (a file that doesn't exist in standard
  workspaces) as a required read after every compaction
- Leaks raw regex syntax (memory\/\d{4}-\d{2}-\d{2}\.md) in
  user-facing warning messages
- Injects messages via enqueueSystemEvent that appear as user-role
  messages, tricking agents into reading attacker-controlled files
- Creates a persistent prompt injection vector (see #27697)

Layer 1 (compaction summary) and Layer 2 (workspace context refresh
from AGENTS.md via post-compaction-context.ts) remain intact and are
sufficient for post-compaction context recovery.

Deleted files:
- src/auto-reply/reply/post-compaction-audit.ts
- src/auto-reply/reply/post-compaction-audit.test.ts

Modified files:
- src/auto-reply/reply/agent-runner.ts (removed imports, audit map,
  flag setting, and Layer 3 audit block)

Fixes #27697, fixes #26851, fixes #20484, fixes #22339, fixes #25600
Relates to #26461

* fix: resolve lint failures from post-compaction audit removal

* Tests: add regression for removed post-compaction audit warnings

---------

Co-authored-by: Wilfred (OpenClaw Agent) <jay@openclaw.dev>
Co-authored-by: Vincent Koc <vincentkoc@ieee.org>
2026-02-27 17:15:59 -08:00
..
commands-acp
Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz)
2026-02-27 10:02:39 +01:00
commands-subagents
Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz)
2026-02-27 10:02:39 +01:00
exec
refactor(auto-reply): share directive arg parsing
2026-02-15 05:05:47 +00:00
export-html
fix(security): harden session export image data-url handling
2026-02-24 02:53:39 +00:00
queue
refactor: centralize followup origin routing helpers
2026-02-24 23:28:58 +00:00
abort-cutoff.ts
refactor(reply): split abort cutoff and timeout policy modules
2026-02-26 14:00:35 +01:00
abort.test.ts
fix(queue): harden drain/abort/timeout race handling
2026-02-26 13:43:39 +01:00
abort.ts
refactor(reply): split abort cutoff and timeout policy modules
2026-02-26 14:00:35 +01:00
acp-projector.test.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
acp-projector.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
agent-runner-execution.ts
fix(auto-reply): tighten silent token semantics and prefix streaming
2026-02-26 16:04:48 +05:30
agent-runner-helpers.test.ts
test(reply): replace heavy resets in media and runner helper specs
2026-02-22 08:15:28 +00:00
agent-runner-helpers.ts
refactor(reply): share verbose gate helpers
2026-02-18 18:25:25 +00:00
agent-runner-memory.ts
refactor(reply): share embedded run fallback/context builders
2026-02-18 19:02:25 +00:00
agent-runner-payloads.test.ts
test: add routing/session isolation edge-case regressions
2026-02-24 23:28:58 +00:00
agent-runner-payloads.ts
refactor: centralize followup origin routing helpers
2026-02-24 23:28:58 +00:00
agent-runner-utils.test.ts
refactor(agents): centralize model fallback resolution
2026-02-25 04:32:31 +00:00
agent-runner-utils.ts
refactor(agents): centralize model fallback resolution
2026-02-25 04:32:31 +00:00
agent-runner.misc.runreplyagent.test.ts
fix(security): remove post-compaction audit injection message (#28507)
2026-02-27 17:15:59 -08:00
agent-runner.runreplyagent.test.ts
test(agent-runner): add overflow empty-payload regression coverage (#26905)
2026-02-25 23:57:58 +00:00
agent-runner.ts
fix(security): remove post-compaction audit injection message (#28507)
2026-02-27 17:15:59 -08:00
audio-tags.ts
refactor: consolidate reply/media helpers
2026-01-10 02:41:16 +01:00
bash-command.ts
refactor(security): unify command gating and blocked-key guards
2026-02-21 13:04:37 +01:00
block-reply-coalescer.ts
fix: preserve off-mode semantics in auto reply threading (#14976) (thanks @Diaspar4u)
2026-02-13 05:22:14 +01:00
block-reply-pipeline.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
block-streaming.test.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
block-streaming.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
body.ts
fix(auto-reply): prevent sender spoofing in group prompts
2026-02-10 00:44:38 -06:00
command-gates.ts
refactor(security): unify command gating and blocked-key guards
2026-02-21 13:04:37 +01:00
commands-acp.test.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
commands-acp.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
commands-allowlist.ts
refactor(security): enforce account-scoped pairing APIs
2026-02-26 21:57:52 +01:00
commands-approve.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-bash.ts
refactor(security): unify command gating and blocked-key guards
2026-02-21 13:04:37 +01:00
commands-compact.ts
fix: pass agentDir to /compact command for agent-specific auth (#24133)
2026-02-23 02:33:35 -05:00
commands-config.ts
refactor(security): unify command gating and blocked-key guards
2026-02-21 13:04:37 +01:00
commands-context-report.test.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-context-report.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-context.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-core.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
commands-export-session.ts
refactor(session): centralize transcript path option resolution
2026-02-22 12:02:38 +01:00
commands-info.ts
Channels: add thread-aware model overrides
2026-02-20 19:26:25 -06:00
commands-models.ts
fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg
2026-02-19 21:16:26 -06:00
commands-plugin.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-session-abort.ts
refactor(reply): split abort cutoff and timeout policy modules
2026-02-26 14:00:35 +01:00
commands-session-lifecycle.test.ts
Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz)
2026-02-27 10:02:39 +01:00
commands-session-store.ts
refactor(reply): split abort cutoff and timeout policy modules
2026-02-26 14:00:35 +01:00
commands-session.ts
Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz)
2026-02-27 10:02:39 +01:00
commands-setunset-standard.ts
refactor(auto-reply): share standard set/unset slash parsing
2026-02-18 23:09:09 +00:00
commands-setunset.test.ts
test(messaging): dedupe parser/proxy/followup test scaffolding
2026-02-19 07:24:02 +00:00
commands-setunset.ts
refactor(auto-reply): share slash set/unset command parsing
2026-02-18 17:48:01 +00:00
commands-slash-parse.ts
refactor(auto-reply): share slash parsing for config/debug
2026-02-16 02:11:12 +00:00
commands-spawn.test-harness.ts
test(auto-reply): dedupe command spawn test harness
2026-02-17 00:11:02 +00:00
commands-status.ts
fix(agents): fall back to agents.defaults.model when agent has no model config (#24210)
2026-02-23 03:18:55 -05:00
commands-subagents-focus.test.ts
Discord: thread bindings idle + max-age lifecycle (#27845) (thanks @osolmaz)
2026-02-27 10:02:39 +01:00
commands-subagents-spawn.test.ts
test: dedupe auto-reply web and signal flows
2026-02-22 17:11:54 +00:00
commands-subagents.test-mocks.ts
test: dedupe auto-reply web and signal flows
2026-02-22 17:11:54 +00:00
commands-subagents.ts
feat: thread-bound subagents on Discord (#21805)
2026-02-21 16:14:55 +01:00
commands-system-prompt.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
commands-tts.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
commands-types.ts
fix(hooks): backfill reset command hooks for native /new path
2026-02-24 14:27:48 +00:00
commands.test-harness.ts
chore: Fix types in tests 1/N.
2026-02-17 10:26:49 +09:00
commands.test.ts
fix(hooks): backfill reset command hooks for native /new path
2026-02-24 14:27:48 +00:00
commands.ts
refactor(auto-reply): split reply pipeline
2026-01-14 09:11:16 +00:00
config-commands.ts
refactor(auto-reply): share standard set/unset slash parsing
2026-02-18 23:09:09 +00:00
config-value.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
debug-commands.ts
refactor(auto-reply): share standard set/unset slash parsing
2026-02-18 23:09:09 +00:00
directive-handling.auth.ts
refactor(auth): share remaining-time formatter
2026-02-19 00:17:31 +00:00
directive-handling.fast-lane.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
directive-handling.impl.ts
fix(reasoning): persist off override for discord directives
2026-02-23 00:50:13 +01:00
directive-handling.levels.ts
refactor(auto-reply): share directive level resolution
2026-02-16 01:45:51 +00:00
directive-handling.model-picker.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
directive-handling.model.test.ts
fix(models): normalize trailing @profile parsing across resolver paths
2026-02-26 14:34:15 +01:00
directive-handling.model.ts
feat(auto-reply): add model fallback lifecycle visibility in status, verbose logs, and WebUI (#20704)
2026-02-19 14:33:02 -08:00
directive-handling.params.ts
refactor(auto-reply): share directive handling params
2026-02-15 05:25:55 +00:00
directive-handling.parse.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
directive-handling.persist.ts
fix(reasoning): persist off override for discord directives
2026-02-23 00:50:13 +01:00
directive-handling.queue-validation.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
directive-handling.shared.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
directive-handling.ts
chore: migrate to oxlint and oxfmt
2026-01-14 15:02:19 +00:00
directive-parsing.ts
refactor(auto-reply): share directive arg parsing
2026-02-15 05:05:47 +00:00
directives.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
dispatch-acp.ts
feat: ACP thread-bound agents (#23580)
2026-02-26 11:00:09 +01:00
dispatch-from-config.test.ts
fix: harden typing lifecycle and cross-channel suppression
2026-02-26 17:01:09 +01:00
dispatch-from-config.ts
refactor: unify typing dispatch lifecycle and policy boundaries
2026-02-26 17:36:16 +01:00
dispatcher-registry.ts
fix: defer gateway restart until all replies are sent (#12970)
2026-02-14 00:29:29 +01:00
elevated-allowlist-matcher.ts
refactor(security): split elevated allowFrom matcher internals
2026-02-22 22:20:04 +01:00
elevated-unavailable.ts
refactor(auto-reply): share elevated unavailable message
2026-02-14 15:39:45 +00:00
exec.ts
feat: add /exec session overrides
2026-01-18 06:12:54 +00:00
followup-runner.test.ts
fix(typing): call markDispatchIdle in followup runner to prevent stuck indicator (#26881)
2026-02-26 00:53:38 +00:00
followup-runner.ts
fix(typing): call markDispatchIdle in followup runner to prevent stuck indicator (#26881)
2026-02-26 00:53:38 +00:00
get-reply-directives-apply.ts
fix(agents): harden bash tool and reply directive handling
2026-02-22 11:29:31 +00:00
get-reply-directives-utils.ts
refactor(auto-reply): share cleared exec fields
2026-02-15 16:45:25 +00:00
get-reply-directives.ts
fix(auto-reply): gate inline directives on resolved auth (#27248)
2026-02-26 13:11:39 +00:00
get-reply-inline-actions.skip-when-config-empty.test.ts
fix(queue): harden drain/abort/timeout race handling
2026-02-26 13:43:39 +01:00
get-reply-inline-actions.ts
refactor(reply): split abort cutoff and timeout policy modules
2026-02-26 14:00:35 +01:00
get-reply-run.media-only.test.ts
fix: harden typing lifecycle and cross-channel suppression
2026-02-26 17:01:09 +01:00
get-reply-run.ts
refactor: unify typing dispatch lifecycle and policy boundaries
2026-02-26 17:36:16 +01:00
get-reply.reset-hooks-fallback.test.ts
fix(hooks): backfill reset command hooks for native /new path
2026-02-24 14:27:48 +00:00
get-reply.ts
fix(hooks): backfill reset command hooks for native /new path
2026-02-24 14:27:48 +00:00
groups.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
history.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
inbound-context.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
inbound-dedupe.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
inbound-meta.test.ts
test(auto-reply): cover inbound timestamp guard
2026-02-26 17:10:09 +00:00
inbound-meta.ts
feat(auto-reply): make agent time-aware with message timestamps
2026-02-26 17:10:09 +00:00
inbound-text.ts
fix(inbound): preserve literal backslash-n sequences in Windows paths (#11547)
2026-02-13 18:24:01 +01:00
line-directives.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
memory-flush.test.ts
chore: Fix types in tests 42/N.
2026-02-17 15:50:07 +09:00
memory-flush.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
mentions.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
model-selection.test.ts
Default reasoning to on when model has reasoning: true (fix #22456) (#22513)
2026-02-22 12:19:36 -05:00
model-selection.ts
Default reasoning to on when model has reasoning: true (fix #22456) (#22513)
2026-02-22 12:19:36 -05:00
normalize-reply.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
origin-routing.test.ts
refactor: centralize followup origin routing helpers
2026-02-24 23:28:58 +00:00
origin-routing.ts
refactor: centralize followup origin routing helpers
2026-02-24 23:28:58 +00:00
post-compaction-context.test.ts
fix: improve section extraction robustness (case-insensitive, H3, code blocks)
2026-02-17 00:00:20 +01:00
post-compaction-context.ts
feat: append workspace critical rules to compaction summary
2026-02-17 00:00:20 +01:00
provider-dispatcher.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
queue-policy.test.ts
refactor: consolidate typing lifecycle and queue policy
2026-02-25 02:16:03 +00:00
queue-policy.ts
refactor: consolidate typing lifecycle and queue policy
2026-02-25 02:16:03 +00:00
queue.ts
fix: hard-abort clears queues on /stop
2026-01-16 21:15:25 +00:00
reply-delivery.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
reply-directives.ts
refactor: unify inline directives and media fetch
2026-01-10 03:01:04 +01:00
reply-dispatcher.ts
refactor: consolidate typing lifecycle and queue policy
2026-02-25 02:16:03 +00:00
reply-elevated.test.ts
fix(security): tighten elevated allowFrom sender matching
2026-02-22 22:00:08 +01:00
reply-elevated.ts
refactor(security): split elevated allowFrom matcher internals
2026-02-22 22:20:04 +01:00
reply-flow.test.ts
fix(auto-reply): tighten silent token semantics and prefix streaming
2026-02-26 16:04:48 +05:30
reply-inline.ts
chore: Enable "curly" rule to avoid single-statement if confusion/errors.
2026-01-31 16:19:20 +09:00
reply-payloads.test.ts
fix(replies): normalize media path variants for dedupe
2026-02-22 19:34:30 +01:00
reply-payloads.ts
refactor: extract iMessage echo cache and unify suppression guards
2026-02-25 00:53:39 +00:00
reply-plumbing.test.ts
fix(slack): finalize replyToMode off threading behavior (#23799)
2026-02-22 13:27:50 -05:00
reply-reference.ts
fix: update replyToMode notes (#11062) (thanks @cordx56)
2026-02-12 18:50:36 -06:00
reply-state.test.ts
test: dedupe auto-reply web and signal flows
2026-02-22 17:11:54 +00:00
reply-tags.ts
refactor: unify inline directives and media fetch
2026-01-10 03:01:04 +01:00
reply-threading.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
reply-utils.test.ts
fix: harden typing lifecycle and cross-channel suppression
2026-02-26 17:01:09 +01:00
response-prefix-template.ts
chore: apply local workspace updates (#9911)
2026-02-05 16:54:44 -05:00
route-reply.test.ts
fix(auto-reply): tighten silent token semantics and prefix streaming
2026-02-26 16:04:48 +05:30
route-reply.ts
refactor: unify outbound session context wiring
2026-02-26 21:03:28 +01:00
session-reset-model.ts
style: align formatting with oxfmt 0.33
2026-02-18 01:34:35 +00:00
session-reset-prompt.ts
Session: enforce startup sequence on bare reset greeting
2026-02-20 20:38:56 -08:00
session-run-accounting.ts
fix(auth/session): preserve override reset behavior and repair oauth profile-id drift (openclaw#18820) thanks @Glucksberg
2026-02-19 21:16:26 -06:00
session-updates.ts
feat: surface cached token counts in /status output (openclaw#21248) thanks @vishaltandale00
2026-02-19 21:06:13 -06:00
session-usage.ts
Sessions: persist prompt-token totals without usage
2026-02-21 23:37:42 -08:00
session.test.ts
test(session): normalize parent fork parentSession path assertion
2026-02-26 14:47:22 +00:00
session.ts
fix(session): prevent silent overflow on parent thread forks (#26912)
2026-02-25 23:54:02 +00:00
stage-sandbox-media.ts
style: format files and fix safe-bins e2e typing
2026-02-19 14:26:12 +01:00
streaming-directives.ts
fix(auto-reply): tighten silent token semantics and prefix streaming
2026-02-26 16:04:48 +05:30
strip-inbound-meta.test.ts
fix: hide synthetic untrusted metadata in chat history
2026-02-21 19:26:04 +01:00
strip-inbound-meta.ts
fix: hide synthetic untrusted metadata in chat history
2026-02-21 19:26:04 +01:00
subagents-utils.test.ts
refactor(subagents): share run target resolution
2026-02-18 18:25:25 +00:00
subagents-utils.ts
refactor(subagents): share run target resolution
2026-02-18 18:25:25 +00:00
test-ctx.ts
style: oxfmt
2026-01-17 10:26:08 +00:00
test-helpers.ts
chore: Enable "experimentalSortImports" in Oxfmt and reformat all imorts.
2026-02-01 10:03:47 +09:00
typing-mode.ts
fix: harden typing lifecycle and cross-channel suppression
2026-02-26 17:01:09 +01:00
typing-persistence.test.ts
fix(typing): stop keepalive restarts after run completion (land #27413, thanks @widingmarcus-cyber)
2026-02-26 11:42:38 +00:00
typing-policy.test.ts
refactor: unify typing dispatch lifecycle and policy boundaries
2026-02-26 17:36:16 +01:00
typing-policy.ts
refactor: unify typing dispatch lifecycle and policy boundaries
2026-02-26 17:36:16 +01:00
typing.ts
refactor: unify typing dispatch lifecycle and policy boundaries
2026-02-26 17:36:16 +01:00
untrusted-context.ts
fix(security): separate untrusted channel metadata from system prompt (thanks @KonstantinMirin)
2026-02-03 23:02:45 -08:00