molecule-core

History

Molecule AI CP-BE beba599250 fix(security): SSRF defence — validate URLs before outbound A2A calls Adds isSafeURL() + isPrivateOrMetadataIP() in mcp.go and wires the check into: - MCP delegate_task (sync path) — line 530 - MCP delegate_task_async (fire-and-forget) — line 602 - a2a_proxy resolveAgentURL() — line 391 Blocklist covers: RFC-1918 private (10/8, 172.16/12, 192.168/16), cloud metadata link-local (169.254/16), carrier-grade NAT (100.64/10), documentation ranges (192.0.2/24, 198.51.100/24, 203.0.113/24), loopback, unspecified, and link-local multicast. For hostnames, DNS is resolved and every returned IP is validated — blocks internal hostnames that resolve to private ranges. Closes: #1130 (F1083 — SSRF in A2A proxy and MCP bridge) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-04-20 23:09:11 +00:00
..
cmd/server	fix: harden stuck-provisioning UX — details crash, preflight, sweeper	2026-04-20 14:51:39 -07:00
internal	fix(security): SSRF defence — validate URLs before outbound A2A calls	2026-04-20 23:09:11 +00:00
migrations	feat(auth): organization-scoped API keys for admin access	2026-04-20 14:01:41 -07:00
pkg/provisionhook	fix(docker): fix plugin go.mod replace for TokenProvider interface (#960 )	2026-04-20 13:42:53 -07:00
.gitignore	feat(ws-server): pull env from CP on startup	2026-04-19 02:41:15 -07:00
Dockerfile	fix(docker): fix plugin go.mod replace for TokenProvider interface (#960 )	2026-04-20 13:42:53 -07:00
Dockerfile.tenant	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
entrypoint-tenant.sh	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.mod	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00
go.sum	chore: open-source restructure — rename dirs, remove internal files, scrub secrets	2026-04-18 00:24:44 -07:00