molecule-ai/docs
35
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
182 Commits 23 Branches 0 Tags 1.6 MiB
d8aaca8e7b
Commit Graph

164 Commits

Author SHA1 Message Date
molecule-ai[bot]
3078a6362a revert: remove doubled-path nesting bug from PR #77 
The CWE-78 Scope Refinement and F1085 entries were added at the
wrong nested path:
  BAD:  content/docs/security/content/docs/security/changelog.md
  GOOD: content/docs/security/changelog.md

This revert removes the bad file from main. The correct-path file
(content/docs/security/changelog.md) has the original 5 entries
and will be the build source going forward.

A follow-up PR will add the two missing entries at the correct path.

Closes: docs site ECONNREFUSED (Vercel build failure)
 2026-04-22 19:49:05 +00:00
molecule-ai[bot]
f1978aa634
docs(security): add CWE-78 scope regression + F1085 redactSecrets changelog entries (#77) 
* docs(security): add CWE-78 scope regression and F1085 redactSecrets entries

2026-04-21 — CWE-78: Scope Refinement in deleteViaEphemeral
- PRs #1310 (original), #1328 (scope refinement)
- Commit 64ccf8e removes user-supplied scope argument from rm command
- Prevents path traversal within validated path

2026-04-21 — F1085: Credential Scrub Before Workspace Memory Seeding
- PRs #1203, #1206
- seedInitialMemories() now calls redactSecrets() before INSERT
- Templates with API keys no longer stored in plain text in agent_memories

Co-Authored-By: Technical Writer Agent <technical-writer@agents.moleculesai.app>

* docs(security): fix CWE-78 entry — correct commit SHA and vulnerability description

- Commit: 64ccf8e → f3ec07a
- Vulnerability: corrected from "scope manipulation" framing to accurate
  "exec-form rm regression causing volume-wide deletion" description.
  rm -rf treats each arg as independent deletion target, not combined scope.
  Bug is a regression from the PR #1310 exec-form refactor.

Co-Authored-By: Technical Writer Agent <technical-writer@agents.moleculesai.app>

---------

Co-authored-by: Molecule AI Technical Writer <technical-writer@agents.moleculesai.app>
Co-authored-by: Molecule AI App-FE <app-fe@agents.moleculesai.app>
 2026-04-22 11:08:56 +00:00
molecule-ai[bot]
5a48d8f8aa
docs(guides): fix browser-testing install — remove fabricated --from plugin: syntax (#76) 
* docs(guides): add browser-testing skill — Playwright from molecule-ai-plugin-browser-automation

Added browser-testing (Playwright headless Chromium) as a new Browser skill
alongside browser-automation in the skill-catalog.md table. Includes install
examples for both CLI and config.yaml, and a note about Playwright system
dependencies.

Ref: molecule-ai-plugin-browser-automation#4

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* docs(guides): fix browser-testing install docs — remove fabricated --from plugin: syntax

- Change source: plugin:molecule-ai-plugin-browser-automation → source: plugin
- Remove --from plugin: CLI example (flag does not exist in molecule-core CLI)
- Replace install section with auto-discovery note: browser-testing is
  auto-discovered when the plugin is installed, no extra flags needed

Co-Authored-By: Technical Writer Agent <technical-writer@agents.moleculesai.app>

---------

Co-authored-by: Molecule AI Technical Writer <technical-writer@agents.moleculesai.app>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-22 11:08:53 +00:00
molecule-ai[bot]
f0244ef272
fix(docs): correct broken link ./platform-api.md → ./reference.md in workspace-files.mdx 2026-04-21 15:52:10 +00:00
molecule-ai[bot]
55e90c8f92
Merge pull request #73 from Molecule-AI/docs/skill-catalog-backfill-from-core-1419 
docs: backfill skill-catalog, workspace-files API ref, and skills-vs-bundled-tools blog
 2026-04-21 15:45:04 +00:00
molecule-ai[bot]
2562f98c90
docs(security): April 21 security changelog entries (#71) 
* docs(security): add April 21 security changelog entries

- CWE-918 SSRF: add PR #1364, SaaS-mode VPC-private IP exception,
  IPv6 bypass fix (isPrivateOrMetadataIP now handles non-IPv4 inputs)
- Audit Ledger HMAC Chain Guard: add PRs #1339, #1352, #1354
- Credential Scrub: add PRs #1282, #1355, #1359 (F1088 err.Error() leak)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: add trailing newline to security/changelog.md (Vercel build requirement)

* fix(docs): correct INCIDENT_LOG.md path from docs/incidents/ to content/docs/incidents/

Vercel build fails because broken link reference in security/changelog.md.
The actual file lives at content/docs/incidents/INCIDENT_LOG.md.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Molecule AI Documentation Specialist <documentation-specialist@agents.moleculesai.app>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: molecule-ai[bot] <276602405+molecule-ai[bot]@users.noreply.github.com>
Co-authored-by: Molecule AI Integration Tester <integration-tester@agents.moleculesai.app>
 2026-04-21 15:27:36 +00:00
Molecule AI Technical Writer
6ca6eee63d fix(docs): correct secrets endpoint path across public docs 
The secrets endpoint is GET /workspaces/:id/secrets, not
GET /workspaces/:id/secrets/values. Fix three occurrences in:
- workspace-runtime.md: comparison table and curl example
- remote-workspaces.md: ASCII diagram and Phase 30.2 table

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 15:23:54 +00:00
Molecule AI Technical Writer
0cb987c986 docs: backfill skill-catalog, workspace-files API ref, and skills-vs-bundled-tools blog 
Port three docs from molecule-core PR #1419 into public docs:
- docs/guides/skill-catalog.md: new skill catalog CLI guide
- docs/api/workspace-files.mdx: new CWE-22 path traversal API reference
- blog/2026-04-21-skills-vs-bundled-tools: new blog post

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-21 15:20:11 +00:00
molecule-ai[bot]
a1e554f670
docs(security): update CWE-918 entry — add PR #1430 regression fix, SaaS mode gating table, IPv6 coverage 2026-04-21 15:11:19 +00:00
molecule-ai[bot]
b30863a31d
docs: add frontmatter to glossary.md 2026-04-21 08:31:24 +00:00
molecule-ai[bot]
1b51b7d908
docs: add frontmatter to workspace-runtime.md 2026-04-21 08:21:17 +00:00
molecule-ai[bot]
96d9d95bf8
docs: add frontmatter to guides/same-origin-canvas-fetches.md 2026-04-21 08:20:56 +00:00
molecule-ai[bot]
15786ef587
docs: add frontmatter to guides/external-agent-registration.md 2026-04-21 08:20:54 +00:00
molecule-ai[bot]
ef21f21087
docs: add frontmatter to guides/remote-workspaces-faq.md 2026-04-21 08:20:53 +00:00
molecule-ai[bot]
37faf02206
docs: add frontmatter to guides/mcp-server-setup.md 2026-04-21 08:20:52 +00:00
molecule-ai[bot]
45f992f08b
docs: add frontmatter to guides/token-management.md 2026-04-21 08:20:50 +00:00
molecule-ai[bot]
12a5bed4b1
docs: add frontmatter to guides/remote-workspaces.md 2026-04-21 08:20:49 +00:00
molecule-ai[bot]
54dd34ea01
docs: add INCIDENT_LOG.md 2026-04-21 08:02:57 +00:00
molecule-ai[bot]
b864595bb4
docs: add docs/adr/ADR-001-admin-token-scope.md 2026-04-21 08:02:37 +00:00
molecule-ai[bot]
ddb5c8a133
docs: add docs/research/cognee-isolation-eval.md 2026-04-21 08:02:36 +00:00
molecule-ai[bot]
cad80ee73d
docs: add docs/research/cognee-architecture-deep-dive.md 2026-04-21 08:02:35 +00:00
molecule-ai[bot]
96878a7c26
docs: add docs/adapters/medo-smoke-test-log.md 2026-04-21 08:02:34 +00:00
molecule-ai[bot]
891f36fe09
docs: add docs/adapters/medo-integration.md 2026-04-21 08:02:33 +00:00
molecule-ai[bot]
58ba097395
docs: add docs/adapters/hermes-recon.md 2026-04-21 08:02:32 +00:00
molecule-ai[bot]
addb8b907e
docs: add docs/adapters/hermes-adapter-plan.md 2026-04-21 08:02:31 +00:00
molecule-ai[bot]
f2e89359ff
docs: add docs/adapters/hermes-adapter-design.md 2026-04-21 08:02:30 +00:00
molecule-ai[bot]
aef44dacce
docs: add docs/plugins/sources.md 2026-04-21 08:02:29 +00:00
molecule-ai[bot]
6aece0f6de
docs: add docs/plugins/agentskills-compat.md 2026-04-21 08:02:28 +00:00
molecule-ai[bot]
52a36a06f5
docs: add docs/api-protocol/websocket-events.md 2026-04-21 07:53:26 +00:00
molecule-ai[bot]
531f6adf36
docs: add docs/api-protocol/registry-and-heartbeat.md 2026-04-21 07:53:25 +00:00
molecule-ai[bot]
7d81ee0ea4
docs: add docs/api-protocol/platform-api.md 2026-04-21 07:53:24 +00:00
molecule-ai[bot]
a2902e1e40
docs: add docs/api-protocol/communication-rules.md 2026-04-21 07:53:23 +00:00
molecule-ai[bot]
e18c40a3ec
docs: add docs/api-protocol/a2a-protocol.md 2026-04-21 07:53:22 +00:00
molecule-ai[bot]
7f107841a0
docs: add docs/agent-runtime/system-prompt-structure.md 2026-04-21 07:53:21 +00:00
molecule-ai[bot]
0482b83e40
docs: add docs/agent-runtime/cli-runtime.md 2026-04-21 07:53:20 +00:00
molecule-ai[bot]
6481beb780
docs: add docs/agent-runtime/team-expansion.md 2026-04-21 07:53:19 +00:00
molecule-ai[bot]
ad8ccad70a
docs: add docs/agent-runtime/social-channels.md 2026-04-21 07:53:18 +00:00
molecule-ai[bot]
d6de82e699
docs: add docs/agent-runtime/skills.md 2026-04-21 07:53:17 +00:00
molecule-ai[bot]
517936f684
docs: add docs/agent-runtime/config-format.md 2026-04-21 07:53:16 +00:00
molecule-ai[bot]
28d0311110
docs: add docs/agent-runtime/bundle-system.md 2026-04-21 07:53:15 +00:00
molecule-ai[bot]
2841b82857
docs: add docs/agent-runtime/agent-card.md 2026-04-21 07:53:14 +00:00
molecule-ai[bot]
2dd808fbf0
docs: fix broken blog link in register-remote-agent.md 2026-04-21 07:52:36 +00:00
molecule-ai[bot]
bdfe53ffca
docs: add docs/tutorials/register-remote-agent.md 2026-04-21 07:51:24 +00:00
molecule-ai[bot]
b1a7249132
docs: add docs/tutorials/lark-feishu-channel.md 2026-04-21 07:51:24 +00:00
molecule-ai[bot]
79683d6ee3
docs: add docs/tutorials/hermes-multi-provider-dispatch.md 2026-04-21 07:51:23 +00:00
molecule-ai[bot]
e700cbf05c
docs: add docs/tutorials/google-adk-runtime.md 2026-04-21 07:51:22 +00:00
molecule-ai[bot]
6edc7d0299
docs: add docs/tutorials/gemini-cli-runtime.md 2026-04-21 07:51:21 +00:00
molecule-ai[bot]
ed9bc941c6
docs: add docs/tutorials/fly-machines-provisioner.md 2026-04-21 07:51:20 +00:00
molecule-ai[bot]
042335bced
docs: add docs/integrations/opencode.md 2026-04-21 07:51:19 +00:00
molecule-ai[bot]
ac60a7cb8b
docs: add docs/frontend/canvas.md 2026-04-21 07:51:18 +00:00