molecule-ai/molecule-ai-workspace-runtime
35
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7fc3537b2f
molecule-ai-workspace-runtime/molecule_runtime/plugins_registry
History
Molecule AI Infra-Runtime-BE d6944086fe fix(plugins_registry/builtins): strip API keys from plugin setup.sh env 
Issue #19 (CWE-C-312): AgentskillsAdaptor.install() passed the full
os.environ to the subprocess running setup.sh, including
ANTHROPIC_API_KEY, OPENAI_API_KEY, GITHUB_TOKEN, WORKSPACE_AUTH_TOKEN,
etc. A malicious or compromised plugin's setup.sh could exfiltrate them.

Fix: _scrubbed_env() builds a copy of os.environ with sensitive keys
removed, matching the same _SCRUB_KEYS list used in skill_loader/loader.py
so the scrubbing policy is consistent. CONFIGS_DIR is still passed via
the extra dict. Non-secret vars (PATH, HOME, etc.) are preserved.

Add 6 regression tests (30/30 passing).

Co-Authored-By: Infra-Runtime-BE <infra-runtime-be@molecule.ai>
2026-04-20 22:52:13 +00:00
..
__init__.py feat: initial release of molecule-ai-workspace-runtime 0.1.0 2026-04-16 04:26:06 -07:00
builtins.py fix(plugins_registry/builtins): strip API keys from plugin setup.sh env 2026-04-20 22:52:13 +00:00
protocol.py feat: initial release of molecule-ai-workspace-runtime 0.1.0 2026-04-16 04:26:06 -07:00
raw_drop.py feat: initial release of molecule-ai-workspace-runtime 0.1.0 2026-04-16 04:26:06 -07:00