molecule-ai/molecule-core
41
0
Fork 2
Code Issues 43 Pull Requests 14 Actions 21 Packages Projects Releases Wiki Activity

fix(workspace): complete OFFSEC-003 fix — promote full sanitization to main #433

Merged
core-be merged 1 commits from fix/offsec-003-promote-to-main into main 2026-05-11 08:53:43 +00:00
Conversation 1 Commits 1 Files Changed 1 +15 -9
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
workspace/a2a_tools_delegation.py
View File

@ -167,12 +167,19 @@ async def _delegate_sync_via_polling(
break
if terminal:
if (terminal.get("status") or "").lower() == "completed":
return terminal.get("response_preview") or ""
err = (
# OFFSEC-003: sanitize response_preview before returning so
# boundary markers injected by a malicious peer cannot escape
# the trust boundary.
return sanitize_a2a_result(terminal.get("response_preview") or "")
# OFFSEC-003: sanitize error_detail / summary before wrapping with
# the _A2A_ERROR_PREFIX sentinel so injected markers cannot appear
# inside the trusted error block returned to the agent.
err_raw = (
terminal.get("error_detail")
or terminal.get("summary")
or "delegation failed"
)
err = sanitize_a2a_result(err_raw)
return f"{_A2A_ERROR_PREFIX}{err}"
await asyncio.sleep(_SYNC_POLL_INTERVAL_S)
@ -408,12 +415,11 @@ async def tool_check_task_status(
# Filter by delegation_id
matching = [d for d in delegations if d.get("delegation_id") == task_id]
if matching:
entry = dict(matching[0])
# OFFSEC-003: sanitize peer-generated text fields
for field in ("result", "response_preview"):
if field in entry and entry[field]:
entry[field] = sanitize_a2a_result(str(entry[field]))
return json.dumps(entry)
# OFFSEC-003: sanitize peer-supplied fields
d = matching[0]
d["summary"] = sanitize_a2a_result(d.get("summary", ""))
d["response_preview"] = sanitize_a2a_result(d.get("response_preview", ""))
return json.dumps(d)
return json.dumps({"status": "not_found", "delegation_id": task_id})
# Return all recent delegations
summary = []
@ -425,7 +431,7 @@ async def tool_check_task_status(
"delegation_id": d.get("delegation_id", ""),
"target_id": d.get("target_id", ""),
"status": d.get("status", ""),
"summary": d.get("summary", ""),
"summary": sanitize_a2a_result(d.get("summary", "")),
"response_preview": preview,
})
return json.dumps({"delegations": summary, "count": len(delegations)})