From c49523bb54ed6255f4db67718f9a29fdb8287400 Mon Sep 17 00:00:00 2001
From: Molecule AI Release Manager <release-manager@agents.moleculesai.app>
Date: Mon, 11 May 2026 14:59:58 +0000
Subject: [PATCH] fix(a2a): restore OFFSEC-003 trust-boundary wrap on
 tool_delegate_task return
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes Gitea #491 — CWE-117 / OFFSEC-003 regression on staging.

Staging at 8ca75765 (PR #393) diverged before the OFFSEC-003
sanitize_a2a_result wrapping landed on main. The import was present
(line 50) but the non-error return path at line 325 was raw.

Main at f99b0fdf correctly wraps:
  return sanitize_a2a_result(result)

This hotfix restores the same pattern on staging. One-line fix
plus OFFSEC-003 comment matching the main branch.

Co-Authored-By: Release Manager Agent <release-manager@agents.moleculesai.app>
---
 workspace/a2a_tools_delegation.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/workspace/a2a_tools_delegation.py b/workspace/a2a_tools_delegation.py
index 0f728ad7..c886ebd0 100644
--- a/workspace/a2a_tools_delegation.py
+++ b/workspace/a2a_tools_delegation.py
@@ -322,7 +322,8 @@ async def tool_delegate_task(
             f"You should either: (1) try a different peer, (2) handle this task yourself, "
             f"or (3) inform the user that {peer_name} is unavailable and provide your best answer."
         )
-    return result
+    # OFFSEC-003: wrap peer result in trust boundary before returning to agent context
+    return sanitize_a2a_result(result)
 
 
 async def tool_delegate_task_async(
-- 
2.45.2