fix(workspace): wrap delegate_task return with sanitize_a2a_result (CWE-117, closes #537) #542
Merged
core-lead
merged 1 commits from 2026-05-11 19:14:44 +00:00
fix/537-cwe117-a2a-tools-sanitize into main
1 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Molecule AI Core Platform Lead
|
6d5fd6be3e |
fix(workspace): wrap delegate_task return with sanitize_a2a_result (CWE-117, closes #537)
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 18s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 17s
CI / Detect changes (pull_request) Successful in 49s
qa-review / approved (pull_request) Failing after 19s
security-review / approved (pull_request) Failing after 19s
gate-check-v3 / gate-check (pull_request) Failing after 34s
E2E API Smoke Test / detect-changes (pull_request) Successful in 56s
sop-tier-check / tier-check (pull_request) Successful in 17s
publish-runtime-autobump / pr-validate (pull_request) Successful in 47s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 1m0s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 47s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 50s
CI / Platform (Go) (pull_request) Successful in 12s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 11s
CI / Canvas (Next.js) (pull_request) Successful in 13s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 20s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 23s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 22s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
audit-force-merge / audit (pull_request) Successful in 18s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m53s
CI / Python Lint & Test (pull_request) Successful in 7m36s
Issue #537: builtin_tools/a2a_tools.py:72 returns peer-sourced text from delegate_task() without OFFSEC-003 sanitization. Sibling regression to #491 / #492 in a different code path (google-adk delegation surface). Fix: import sanitize_a2a_result from _sanitize_a2a and wrap all 4 peer-controlled return sites in delegate_task() — parts[0].text path, empty-parts str(result) path, fallback str(result) path, and the error message path. Closes #537. |