Commit 4a8a77d
fix(security): add sender_kind guard in control.rs
Prevent agents from spoofing human identity by naming themselves
"human:..." to bypass release ACL checks. When sender_kind is
explicitly Agent, immediately return false regardless of name string.
Cherry-picked from PR #412.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>1 parent 3a58f7d commit 4a8a77d
1 file changed
Lines changed: 7 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | | - | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
8 | 12 | | |
9 | 13 | | |
10 | 14 | | |
| |||
23 | 27 | | |
24 | 28 | | |
25 | 29 | | |
| 30 | + | |
| 31 | + | |
26 | 32 | | |
27 | 33 | | |
28 | 34 | | |
| |||
0 commit comments