Merge pull request #1284 from MervinPraison/fix/agent-init-type-hints

Fix/agent init type hints

Author: MervinPraison

docker/Dockerfile.chat

@@ -16,7 +16,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.113" \
+    "praisonai>=4.5.114" \
     "praisonai[chat]" \
     "embedchain[github,youtube]"
 

docker/Dockerfile.dev

@@ -20,7 +20,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.113" \
+    "praisonai>=4.5.114" \
     "praisonai[ui]" \
     "praisonai[chat]" \
     "praisonai[realtime]" \

docker/Dockerfile.ui

@@ -16,7 +16,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.113" \
+    "praisonai>=4.5.114" \
     "praisonai[ui]" \
     "praisonai[crewai]"
 

src/praisonai-agents/praisonaiagents/context/ledger.py

@@ -291,7 +291,20 @@ def __init__(self):
         self._shared_tokens: int = 0  # Tokens shared across agents
 
     def get_agent_ledger(self, agent_id: str) -> ContextLedgerManager:
-        """Get or create ledger for an agent."""
+        """Get or create ledger for an agent.
+        
+        Args:
+            agent_id: Unique identifier for the agent.
+            
+        Returns:
+            ContextLedgerManager for this agent.
+            
+        Raises:
+            ValueError: If agent_id is empty or contains only whitespace.
+        """
+        if not agent_id or not agent_id.strip():
+            raise ValueError("agent_id must be a non-empty string")
+        
         if agent_id not in self._agents:
             self._agents[agent_id] = ContextLedgerManager(agent_id)
         return self._agents[agent_id]

src/praisonai-agents/praisonaiagents/context/monitor.py

@@ -514,18 +514,41 @@ def snapshot(
         return str(output_path)
 
     def _get_output_path(self, agent_name: str = "") -> Path:
-        """Get output path, optionally per-agent."""
+        """Get output path, optionally per-agent.
+        
+        Security: Agent names are sanitized to prevent path traversal.
+        """
         if not self.multi_agent_files or not agent_name:
             return self.path
 
         # Create per-agent path
         stem = self.path.stem
         suffix = self.path.suffix or (".json" if self.format == "json" else ".txt")
 
-        # Sanitize agent name
-        safe_name = re.sub(r'[^\w\-]', '_', agent_name.lower())
-        
-        return self.path.parent / f"{stem}_{safe_name}{suffix}"
+        # Sanitize agent name:
+        # 1. Strip any path separators first (defence in depth)
+        safe_name = agent_name.replace('/', '_').replace('\\', '_')
+        # 2. Collapse to safe chars only
+        safe_name = re.sub(r'[^\w\-]', '_', safe_name.lower())
+        # 3. Enforce length limit to prevent filesystem issues
+        safe_name = safe_name[:64] if safe_name else 'unknown'
+        # 4. Strip leading/trailing underscores / dots  
+        safe_name = safe_name.strip('_.')
+        if not safe_name:
+            safe_name = 'unknown'
+        
+        result = self.path.parent / f"{stem}_{safe_name}{suffix}"
+        
+        # Verify the resolved path stays within the expected parent dir
+        resolved = result.resolve()
+        parent_resolved = self.path.parent.resolve()
+        if not str(resolved).startswith(str(parent_resolved) + '/') and resolved.parent != parent_resolved:
+            # Fallback to a safe hash-based name
+            import hashlib
+            hash_name = hashlib.sha256(agent_name.encode()).hexdigest()[:16]
+            result = self.path.parent / f"{stem}_{hash_name}{suffix}"
+        
+        return result
 
     def _get_warnings(
         self,

src/praisonai-agents/praisonaiagents/tools/python_tools.py

@@ -143,7 +143,15 @@ def safe_execute():
         blocked_attrs = {{
             '__subclasses__', '__bases__', '__mro__', '__globals__',
             '__code__', '__class__', '__dict__', '__builtins__',
-            '__import__', '__loader__', '__spec__'
+            '__import__', '__loader__', '__spec__', '__init_subclass__',
+            '__set_name__', '__reduce__', '__reduce_ex__',
+            '__traceback__', '__qualname__', '__module__',
+            '__wrapped__', '__closure__', '__annotations__',
+            # Frame/code object introspection
+            'gi_frame', 'gi_code', 'cr_frame', 'cr_code',
+            'ag_frame', 'ag_code', 'tb_frame', 'tb_next',
+            'f_globals', 'f_locals', 'f_builtins', 'f_code',
+            'co_consts', 'co_names',
         }}
         
         for node in ast.walk(tree):
@@ -162,7 +170,9 @@ def safe_execute():
                     "success": False
                 }}
             if isinstance(node, ast.Call) and isinstance(node.func, ast.Name):
-                if node.func.id in ('exec', 'eval', 'compile', '__import__', 'open'):
+                if node.func.id in ('exec', 'eval', 'compile', '__import__',
+                                     'open', 'input', 'breakpoint',
+                                     'setattr', 'delattr', 'dir'):
                     return {{
                         "result": None,
                         "stdout": "",

src/praisonai-agents/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "praisonaiagents"
-version = "1.5.113"
+version = "1.5.114"
 description = "Praison AI agents for completing complex tasks with Self Reflection Agents"
 readme = "README.md"
 requires-python = ">=3.10"

src/praisonai-agents/uv.lock

@@ -4,6 +4,7 @@
  */
 
 import { AgentFlow, Task, TaskConfig } from './index';
+import * as path from 'path';
 
 export interface YAMLWorkflowDefinition {
   name: string;
@@ -39,8 +40,9 @@ export interface ParsedWorkflow {
  * Parse YAML string into workflow definition
  */
 export function parseYAMLWorkflow(yamlContent: string): YAMLWorkflowDefinition {
-  // Simple YAML parser for workflow definitions
-  // For production, use js-yaml package
+  // SECURITY: If migrating to js-yaml, you MUST use:
+  //   yaml.load(content, { schema: yaml.JSON_SCHEMA })
+  // Never use yaml.load() with DEFAULT_SCHEMA — it enables arbitrary JS execution.
   const lines = yamlContent.split('\n');
   const result: YAMLWorkflowDefinition = {
     name: '',
@@ -82,7 +84,15 @@ export function parseYAMLWorkflow(yamlContent: string): YAMLWorkflowDefinition {
         type: 'agent'
       };
     } else if (currentStep) {
-      // Step properties
+      // Step properties — whitelist allowed keys to prevent injection
+      const ALLOWED_STEP_KEYS = new Set([
+        'type', 'agent', 'tool', 'input', 'output', 'condition',
+        'onError', 'maxRetries', 'timeout', 'loopCondition', 'maxIterations',
+      ]);
+      if (!ALLOWED_STEP_KEYS.has(key)) {
+        // Ignore unknown keys — do not allow arbitrary property injection
+        continue;
+      }
       if (key === 'type') currentStep.type = value as any;
       else if (key === 'agent') currentStep.agent = value;
       else if (key === 'tool') currentStep.tool = value;
@@ -265,9 +275,33 @@ function parseValue(value: string): any {
 export async function loadWorkflowFromFile(
   filePath: string,
   agents: Record<string, any> = {},
-  tools: Record<string, any> = {}
+  tools: Record<string, any> = {},
+  options: { basePath?: string; maxFileSizeBytes?: number } = {}
 ): Promise<ParsedWorkflow> {
   const fs = await import('fs/promises');
+
+  // SECURITY: Prevent path traversal
+  const normalizedPath = path.normalize(filePath);
+  if (normalizedPath.includes('..')) {
+    throw new Error('Path traversal detected: ".." is not allowed in file paths');
+  }
+
+  // If basePath is specified, ensure resolvedPath stays within it
+  if (options.basePath) {
+    const resolvedBase = path.resolve(options.basePath);
+    const resolvedFile = path.resolve(options.basePath, normalizedPath);
+    if (!resolvedFile.startsWith(resolvedBase + path.sep) && resolvedFile !== resolvedBase) {
+      throw new Error(`File path must be within base directory: ${options.basePath}`);
+    }
+  }
+
+  // SECURITY: Enforce file size limit (default 1 MB)
+  const maxSize = options.maxFileSizeBytes ?? 1_048_576;
+  const stat = await fs.stat(filePath);
+  if (stat.size > maxSize) {
+    throw new Error(`File too large: ${stat.size} bytes exceeds limit of ${maxSize} bytes`);
+  }
+
   const content = await fs.readFile(filePath, 'utf-8');
   const definition = parseYAMLWorkflow(content);
   return createWorkflowFromYAML(definition, agents, tools);

src/praisonai-ts/src/workflows/yaml-parser.ts

@@ -3,8 +3,8 @@ class Praisonai < Formula
 
     desc "AI tools for various AI applications"
     homepage "https://github.com/MervinPraison/PraisonAI"
-    url "https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.113.tar.gz"
-    sha256 `curl -sL https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.113.tar.gz | shasum -a 256`.split.first
+    url "https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.114.tar.gz"
+    sha256 `curl -sL https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.114.tar.gz | shasum -a 256`.split.first
     license "MIT"
 
     depends_on "python@3.11"