Skip to content

🔧 update: improve shield SQL detection and CLI channel routing#69

Merged
warengonzaga merged 3 commits into
devfrom
fix/task-issues
May 6, 2026
Merged

🔧 update: improve shield SQL detection and CLI channel routing#69
warengonzaga merged 3 commits into
devfrom
fix/task-issues

Conversation

@warengonzaga

Copy link
Copy Markdown
Owner

Summary

Two reliability improvements: the shield package's SQL injection matcher was generating false positives by scanning content-body fields (e.g. content, body, message, text) that carry document payloads rather than SQL parameters, and the -- markdown separator (---) was being misidentified as a SQL comment marker. Separately, the CLI now registers a channel alias to correctly handle CLI-prefixed owner routing.

Changes

  • shield: Exclude known content-body fields (content, body, message, text) from SQL injection argument scanning to prevent false positives on document writes
  • shield: Tighten -- detection with a negative-lookahead regex so markdown --- separators are not treated as SQL comment markers
  • shield: Add three new matcher tests — markdown separator false positive, content-field SQL word false positive, and a true-positive guard ensuring non-content args still block SQL keywords
  • cli: Register a CLI channel alias to support CLI-prefixed owner routing

Test Plan

  • New unit tests in packages/shield/tests/matcher.test.ts cover all three scenarios:
    • --- inside a content field → no match
    • SQL words (delete, drop) inside a content field → no match
    • DROP TABLE … -- inside a non-content query field → match (true positive preserved)
  • Run the shield test suite: pnpm --filter shield test
  • Verify CLI alias routing manually or via existing CLI integration tests

Copilot AI review requested due to automatic review settings April 13, 2026 11:46
@warengonzaga warengonzaga self-assigned this Apr 13, 2026
@github-actions

Copy link
Copy Markdown

📦 Package Build Flow — Monorepo Build

🔀 Pull Request Build — Pre-release package for testing PR changes

Package Version Status Install
@tinyclaw/plugins 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/types 2.0.0-pr.6b66b84 ⚠️ Built (not published)
tinyclaw 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/plugin-channel-discord 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/plugin-channel-friends 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/plugin-channel-telegram 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/plugin-provider-ollama 2.0.0-pr.6b66b84 ⚠️ Built (not published)
@tinyclaw/plugin-provider-openai 2.0.0-pr.6b66b84 ⚠️ Built (not published)

📥 Quick Install

⚠️ No packages were published to any registry.


This package was built automatically by the Package Build Flow action.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Improves reliability of the shield SQL-injection matcher by reducing false positives on document-like tool arguments and avoiding markdown --- being treated as SQL comments, and fixes CLI owner routing by registering a cli channel alias that maps to the existing web sender.

Changes:

  • Shield: exclude common content-body fields (content, body, message, text) from SQL keyword scanning in toolArgs
  • Shield: refine -- detection so markdown separators (---) don’t match
  • CLI: register cli channel alias when persisted ownerId is cli:* so nudges route correctly

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
src/cli/src/commands/start.ts Registers a cli gateway alias backed by the web SSE sender for CLI-prefixed owners
packages/shield/src/matcher.ts Filters tool args before SQL scanning and tightens -- matching to avoid --- false positives
packages/shield/tests/matcher.test.ts Adds regression tests for markdown separators/content fields and a true-positive guard

Comment thread packages/shield/src/matcher.ts Outdated
Comment thread src/cli/src/commands/start.ts
@warengonzaga

Copy link
Copy Markdown
Owner Author

@copilot apply changes based on the comments in this thread

Copilot AI commented Apr 13, 2026

Copy link
Copy Markdown
Contributor

@copilot apply changes based on the comments in this thread

Applied all changes from the review thread (commit 5fc4f26):

  1. CONTENT_FIELDS hoisted to module scope — the ReadonlySet is now constructed once at module load in packages/shield/src/matcher.ts, eliminating the per-call allocation in the hot path.

  2. Gateway alias test addedsrc/cli/tests/commands/start.test.ts now exposes mockGatewayRegister at module scope and includes two focused tests:

    • Positive: verifies gateway.register is called with 'cli' when ownerId starts with cli:
    • Negative: verifies 'cli' is not registered when ownerId has a non-cli: prefix

Also fixed a pre-existing Biome formatter failure in packages/shield/tests/matcher.test.ts (long content string now split across lines) that was blocking CI.

@github-actions

github-actions Bot commented May 6, 2026

Copy link
Copy Markdown

📦 Package Build Flow — Monorepo Build

🔀 Pull Request Build — Pre-release package for testing PR changes

Package Version Status Install
@tinyclaw/plugins 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/types 2.0.0-pr.1e19919 ⚠️ Built (not published)
tinyclaw 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/plugin-channel-discord 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/plugin-channel-friends 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/plugin-channel-telegram 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/plugin-provider-ollama 2.0.0-pr.1e19919 ⚠️ Built (not published)
@tinyclaw/plugin-provider-openai 2.0.0-pr.1e19919 ⚠️ Built (not published)

📥 Quick Install

⚠️ No packages were published to any registry.


This package was built automatically by the Package Build Flow action.

@warengonzaga warengonzaga merged commit 25a5ee7 into dev May 6, 2026
9 checks passed
@warengonzaga warengonzaga deleted the fix/task-issues branch May 6, 2026 12:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants