fix: reject unsafe AgentRun input disclosure combinations

This commit is contained in:
Codex
2026-07-12 06:23:08 +02:00
parent 2680ef6462
commit 26597700df
5 changed files with 63 additions and 11 deletions
+18
View File
@@ -179,6 +179,24 @@ export function parseResourceOptions(args: string[]): AgentRunResourceOptions {
continue;
}
}
if (options.taskInput && (options.full || options.raw)) {
const conflictingOptions = ["--input", options.full ? "--full" : null, options.raw ? "--raw" : null]
.filter((value): value is string => value !== null);
throw new AgentRunRestError(
"validation-failed",
`${conflictingOptions.join(" with ")} is not allowed: --input is the bounded SecretRef-only TaskInput projection and cannot be combined with complete resource disclosure.`,
{
details: {
conflictingOptions,
recoveryActions: [
"Use --input without --full or --raw for the bounded SecretRef-only TaskInput projection.",
"Remove --input when explicitly requesting the complete resource with --full or --raw.",
],
valuesPrinted: false,
},
},
);
}
return options;
}
+15 -9
View File
@@ -1068,6 +1068,10 @@ export function renderAgentRunRestError(command: string, error: AgentRunRestErro
const nextCommands = Array.isArray(laneHint.nextCommands)
? laneHint.nextCommands.filter((value): value is string => typeof value === "string" && value.length > 0).slice(0, 4)
: [];
const validationDetails = record(payload.agentrun);
const recoveryActions = Array.isArray(validationDetails.recoveryActions)
? validationDetails.recoveryActions.filter((value): value is string => typeof value === "string" && value.length > 0).slice(0, 4)
: [];
const hintLines = Object.keys(laneHint).length === 0
? []
: [
@@ -1080,15 +1084,17 @@ export function renderAgentRunRestError(command: string, error: AgentRunRestErro
const validationHelp = `bun scripts/cli.ts agentrun ${command.split(/\s+/u)[1] ?? "--help"} --help`;
const nextLines = nextCommands.length > 0
? nextCommands
: error.failureKind === "validation-failed"
? [
"Review the AgentRun validation message and correct the request; do not bypass the formal resource API.",
validationHelp,
]
: [
"Check config/agentrun.yaml manager.baseUrl and the AgentRun API route.",
"Verify HWLAB_API_KEY is present in env or in the configured auth.file without printing the key.",
];
: recoveryActions.length > 0
? recoveryActions
: error.failureKind === "validation-failed"
? [
"Review the AgentRun validation message and correct the request; do not bypass the formal resource API.",
validationHelp,
]
: [
"Check config/agentrun.yaml manager.baseUrl and the AgentRun API route.",
"Verify HWLAB_API_KEY is present in env or in the configured auth.file without printing the key.",
];
return renderedCliResult(false, command, [
`Error: ${payload.failureKind}`,
String(payload.message ?? ""),