23f7624596
ADR-166 MCP Bridge Security Lock / Static-source security lock (push) Failing after 0s
ADR-166 MCP Bridge Security Lock / Compose default binds loopback + Mongo has auth (push) Failing after 2s
CodeQL Advanced / Analyze (rust) (push) Failing after 0s
ADR-166 MCP Bridge Security Lock / plugin-agent-federation bindHost default (push) Failing after 1s
ADR-166 MCP Bridge Security Lock / Runtime behavior — 401 + terminal gate + fail-closed (push) Failing after 4s
business-pods-smoke / smoke (push) Failing after 1s
all-plugins-smoke / smoke-all (push) Failing after 2s
CI/CD Pipeline / Security & Code Quality (push) Failing after 1s
CI/CD Pipeline / Test Suite (ubuntu-latest) (push) Failing after 1s
CI/CD Pipeline / Build & Package (macos-latest) (push) Has been skipped
CI/CD Pipeline / Build & Package (ubuntu-latest) (push) Has been skipped
CI/CD Pipeline / Build & Package (windows-latest) (push) Has been skipped
CI/CD Pipeline / Documentation & Examples (push) Failing after 1s
Clone Tracker (14-day rolling) / Snapshot clones for ruflo ecosystem (push) Failing after 1s
CodeQL Advanced / Analyze (actions) (push) Failing after 1s
CodeQL Advanced / Analyze (javascript-typescript) (push) Failing after 1s
federation-peer-rust / stable-noop (push) Failing after 1s
metaharness-ci / score (push) Failing after 1s
metaharness-ci / router-compat (push) Failing after 0s
metaharness-ci / similarity-tests (push) Failing after 0s
no-agentbbs-smoke / smoke-without-agentbbs (push) Failing after 1s
V3 CI/CD Pipeline / Build V3 (windows-latest) (push) Has been skipped
codex-integration-audit / Codex integration audit (push) Failing after 1s
helpers-manifest-guard / guard (push) Failing after 1s
🔗 Cross-Agent Integration Tests / 🤝 Agent Coordination Tests (push) Has been skipped
🔗 Cross-Agent Integration Tests / 🧠 Memory Sharing Integration (push) Has been skipped
🔗 Cross-Agent Integration Tests / 🛡️ Fault Tolerance Tests (push) Has been skipped
🔗 Cross-Agent Integration Tests / ⚡ Performance Integration Tests (push) Has been skipped
metaharness-ci / mcp-scan (push) Failing after 1s
metaharness-ci / eject-dryrun (push) Failing after 1s
metaharness-ci / metaharness-real-data (push) Failing after 0s
no-cli-optdep-bloat-2561 / guard (push) Failing after 1s
no-metaharness-smoke / smoke-without-metaharness (push) Failing after 1s
no-phantom-agentic-flow-subpath / guard (push) Failing after 1s
🔄 Automated Rollback Manager / 🚨 Failure Detection (push) Failing after 1s
V3 CI/CD Pipeline / Plugin hooks smoke / ubuntu-latest / Node 22 (push) Failing after 1s
V3 CI/CD Pipeline / ruflo-graph-intelligence build + test smoke (#2044, ADR-123) (push) Failing after 1s
CVE Audit Gate / Audit root (critical-blocking) (push) Failing after 2s
cost-tracker-smoke / smoke (push) Failing after 3s
oia-audit-weekly / audit (push) Failing after 2s
ruflo-agent-smoke / ruflo-agent structural smoke (push) Failing after 1s
📊 Status Badges Update / 📊 Update Status Badges (push) Failing after 1s
V3 CI/CD Pipeline / Static regression guards (#2267 YAML + (push) Failing after 1s
V3 CI/CD Pipeline / Test V3 Packages (push) Failing after 0s
V3 CI/CD Pipeline / agent_execute provider routing smoke (#2042) (push) Failing after 0s
CVE Audit Gate / Audit v3 (critical-blocking) (push) Failing after 1s
federation-peer-rust / stable-native (push) Failing after 2s
🔗 Cross-Agent Integration Tests / 🚀 Integration Test Setup (push) Failing after 2s
neural-trader-smoke / runtime-smoke (push) Failing after 1s
V3 CI/CD Pipeline / Build V3 (macos-latest) (push) Has been skipped
V3 CI/CD Pipeline / Build V3 (ubuntu-latest) (push) Has been skipped
V3 CI/CD Pipeline / Type Check V3 (push) Failing after 1s
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / ubuntu-latest / Node 24 (push) Failing after 1s
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / ubuntu-latest / Node 22 (push) Failing after 2s
V3 CI/CD Pipeline / browser rvf create flag smoke (#2015) (push) Failing after 0s
V3 CI/CD Pipeline / Dependency review (#2046) (push) Has been skipped
V3 CI/CD Pipeline / Supply-chain audit (#2046) (push) Failing after 0s
V3 CI/CD Pipeline / witness marker drift smoke (#2021) (push) Failing after 1s
V3 CI/CD Pipeline / neural-trader portfolio CG smoke (#2068, ADR-126 Phase 3) (push) Failing after 1s
V3 CI/CD Pipeline / neural-trader backtest signing smoke (#2068, ADR-126 Phase 4) (push) Failing after 1s
V3 CI/CD Pipeline / kg-extract type-import classification smoke (#2049) (push) Failing after 0s
V3 CI/CD Pipeline / witness verify precondition smoke (#1880) (push) Failing after 2s
V3 CI/CD Pipeline / neural-trader pipeline risk-gate smoke (#2068, ADR-126 Phase 5) (push) Failing after 0s
V3 CI/CD Pipeline / neural-trader feature attribution smoke (#2068, ADR-126 Phase 6) (push) Failing after 0s
V3 CI/CD Pipeline / plugin-registry signature verification smoke (#1922, CWE-347) (push) Failing after 4s
V3 CI/CD Pipeline / memory stats legacy-DB smoke (#2120) (push) Failing after 4s
V3 CI/CD Pipeline / github deprecated actions smoke (#2089, ADR-127 Phase 3) (push) Failing after 1s
V3 CI/CD Pipeline / graph query + pathfinder smoke (ADR-130 P2+P5) (push) Has been skipped
V3 CI/CD Pipeline / graph trajectory hooks smoke (ADR-130 P3) (push) Has been skipped
V3 CI/CD Pipeline / graph plugin adapter smoke (ADR-130 P4) (push) Has been skipped
V3 CI/CD Pipeline / graph benchmark (ADR-130 P6) (push) Has been skipped
V3 CI/CD Pipeline / statusline generator delegation smoke (#2195) (push) Failing after 1s
V3 CI/CD Pipeline / wizard init regression guard (#2206 (push) Failing after 1s
V3 CI/CD Pipeline / memory no-stray-db smoke (ADR-125 P7) (push) Failing after 1s
V3 CI/CD Pipeline / github-safe injection smoke (#2089, ADR-127 Phase 1) (push) Failing after 1s
V3 CI/CD Pipeline / github actions pin smoke (#2089, ADR-127 Phase 1) (push) Failing after 1s
V3 CI/CD Pipeline / github attribution opt-in smoke (#2089, ADR-127 Phase 4) (push) Failing after 1s
V3 CI/CD Pipeline / pre-bash hook safety smoke (#2017) (push) Failing after 1s
V3 CI/CD Pipeline / Memory import smoke / ubuntu-latest (push) Failing after 0s
V3 CI/CD Pipeline / MCP protocol smoke / ubuntu-latest (push) Failing after 2s
V3 CI/CD Pipeline / ruvllm WASM auto-init smoke (#2086) (push) Failing after 4s
V3 CI/CD Pipeline / MCP paired-tool round-trip smoke (#1889) (push) Failing after 1s
V3 CI/CD Pipeline / Plugin package install-safety (#1902/#1903/#1904) (push) Failing after 1s
V3 CI/CD Pipeline / Tool description discoverability (ADR-112) (push) Failing after 3s
V3 CI/CD Pipeline / CLI npx-install smoke (#1147 / (22) (push) Failing after 1s
V3 CI/CD Pipeline / CLI npx-install smoke (#1147 / (24) (push) Failing after 1s
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / ubuntu-latest (push) Failing after 2s
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / ubuntu-latest (push) Failing after 1s
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / ubuntu-latest (push) Failing after 1s
V3 CI/CD Pipeline / Vector-index dimension audit (#1947) (push) Failing after 0s
V3 CI/CD Pipeline / Hook-command install safety (#1921) (push) Failing after 1s
V3 CI/CD Pipeline / ToolOutputGuardrail smoke (ADR-131, (push) Failing after 1s
V3 CI/CD Pipeline / init-bundle invariants smoke (#2095, ADR-128 Phase 5) (push) Failing after 1s
V3 CI/CD Pipeline / wasm provider bridge smoke (ADR-129 P1) (push) Failing after 2s
V3 CI/CD Pipeline / wasm gallery CRUD smoke (ADR-129 P3) (push) Failing after 1s
V3 CI/CD Pipeline / wasm plugin bridge smoke (ADR-129 P4) (push) Failing after 0s
V3 CI/CD Pipeline / wasm compose smoke (ADR-129 P2) (push) Failing after 4s
V3 CI/CD Pipeline / graph schema smoke (ADR-130 P1) (push) Failing after 0s
Validate Marketplace / validate (push) Failing after 1s
🔍 Verification Pipeline / 🚀 Setup Verification (push) Failing after 1s
🔍 Verification Pipeline / 🛡️ Security Verification (push) Has been skipped
🔍 Verification Pipeline / 📝 Code Quality (push) Has been skipped
🔍 Verification Pipeline / 🧪 Test Verification (${{ matrix.os }}, Node ${{ matrix.node }}) (push) Has been skipped
🔍 Verification Pipeline / 🏗️ Build Verification (push) Has been skipped
🔍 Verification Pipeline / 📚 Documentation Verification (push) Has been skipped
CVE Audit Gate / High-severity report (warn only) (push) Has been cancelled
🔄 Automated Rollback Manager / 🔄 Execute Rollback (push) Has been cancelled
🔄 Automated Rollback Manager / ✅ Post-Rollback Verification (push) Has been cancelled
🔄 Automated Rollback Manager / 📊 Rollback Monitoring (push) Has been cancelled
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook execution smoke (#2132) / windows-latest (push) Has been cancelled
🔄 Automated Rollback Manager / ⏳ Manual Rollback Approval (push) Has been cancelled
V3 CI/CD Pipeline / MCP protocol smoke / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Memory import smoke / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows hook shim smoke (#2132) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Windows init hooks smoke (#2132) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / macos-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / ubuntu-latest (push) Has been cancelled
V3 CI/CD Pipeline / Witness verify (signed manifest) / windows-latest (push) Has been cancelled
V3 CI/CD Pipeline / Publish to npm (alpha) (push) Has been cancelled
V3 CI/CD Pipeline / Smoke (no better-sqlite3) / macos-latest / Node 22 (push) Has been cancelled
V3 CI/CD Pipeline / Plugin hooks smoke / macos-latest / Node 22 (push) Has been cancelled
CI/CD Pipeline / Deploy & Release (push) Has been cancelled
CI/CD Pipeline / CI Status (push) Has been cancelled
🔗 Cross-Agent Integration Tests / 📊 Integration Test Report (push) Has been cancelled
🔄 Automated Rollback Manager / 🔍 Pre-Rollback Validation (push) Has been cancelled
🔍 Verification Pipeline / ⚡ Performance Verification (push) Has been cancelled
🔍 Verification Pipeline / 📊 Verification Report (push) Has been cancelled
293 lines
9.9 KiB
TypeScript
293 lines
9.9 KiB
TypeScript
/**
|
|
* Safe Executor Tests - HIGH-1 Remediation Validation
|
|
*
|
|
* Tests verify:
|
|
* - Commands execute without shell
|
|
* - Command allowlist enforcement
|
|
* - Argument sanitization
|
|
* - Dangerous pattern detection
|
|
*/
|
|
|
|
import { describe, it, expect, beforeEach } from 'vitest';
|
|
import {
|
|
SafeExecutor,
|
|
SafeExecutorError,
|
|
createDevelopmentExecutor,
|
|
createReadOnlyExecutor,
|
|
} from '../src/safe-executor.js';
|
|
|
|
describe('SafeExecutor', () => {
|
|
let executor: SafeExecutor;
|
|
|
|
beforeEach(() => {
|
|
executor = new SafeExecutor({
|
|
allowedCommands: ['echo', 'ls', 'git', 'npm', 'node'],
|
|
timeout: 5000,
|
|
});
|
|
});
|
|
|
|
describe('Configuration', () => {
|
|
it('should require at least one allowed command', () => {
|
|
expect(() => new SafeExecutor({
|
|
allowedCommands: [],
|
|
})).toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should reject dangerous commands in allowlist', () => {
|
|
expect(() => new SafeExecutor({
|
|
allowedCommands: ['rm'],
|
|
})).toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should reject multiple dangerous commands', () => {
|
|
expect(() => new SafeExecutor({
|
|
allowedCommands: ['chmod', 'chown', 'rm'],
|
|
})).toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should allow safe commands', () => {
|
|
expect(() => new SafeExecutor({
|
|
allowedCommands: ['git', 'npm', 'node'],
|
|
})).not.toThrow();
|
|
});
|
|
});
|
|
|
|
describe('Command Validation', () => {
|
|
it('should allow commands in allowlist', async () => {
|
|
const result = await executor.execute('echo', ['hello']);
|
|
expect(result.exitCode).toBe(0);
|
|
expect(result.stdout.trim()).toBe('hello');
|
|
});
|
|
|
|
it('should block commands not in allowlist', async () => {
|
|
await expect(executor.execute('cat', ['/etc/passwd'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block sudo commands by default', async () => {
|
|
const sudoExecutor = new SafeExecutor({
|
|
allowedCommands: ['sudo', 'ls'],
|
|
allowSudo: false,
|
|
});
|
|
|
|
await expect(sudoExecutor.execute('sudo', ['ls'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should allow sudo when configured', async () => {
|
|
const sudoExecutor = new SafeExecutor({
|
|
allowedCommands: ['sudo', 'ls'],
|
|
allowSudo: true,
|
|
});
|
|
|
|
// Will fail due to password requirement, but shouldn't throw allowlist error
|
|
const error = await sudoExecutor.execute('sudo', ['-n', 'ls']).catch(e => e);
|
|
if (error instanceof SafeExecutorError) {
|
|
expect(error.code).not.toBe('SUDO_NOT_ALLOWED');
|
|
}
|
|
});
|
|
});
|
|
|
|
describe('Argument Validation', () => {
|
|
it('should block null bytes in arguments', async () => {
|
|
await expect(executor.execute('echo', ['hello\x00world'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block semicolon (command chaining)', async () => {
|
|
await expect(executor.execute('echo', ['hello; rm -rf /'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block && (command chaining)', async () => {
|
|
await expect(executor.execute('echo', ['hello && rm -rf /'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block || (command chaining)', async () => {
|
|
await expect(executor.execute('echo', ['hello || rm -rf /'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block pipe character', async () => {
|
|
await expect(executor.execute('echo', ['hello | cat'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block backticks (command substitution)', async () => {
|
|
await expect(executor.execute('echo', ['`whoami`'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block $() (command substitution)', async () => {
|
|
await expect(executor.execute('echo', ['$(whoami)'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block redirect operators', async () => {
|
|
await expect(executor.execute('echo', ['hello > /etc/passwd'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should block newlines', async () => {
|
|
await expect(executor.execute('echo', ['hello\nrm -rf /'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should allow safe arguments', async () => {
|
|
const result = await executor.execute('echo', ['hello', 'world']);
|
|
expect(result.exitCode).toBe(0);
|
|
});
|
|
|
|
it('should allow arguments with dashes', async () => {
|
|
const result = await executor.execute('echo', ['-n', 'hello']);
|
|
expect(result.exitCode).toBe(0);
|
|
});
|
|
|
|
it('should allow arguments with equals', async () => {
|
|
const result = await executor.execute('echo', ['KEY=value']);
|
|
expect(result.exitCode).toBe(0);
|
|
});
|
|
});
|
|
|
|
describe('Argument Sanitization', () => {
|
|
it('should sanitize null bytes', () => {
|
|
const sanitized = executor.sanitizeArgument('hello\x00world');
|
|
expect(sanitized).not.toContain('\x00');
|
|
});
|
|
|
|
it('should sanitize shell metacharacters', () => {
|
|
const sanitized = executor.sanitizeArgument('hello; rm -rf /');
|
|
expect(sanitized).not.toContain(';');
|
|
});
|
|
});
|
|
|
|
describe('Command Execution', () => {
|
|
it('should return stdout', async () => {
|
|
const result = await executor.execute('echo', ['hello']);
|
|
expect(result.stdout.trim()).toBe('hello');
|
|
});
|
|
|
|
it('should return stderr', async () => {
|
|
// Use node to generate stderr
|
|
const result = await executor.execute('node', ['-e', 'console.error("error")']);
|
|
expect(result.stderr.trim()).toBe('error');
|
|
});
|
|
|
|
it('should return exit code', async () => {
|
|
const result = await executor.execute('node', ['-e', 'process.exit(42)']);
|
|
expect(result.exitCode).toBe(42);
|
|
});
|
|
|
|
it('should track execution duration', async () => {
|
|
const result = await executor.execute('echo', ['hello']);
|
|
expect(result.duration).toBeGreaterThanOrEqual(0);
|
|
});
|
|
|
|
it('should include command in result', async () => {
|
|
const result = await executor.execute('echo', ['hello']);
|
|
expect(result.command).toBe('echo');
|
|
expect(result.args).toEqual(['hello']);
|
|
});
|
|
});
|
|
|
|
describe('Timeout Handling', () => {
|
|
it('should timeout long-running commands', async () => {
|
|
const shortTimeoutExecutor = new SafeExecutor({
|
|
allowedCommands: ['node'],
|
|
timeout: 100,
|
|
});
|
|
|
|
await expect(
|
|
shortTimeoutExecutor.execute('node', ['-e', 'setTimeout(() => {}, 10000)'])
|
|
).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
});
|
|
|
|
describe('Streaming Execution', () => {
|
|
it('should return process handle', () => {
|
|
const streaming = executor.executeStreaming('echo', ['hello']);
|
|
expect(streaming.process).toBeDefined();
|
|
expect(streaming.promise).toBeInstanceOf(Promise);
|
|
|
|
// Clean up
|
|
streaming.process.kill();
|
|
});
|
|
|
|
it('should stream stdout', async () => {
|
|
const streaming = executor.executeStreaming('echo', ['hello']);
|
|
const result = await streaming.promise;
|
|
expect(result.stdout.trim()).toBe('hello');
|
|
});
|
|
});
|
|
|
|
describe('Dynamic Allowlist', () => {
|
|
it('should check if command is allowed', () => {
|
|
expect(executor.isCommandAllowed('echo')).toBe(true);
|
|
expect(executor.isCommandAllowed('cat')).toBe(false);
|
|
});
|
|
|
|
it('should add commands at runtime', () => {
|
|
expect(executor.isCommandAllowed('pwd')).toBe(false);
|
|
executor.allowCommand('pwd');
|
|
expect(executor.isCommandAllowed('pwd')).toBe(true);
|
|
});
|
|
|
|
it('should reject dangerous commands when adding', () => {
|
|
expect(() => executor.allowCommand('rm')).toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should return allowed commands', () => {
|
|
const commands = executor.getAllowedCommands();
|
|
expect(commands).toContain('echo');
|
|
expect(commands).toContain('git');
|
|
});
|
|
});
|
|
|
|
describe('Factory Functions', () => {
|
|
it('should create development executor', () => {
|
|
const devExecutor = createDevelopmentExecutor();
|
|
expect(devExecutor.isCommandAllowed('git')).toBe(true);
|
|
expect(devExecutor.isCommandAllowed('npm')).toBe(true);
|
|
expect(devExecutor.isCommandAllowed('node')).toBe(true);
|
|
});
|
|
|
|
it('should create read-only executor', () => {
|
|
const readOnlyExecutor = createReadOnlyExecutor();
|
|
expect(readOnlyExecutor.isCommandAllowed('git')).toBe(true);
|
|
expect(readOnlyExecutor.isCommandAllowed('cat')).toBe(true);
|
|
expect(readOnlyExecutor.isCommandAllowed('ls')).toBe(true);
|
|
});
|
|
});
|
|
|
|
describe('HIGH-1 Security Verification', () => {
|
|
it('should NOT use shell for execution', async () => {
|
|
// If shell were enabled, this would be interpreted as command chaining
|
|
// With shell disabled, it's just a string argument
|
|
const result = await executor.execute('echo', ['hello']);
|
|
expect(result.exitCode).toBe(0);
|
|
|
|
// This should fail validation before reaching execution
|
|
await expect(executor.execute('echo', ['hello; cat /etc/passwd'])).rejects.toThrow();
|
|
});
|
|
|
|
it('should prevent command injection via arguments', async () => {
|
|
// Classic injection attempts
|
|
const injections = [
|
|
'hello; rm -rf /',
|
|
'hello && rm -rf /',
|
|
'hello || rm -rf /',
|
|
'hello | rm -rf /',
|
|
'`rm -rf /`',
|
|
'$(rm -rf /)',
|
|
'hello\nrm -rf /',
|
|
'hello\x00rm -rf /',
|
|
];
|
|
|
|
for (const injection of injections) {
|
|
await expect(executor.execute('echo', [injection])).rejects.toThrow(SafeExecutorError);
|
|
}
|
|
});
|
|
|
|
it('should prevent environment variable injection', async () => {
|
|
await expect(executor.execute('echo', ['${PATH}'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
|
|
it('should not allow arbitrary commands', async () => {
|
|
// Only commands in allowlist should execute
|
|
await expect(executor.execute('wget', ['http://evil.com'])).rejects.toThrow(SafeExecutorError);
|
|
await expect(executor.execute('curl', ['http://evil.com'])).rejects.toThrow(SafeExecutorError);
|
|
await expect(executor.execute('bash', ['-c', 'rm -rf /'])).rejects.toThrow(SafeExecutorError);
|
|
});
|
|
});
|
|
});
|