惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
阮一峰的网络日志
阮一峰的网络日志
J
Java Code Geeks
宝玉的分享
宝玉的分享
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Privacy International News Feed
The Register - Security
The Register - Security
T
Threat Research - Cisco Blogs
Recent Commits to openclaw:main
Recent Commits to openclaw:main
PCI Perspectives
PCI Perspectives
Hugging Face - Blog
Hugging Face - Blog
T
Tailwind CSS Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
N
News | PayPal Newsroom
Google Online Security Blog
Google Online Security Blog
aimingoo的专栏
aimingoo的专栏
F
Full Disclosure
P
Palo Alto Networks Blog
A
About on SuperTechFans
Microsoft Azure Blog
Microsoft Azure Blog
F
Fortinet All Blogs
爱范儿
爱范儿
Recorded Future
Recorded Future
月光博客
月光博客
T
True Tiger Recordings
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tenable Blog
L
Lohrmann on Cybersecurity
博客园 - 聂微东
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
大猫的无限游戏
大猫的无限游戏
S
Security @ Cisco Blogs
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
L
LINUX DO - 热门话题
Hacker News: Ask HN
Hacker News: Ask HN
C
Check Point Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
LangChain Blog
The Cloudflare Blog
Malwarebytes
Malwarebytes
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
I
InfoQ
N
Netflix TechBlog - Medium
Recent Announcements
Recent Announcements
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
SecWiki News
SecWiki News
云风的 BLOG
云风的 BLOG
T
ThreatConnect
博客园 - 叶小钗
B
Blog

Recent Commits to openclaw:main

docs: absorb hook and subagent guidance PRs ci: fix plugin npm bundled dependency install · openclaw/openclaw@d485464 feat(diagnostics): classify skill and tool usage (#80370) docs(skills): clarify control ui recording proof (#85568) · openclaw/openclaw@0b476b9 test(agents): repair main failure fixtures · openclaw/openclaw@c29967b feat(diagnostics): trace gateway secret preparation (#83019) · openclaw/openclaw@4f0c902 fix(diagnostics): harden observability exports and smokes (#85371) · openclaw/openclaw@7f05be0 fix(stepfun): drop stale auth choice metadata · openclaw/openclaw@0b2ab6c test(e2e): sample kitchen sink RSS on Windows · openclaw/openclaw@73c1e37 test(plugins): fail gauntlet on load diagnostics fix(build): preserve tsdown heap floor · openclaw/openclaw@9ff1a43 fix(tools): honor config apiKey in media tool preflight (#85570) · openclaw/openclaw@31c269f fix(e2e): support macOS script wrappers fix(ci): scope changed shrinkwrap checks · openclaw/openclaw@743fd4c chore(ui): refresh fa control ui locale chore(ui): refresh nl control ui locale · openclaw/openclaw@908464b chore(ui): refresh vi control ui locale · openclaw/openclaw@62b75f4 chore(ui): refresh th control ui locale · openclaw/openclaw@fc4ba31 chore(ui): refresh id control ui locale · openclaw/openclaw@5b1bdd1 chore(ui): refresh pl control ui locale · openclaw/openclaw@534d4b1 chore(ui): refresh uk control ui locale · openclaw/openclaw@055c3bd chore(ui): refresh ar control ui locale · openclaw/openclaw@89c5a68 chore(ui): refresh it control ui locale · openclaw/openclaw@44ca805 chore(ui): refresh tr control ui locale chore(ui): refresh fr control ui locale · openclaw/openclaw@2240b0e chore(ui): refresh ko control ui locale · openclaw/openclaw@5fa250b chore(ui): refresh ja-JP control ui locale · openclaw/openclaw@f4ea401 chore(ui): refresh es control ui locale · openclaw/openclaw@751dde0 chore(ui): refresh de control ui locale · openclaw/openclaw@72a9b5b chore(ui): refresh pt-BR control ui locale · openclaw/openclaw@501b6e0 chore(ui): refresh zh-CN control ui locale chore(ui): refresh zh-TW control ui locale · openclaw/openclaw@88dee79 Add Slack approval QA checkpoints (#85141) fix(agents): mirror internal ui message tool replies (#85564) perf(whatsapp): narrow runtime setter entry (#85589) · openclaw/openclaw@463929d fix: smooth chat focus mode layout · openclaw/openclaw@bb5abef Fix Telegram missing harness spool poison (#85605) · openclaw/openclaw@b745082 fix(session): surface previous-transcript archive failures on /new ro… · openclaw/openclaw@679a46d Policy: add agent workspace conformance checks (#85096) · openclaw/openclaw@a94f344 fix(installer): fail failed Windows git builds · openclaw/openclaw@2edd6e2 fix(codex): honor node exec policy for native surfaces (#85534) · openclaw/openclaw@e0405ec fix(qa-lab): stabilize codex runtime parity fixtures fix(github): preserve sufficient proof against negative relabel (#85567) · openclaw/openclaw@6b52dff docs: add changelog for context pressure preflight · openclaw/openclaw@5ca734f Fix context pressure preflight for tool-heavy sessions (#85541) · openclaw/openclaw@c08400e fix(doctor): classify codex asset notice as info (#85119) · openclaw/openclaw@959b935 fix(ui): keep chat picker search current (#85547) fix: preserve message-tool delivery evidence · openclaw/openclaw@f022b05 fix(codex): add API key paste auth (#85533) fix: satisfy openai video test typecheck · openclaw/openclaw@743caed fix: route openai video edits to edits endpoint · openclaw/openclaw@6c3fcb8 fix(qmd): normalize direct file collection paths (#65212) · openclaw/openclaw@227b4bf fix(testbox): preserve clean sparse checkouts · openclaw/openclaw@58e9628 fix(ui): run ui script through junction paths (#85525) · openclaw/openclaw@ad19dd8 docs: fix troubleshooting logs link (#85545) · openclaw/openclaw@60582b6 Revert chat session picker inline search (#85527) · openclaw/openclaw@d69bcfd fix: preserve guarded video operation cleanup · openclaw/openclaw@ed7d99a fix: honor openai video provider request network policy fix: retry guarded video downloads · openclaw/openclaw@efbf9f3 fix: thread openai video request policy · openclaw/openclaw@31b5145 docs(changelog): note heartbeat message-tool fix · openclaw/openclaw@c127334 fix: use fs-safe trash for agent delete (#84394) · openclaw/openclaw@951bbe6 Fix heartbeat message-tool delivery policy (#85357) · openclaw/openclaw@bd9c78f Scope config preflight note suppression (#84439) · openclaw/openclaw@91d85e7 fix(cron): document best-effort edit delivery mode (#84526) fix(dreaming): open report cards from memory palace (#85144) · openclaw/openclaw@2e15830 fix(openai-codex): preserve image input capability (#85393) · openclaw/openclaw@49ce171 fix(codex): stabilize heartbeat dynamic tool schema (#84681) · openclaw/openclaw@c52daa4 docs: absorb small documentation PRs · openclaw/openclaw@658be7f fix(scripts): preserve bws resolver parse errors (#85528) · openclaw/openclaw@13a4c57 fix(telegram): honor outbound media max bytes (#83478) · openclaw/openclaw@f2d4f93 fix(skills): restore executable bit on bundled whisper script + relea… · openclaw/openclaw@1dd3b52 fix(google): print Gemini OAuth URL before browser launch (#71469) · openclaw/openclaw@2d5bda9 docs: absorb contributor documentation fixes docs: tighten landable bug sweep gates · openclaw/openclaw@8f86383 fix: reuse provider auth lookup facts (#85499) · openclaw/openclaw@299ed80 fix: keep session picker focus separate · openclaw/openclaw@7e12370 feat: start onboarding for fresh CLI installs (#85519) · openclaw/openclaw@464ffc1 docs: refresh contributor docs · openclaw/openclaw@64d13c0 fix(update): prepack npm git update specs · openclaw/openclaw@84f6b5c fix: simplify chat session search · openclaw/openclaw@7e16a50 fix: use native mac settings sidebar · openclaw/openclaw@0556958 chore: ignore antigravity cli state · openclaw/openclaw@dd07fb4 fix(media): replace Gemini CLI fallback with sandboxed Antigravity (#… · openclaw/openclaw@0622fb6 docs: add bugbash landing changelog entries · openclaw/openclaw@faad2b0 fix(diffs): continue after card hydration errors (#84775) · openclaw/openclaw@9b5c281 fix(proxy): add missing clientSocket error handler in CONNECT tunnel … · openclaw/openclaw@e008bc9 fix(memory): report qmd workspace cwd probe failures (#63167) · openclaw/openclaw@7134a95 fix(agents): handle parallel tool call deltas in openai-completions s… test: align release validation package acceptance check (#85515) · openclaw/openclaw@423f525 fix: recover stuck Codex compaction · openclaw/openclaw@44d5330 docs: require visual proof for control ui e2e (#85513) · openclaw/openclaw@8174bfc Policy: add gateway exposure checks (#81981) · openclaw/openclaw@dcc5e45 ci: unblock advisory Tideclaw alpha release checks · openclaw/openclaw@dcfc7e5 fix(installer): tolerate WSL UNC launch cwd · openclaw/openclaw@684a9b2 docs: absorb docs sweep · openclaw/openclaw@bb5010b fix: cancel stale provider auth prewarms (#85503) · openclaw/openclaw@60e3749 Add TUI PTY integration coverage (#85485) · openclaw/openclaw@0a50cbd fix(security): escape entry.id in HTML export to prevent attribute XS… · openclaw/openclaw@7bc4a33 fix: guard openai-completions tool payload with supportsTools compat … · openclaw/openclaw@76a025c
fix(agents): audit tool policy blocks (#85673) · openclaw/openclaw@09dd051
vincentkoc · 2026-05-23 · via Recent Commits to openclaw:main

@@ -1,10 +1,28 @@

11

import type { AssistantMessage } from "@earendil-works/pi-ai";

2-

import { describe, expect, it } from "vitest";

2+

import { beforeEach, describe, expect, it, vi } from "vitest";

3+

import type { OpenClawConfig } from "../../config/types.openclaw.js";

34

import { MALFORMED_STREAMING_FRAGMENT_ERROR_MESSAGE } from "../../shared/assistant-error-format.js";

45

import { makeAssistantMessageFixture } from "../test-helpers/assistant-message-fixtures.js";

56

import { formatAssistantErrorText } from "./errors.js";

678+

const { toolPolicyAuditInfo } = vi.hoisted(() => ({

9+

toolPolicyAuditInfo: vi.fn(),

10+

}));

11+12+

vi.mock("../../logging/subsystem.js", () => ({

13+

createSubsystemLogger: () => ({

14+

debug: vi.fn(),

15+

error: vi.fn(),

16+

info: toolPolicyAuditInfo,

17+

warn: vi.fn(),

18+

}),

19+

}));

20+721

describe("formatAssistantErrorText streaming JSON parse classification", () => {

22+

beforeEach(() => {

23+

toolPolicyAuditInfo.mockClear();

24+

});

25+826

const makeAssistantError = (errorMessage: string): AssistantMessage =>

927

makeAssistantMessageFixture({

1028

errorMessage,

@@ -35,4 +53,42 @@ describe("formatAssistantErrorText streaming JSON parse classification", () => {

3553

"LLM request rejected: Expected value in JSON at position 12 for messages.0.content",

3654

);

3755

});

56+57+

it("audits a sandbox tool-policy block once per assistant error", () => {

58+

const cfg: OpenClawConfig = {

59+

agents: {

60+

defaults: {

61+

sandbox: { mode: "non-main", scope: "agent" },

62+

},

63+

},

64+

tools: {

65+

sandbox: {

66+

tools: {

67+

deny: ["browser"],

68+

},

69+

},

70+

},

71+

};

72+

const msg = makeAssistantError("unknown tool: browser");

73+74+

expect(

75+

formatAssistantErrorText(msg, { cfg, sessionKey: "agent:main:mobilechat:g1" }),

76+

).toContain('Tool "browser" blocked by sandbox tool policy');

77+

expect(

78+

formatAssistantErrorText(msg, { cfg, sessionKey: "agent:main:mobilechat:g1" }),

79+

).toContain('Tool "browser" blocked by sandbox tool policy');

80+81+

expect(toolPolicyAuditInfo).toHaveBeenCalledTimes(1);

82+

expect(toolPolicyAuditInfo).toHaveBeenCalledWith(

83+

"sandbox tool policy blocked browser via tools.sandbox.tools.deny; matched browser",

84+

{

85+

tool: "browser",

86+

ruleKind: "deny",

87+

ruleSource: "global",

88+

configKey: "tools.sandbox.tools.deny",

89+

matchedRule: "browser",

90+

sandboxMode: "non-main",

91+

},

92+

);

93+

});

3894

});

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。