fix(events): sanitize queued system markers (#87094) · openclaw/openclaw@c1151ea - 惯性聚合

推荐订阅源

Full Disclosure

Recorded Future

CERT Recently Published Vulnerability Notes

Schneier on Security

The Hacker News

CXSECURITY Database RSS Feed - CXSecurity.com

Know Your Adversary

Privacy International News Feed

Threat Intelligence Blog | Flashpoint

The Register - Security

Cisco Talos Blog

Kaspersky official blog

True Tiger Recordings

Threat Research - Cisco Blogs

Vulnerabilities – Threatpost

Palo Alto Networks Blog

The Exploit Database - CXSecurity.com

Cyber Security Advisories - MS-ISAC

Microsoft Azure Blog

Cybersecurity and Infrastructure Security Agency CISA

Tor Project blog

Proofpoint News Feed

Fox-IT International blog

Fortinet All Blogs

Privacy & Cybersecurity Law Blog

OSCHINA 社区最新新闻

博客园 - 叶小钗

Tailwind CSS Blog

Netflix TechBlog - Medium

IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog

博客园_首页

Hackread – Cybersecurity News, Data Breaches, AI and More

Darknet – Hacking Tools, Hacker News & Cyber Security

Recent Commits to openclaw:main

build(codex): update Codex CLI to 0.134.0 · openclaw/openclaw@231a812 docs(skills): omit advisory ids from changelog notes · openclaw/openclaw@989a369 test: speed up test project routing · openclaw/openclaw@140892c Fix stale approval prompts in Control UI (#86270) · openclaw/openclaw@5297eeb fix(installer): reject stale cli node runtimes · openclaw/openclaw@49d605e test: harden e2e harness isolation · openclaw/openclaw@acbb06e fix: keep approval runtime token local-only · openclaw/openclaw@96c5766 perf(gateway): defer skipped-channel sidecars · openclaw/openclaw@145b57c docs(changelog): omit advisory id from release notes · openclaw/openclaw@d606881 docs(changelog): refresh 2026.5.26 notes · openclaw/openclaw@26c0c19 docs(skills): add release changelog update workflow · openclaw/openclaw@c8d20ae fix(e2e): bound upgrade survivor cli checks · openclaw/openclaw@c965b3a test: speed up doctor config flow tests · openclaw/openclaw@5177180 fix(gateway): remove redundant unknown union · openclaw/openclaw@f393ebe test: speed up model fallback tests · openclaw/openclaw@e7f644c fix(imessage): stage remote media before understanding · openclaw/openclaw@ae52be9 fix(gateway): drop stale subagent announce history · openclaw/openclaw@982e888 fix: repair local approval resolution (#86771) · openclaw/openclaw@13cfb77 fix(e2e): bound codex media plugin setup · openclaw/openclaw@f89fcdd fix(gateway): stop chat timeout fallback cascade · openclaw/openclaw@b4f6928 perf(gateway): defer scheduled service imports · openclaw/openclaw@b74cd69 test: speed up capability cli tests · openclaw/openclaw@0126aba perf(gateway): defer startup warning fallback imports · openclaw/openclaw@0ee4ccf fix(gateway): bound watch regression teardown · openclaw/openclaw@7014bd0 fix(codex): keep WebChat delivery hints out of user requests · openclaw/openclaw@0cfccdb test: type current plugin metadata snapshot mock · openclaw/openclaw@a43cf2b test: align WebChat delivery hint expectations · openclaw/openclaw@1242931 test: speed up command secret gateway tests · openclaw/openclaw@657f9d1 fix(status): show explicit fast mode state (#87115) · openclaw/openclaw@41962ed fix: preserve plugin LLM command auth (#85936) · openclaw/openclaw@9119492 test: align loopback prompt metadata · openclaw/openclaw@f7a39f4 perf(gateway): reuse metadata for startup warnings · openclaw/openclaw@166097e fix(plugin-sdk): stabilize diagnostic event root alias · openclaw/openclaw@53f36a8 fix(tui): queue prompts submitted while busy (#86722) · openclaw/openclaw@6842d72 test: speed up tooling tests · openclaw/openclaw@f34a527 fix(plugin-sdk): use Function.name to find onDiagnosticEvent export (… · openclaw/openclaw@b3f8a0e Suppress transient runner failures in channels (#87069) · openclaw/openclaw@df6ec28 fix(e2e): bound telegram live hot path · openclaw/openclaw@698c40e test: speed up crabbox wrapper tests · openclaw/openclaw@5aaad5f refactor(telegram): encode conversation binding mode · openclaw/openclaw@df659d1 fix(agents): correlate pathless read diagnostics (#86977) · openclaw/openclaw@cecb076 perf: trim gateway session cache churn · openclaw/openclaw@cdfb1b4 test: speed up update cli tests · openclaw/openclaw@9065377 fix(doctor): map runtime tool schema health · openclaw/openclaw@27ad3d7 fix(e2e): bound update channel CLI checks · openclaw/openclaw@8fa5ecb test: speed up run-node tests · openclaw/openclaw@c8364b4 fix(browser): validate current tab before snapshots (#78526) · openclaw/openclaw@0604700 fix(media): require staged sandbox media refs · openclaw/openclaw@42d6cf6 perf: trim gateway startup planning · openclaw/openclaw@8d6b599 fix(codex): quarantine unsupported dynamic tool schemas · openclaw/openclaw@d7d037b fix(e2e): bound package cli scenarios · openclaw/openclaw@d0cb7ba ci: prepare pnpm for crabbox hydrate · openclaw/openclaw@716d719 fix(e2e): bound kitchen sink gateway teardown · openclaw/openclaw@81d22e8 test: speed up test routing and parallels smoke tests · openclaw/openclaw@9754117 fix(onboard): preserve configured default model (#87000) · openclaw/openclaw@5304682 fix(telegram): route plugin-bound topic messages · openclaw/openclaw@b8ea6d2 fix(gateway): bound benchmark teardown waits · openclaw/openclaw@1baab3b fix(diagnostics): recover orphaned session activity · openclaw/openclaw@286964c perf: avoid redundant runtime postbuild sync · openclaw/openclaw@a67ee0f fix(media): resolve inbound media refs consistently · openclaw/openclaw@6290ed5 fix(e2e): bound logged onboard commands · openclaw/openclaw@b74984d fix(ollama): normalize greedy top_p (#87049) · openclaw/openclaw@dfadc7b test: speed up crabbox wrapper tests · openclaw/openclaw@1954468 test: speed up crabbox config shim · openclaw/openclaw@1d2bf82 clickclack: enforce inbound sender allowlist [AI] (#83741) · openclaw/openclaw@10546e5 fix: isolate chat transcript fallback failures · openclaw/openclaw@fafed25 refactor: centralize prepared user turn merge · openclaw/openclaw@481f432 fix: preserve inline image routing with staged media · openclaw/openclaw@9263e38 test: wait for initial session task cleanup · openclaw/openclaw@00ab2f2 fix: keep user turn replay hooks idempotent · openclaw/openclaw@91cb042 refactor: carry prepared user turns on recorder · openclaw/openclaw@44bdc52 fix: preserve provenance through user turn hooks · openclaw/openclaw@223655d fix: use cleaned user turn transcript text · openclaw/openclaw@b9c2590 fix: preserve user turn provenance metadata · openclaw/openclaw@2e8f1d4 fix: keep user turn enrichment off dispatch · openclaw/openclaw@c862143 refactor: trim user turn transcript API · openclaw/openclaw@8bbd4ba fix: mark final codex mirror user persistence · openclaw/openclaw@2bd38da fix: resolve final codex mirror prompt · openclaw/openclaw@c0f8224 fix: use selected user transcript text · openclaw/openclaw@e4c42ae fix: restore user turn persistence checks · openclaw/openclaw@696fb41 fix: persist cli user turns to admitted session target · openclaw/openclaw@d55fe4b refactor: trim duplicated transcript tests · openclaw/openclaw@fe44ecd test: trim duplicate user turn persistence coverage · openclaw/openclaw@ffb8350 refactor: remove duplicate user turn handoff · openclaw/openclaw@20d7bf7 refactor: drop unused user turn update mode · openclaw/openclaw@848c389 fix(filefetch): wrap fetched text as external content (#87062) · openclaw/openclaw@42b8898 fix(ci): satisfy script oxlint sort rule · openclaw/openclaw@ffe1213 ci: tolerate gateway status help probe hangs fix(memory-core): close providers created during shutdown · openclaw/openclaw@e982302 fix(gateway): bound e2e HTTP helper responses · openclaw/openclaw@6509da7 fix(agents): honor per-agent thinking defaults for ingress runs (#86689) · openclaw/openclaw@bba4298 perf: trim gateway runtime hotspots · openclaw/openclaw@2035f38 test(cli): allow mac startup memory overhead · openclaw/openclaw@978cb6a fix(sessions): avoid parsing object cache writes · openclaw/openclaw@f6599ed fix(crabbox): show broker url in auth guard fix(crabbox): require broker auth for aws proof · openclaw/openclaw@7c432d2 fix(docker): bound kitchen sink plugin commands · openclaw/openclaw@d353dc1 fix(cli): bound startup memory probes · openclaw/openclaw@2b5fba1 test: skip claude resume live proof without cli · openclaw/openclaw@049d6c9 fix(agents): force SIGKILL for stuck MCP stdio children (#86739) · openclaw/openclaw@71d24f9

fix(events): sanitize queued system markers (#87094) · openclaw/openclaw@c1151ea

eleqtrizit · 2026-05-27 · via Recent Commits to openclaw:main

Original file line number	Diff line number	Diff line change
`@@ -9,6 +9,7 @@ Docs: https://docs.openclaw.ai`
`9`	`9`	`### Fixes`
`10`	`10`
`11`	`11`	`- Browser/snapshot: validate current tab URLs against the configured SSRF policy before ChromeMCP or direct CDP snapshot reads, closing the local-managed CDP bypass from GHSA-2x93-h3hg-2xfp while preserving existing-session coverage; the PR also rejects existing-session selectors before URL checks, adds focused route coverage, fetches full opengrep CI history, and stabilizes plugin activation normalization tests. Thanks @zsxsoft.`
	`12`	+- System events: sanitize queued system-event text at the queue boundary so untrusted plugin and channel labels cannot spoof nested `System:`, `[System]`, `[Assistant]`, or `[Internal]` prompt markers. (GHSA-j5p4-wxhw-4h4c) Thanks @ttzero25.
`12`	`13`
`13`	`14`	- Crabbox: bootstrap raw AWS macOS JavaScript commands launched through `/usr/bin/env` so native mac runners without preinstalled Node, Corepack, or pnpm can still run wrapped Node and pnpm proof.
`14`	`15`	- macOS: let app packaging fall back to `corepack pnpm` when a fresh native runner has Node/Corepack but no pnpm shim on `PATH`.

此内容由惯性聚合(RSS阅读器)自动聚合整理，仅供阅读参考。原文来自 — 版权归原作者所有。