ee6e9ef9f8
executus CI / test (pull_request) Successful in 59s
All 3 cloud models converged on a real access-control bug; fixed it + the other genuine findings (the false-positives were dropped): Security (HIGH — all 3 models): - create_file_url skipped ValidateScope: a same-skill caller could mint a PUBLIC url for a file scoped to another user/run. Now runs ValidateScope (admin-aware), skipped only for the descendant-grant case — mirroring the read tools. Other real fixes: - ValidateScope hard-coded `false` at every call site (admin branch dead) -> pass inv.CallerIsAdmin (the executor sets it via the host AdminPolicy; still false/fail-closed when no admin). Stale "no admin flag" comment corrected. - create_file_url: ExpiresInSeconds clamped BEFORE the *time.Second multiply (huge values overflowed to a negative duration that slipped under the cap, minting already-expired tokens); swallowed json.Marshal error now returned. - RegisterMeta: build the default budget WITH the configured MaxPerRun (was NewInMemorySearchBudget(nil) -> hardcoded 10, ignoring MetaDeps.MaxPerRun). - classify: all-zero scores no longer return a false-positive top-1 winner; coerceClassifyScore uses strconv.ParseFloat (rejects trailing garbage like "50extra" that fmt.Sscanf silently accepted). - file_delete: honor the descendant grant (parent can clean up a worker's artifacts) — was the lone cross-skill-reject-outright file tool. - meta tools: input caps truncate at a UTF-8 rune boundary (truncateUTF8), not mid-rune. - think: removed the dead `var _ = fmt.Errorf` import-keeper; file_save default aligned to 16 MiB (matched RegisterStore). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
64 lines
2.4 KiB
Go
64 lines
2.4 KiB
Go
// kv_get is the v4 KV-storage read tool. It looks up a single value by
|
|
// (scope, key) within the calling skill's KV namespace and returns the
|
|
// stored JSON value, or `null` when no row matches.
|
|
//
|
|
// Why "null" on miss (vs an error): the LLM's most natural use is
|
|
// "fetch this if cached, otherwise compute and store". Miss-as-error
|
|
// would force the agent to wrap every call in error handling; miss-as-
|
|
// null collapses the happy path.
|
|
package tools
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"gitea.stevedudenhoeffer.com/steve/executus/tool"
|
|
)
|
|
|
|
type kvGetArgs struct {
|
|
Scope string `json:"scope" description:"Storage scope: 'skill' (shared across all callers of this skill), 'user:<your_id>' (per-caller), 'run:<run_id>' (this run's scratchpad), or 'root_run:<root_run_id>' (shared scratchpad of this whole dispatch tree — use to coordinate with parallel sibling workers)."`
|
|
Key string `json:"key" description:"Key within the scope."`
|
|
}
|
|
|
|
// NewKVGet constructs the kv_get tool. storage may be nil — the tool
|
|
// then surfaces "not configured" at execute time instead of failing
|
|
// registration.
|
|
//
|
|
// Permission: anyone may author; safe for share. The scope check at
|
|
// handler entry makes share-safety meaningful — a shared skill cannot
|
|
// read another caller's `user:<id>` bucket because ValidateScope
|
|
// rejects that.
|
|
func NewKVGet(storage KVStorage) tool.Tool {
|
|
return tool.NewGatedTool[kvGetArgs](
|
|
"kv_get",
|
|
"Look up a value by key in this skill's storage. Returns the stored JSON value, or `null` if no row matches the (scope, key) tuple.",
|
|
tool.Permission{
|
|
AuthoringRequirement: tool.RequirementAnyone,
|
|
OperatesOn: tool.ScopeCaller,
|
|
SafeForShare: true,
|
|
Categories: []string{"storage", "read"},
|
|
},
|
|
func(ctx context.Context, inv tool.Invocation, args kvGetArgs) (string, error) {
|
|
if storage == nil {
|
|
return "", fmt.Errorf("kv_get: not configured")
|
|
}
|
|
if err := ValidateScope(inv, args.Scope, inv.CallerIsAdmin); err != nil {
|
|
return "", fmt.Errorf("kv_get: %w", err)
|
|
}
|
|
if args.Key == "" {
|
|
return "", fmt.Errorf("kv_get: key required")
|
|
}
|
|
|
|
entry, err := storage.KVGet(ctx, kvPartition(inv, args.Scope), args.Scope, args.Key)
|
|
if err != nil {
|
|
if errors.Is(err, ErrKVNotFound) {
|
|
return "null", nil
|
|
}
|
|
return "", fmt.Errorf("kv_get: %w", err)
|
|
}
|
|
return string(entry.Value), nil
|
|
},
|
|
)
|
|
}
|