rescue: V-011 obfuscation fix + compressor tuning (cherry-pick from #131) #178
Closed
claude
wants to merge 2 commits from
rescue/v011-obfuscation-fix into main
pull from: rescue/v011-obfuscation-fix
merge into: Timmy_Foundation:main
Timmy_Foundation:main
Timmy_Foundation:bezalel/self-awareness-epic-203
Timmy_Foundation:fix/kimi-fallback-model
Timmy_Foundation:bezalel/pr-215-rescue
Timmy_Foundation:perplexity/mempalace-tests
Timmy_Foundation:upstream-sync
Timmy_Foundation:bezalel/fix-gitea-ci-runner-host-mode
Timmy_Foundation:claude/issue-192
Timmy_Foundation:claude/issue-190
Timmy_Foundation:bezalel/fix-indentation-error
Timmy_Foundation:bezalel/gitea-workflow-skill
Timmy_Foundation:rescue/ollama-provider
Timmy_Foundation:claw-code/issue-151
Timmy_Foundation:claw-code/issue-126
Timmy_Foundation:groq/issue-168
Timmy_Foundation:timmy/issue-169-ollama-provider
Timmy_Foundation:gemini/issue-24
Timmy_Foundation:bezalel/syntax-guard-ci
Timmy_Foundation:claude/issue-128
Timmy_Foundation:claude/issue-142
Timmy_Foundation:claude/issue-133
Timmy_Foundation:claude/issue-143
Timmy_Foundation:claude/issue-146
Timmy_Foundation:claude/issue-155
Timmy_Foundation:claude/issue-147
Timmy_Foundation:claude/issue-148
Timmy_Foundation:bezalel/notebook-workflow-demo
Timmy_Foundation:claude/issue-149
Timmy_Foundation:bezalel/forge-health-check
Timmy_Foundation:epic-999-phase-ii-forge
Timmy_Foundation:allegro/m1-stop-protocol
Timmy_Foundation:timmy/issue-123-process-resilience
Timmy_Foundation:timmy/issue-116-config-validation
Timmy_Foundation:epic-999-phase-i
Timmy_Foundation:security/v-011-skills-guard-bypass
Timmy_Foundation:gemini/security-hardening
Timmy_Foundation:gemini/sovereign-gitea-client
Timmy_Foundation:timmy-custom
Timmy_Foundation:security/fix-oauth-session-fixation
Timmy_Foundation:security/fix-skills-path-traversal
Timmy_Foundation:security/fix-file-toctou
Timmy_Foundation:security/fix-error-disclosure
Timmy_Foundation:security/add-rate-limiting
Timmy_Foundation:security/fix-browser-cdp
Timmy_Foundation:security/fix-docker-privilege
Timmy_Foundation:security/fix-auth-bypass
Timmy_Foundation:fix/sqlite-contention
Timmy_Foundation:tests/security-coverage
Timmy_Foundation:security/fix-race-condition
Timmy_Foundation:security/fix-ssrf
Timmy_Foundation:security/fix-secret-leakage
Timmy_Foundation:feat/gen-ai-evolution-phases-19-21
Timmy_Foundation:feat/gen-ai-evolution-phases-16-18
Timmy_Foundation:feat/gen-ai-evolution-phases-13-15
Timmy_Foundation:security/fix-path-traversal
Timmy_Foundation:security/fix-command-injection
Timmy_Foundation:feat/gen-ai-evolution-phases-10-12
Timmy_Foundation:feat/gen-ai-evolution-phases-7-9
Timmy_Foundation:feat/gen-ai-evolution-phases-4-6
Timmy_Foundation:feat/gen-ai-evolution-phases-1-3
Timmy_Foundation:feat/sovereign-evolution-redistribution
Timmy_Foundation:feat/apparatus-verification
Timmy_Foundation:feat/sovereign-intersymbolic-ai
Timmy_Foundation:feat/sovereign-learning-system
Timmy_Foundation:feat/sovereign-reasoning-engine
2 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Ezra
|
3c8510cc0a |
fix(context_compressor): reduce default protect_last_n from 20 to 5
Some checks failed
Forge CI / smoke-and-build (pull_request) Failing after 2s
The previous default of 20 protected messages was overly conservative, preventing meaningful compression on long sessions. Reducing to 5 strikes a better balance between preserving recent conversational context and allowing the compressor to actually reduce token pressure. Updates both ContextCompressor default and AIAgent integration, plus adds a regression test verifying the last 5 turns are never summarized away. |
||
|
Ezra
|
5a47056073 |
feat(skills_guard): V-011 obfuscation bypass detection
Adds defense-in-depth against obfuscated malicious skill code: - normalize_input() with NFKC normalization, case folding, and zero-width character removal to defeat homoglyph and ZWSP evasion. - PythonSecurityAnalyzer AST visitor detecting eval/exec/compile, getattr dunder access, and imports of base64/codecs/marshal/types/ctypes. - Additional regex patterns for getattr builtins chains, __import__ os/subprocess, and nested base64 decoding. - Integrates all patterns into scan_file(); Python files now get both normalized regex scanning and AST-based analysis. Includes full test coverage in tests/tools/test_skills_guard.py. |