fix(security): rate limit web_fetch tool to mitigate DDoS via prompt injection (#19567)

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-03-17 17:41:24 -07:00 · 2026-02-20 11:18:07 -06:00
parent c7e309efc9
commit 0f855fc0c4
9 changed files with 166 additions and 1 deletions
--- a/packages/core/src/telemetry/types.ts
+++ b/packages/core/src/telemetry/types.ts
@@ -243,6 +243,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
  mcp_server_name?: string;
  extension_name?: string;
  extension_id?: string;
+  start_time?: number;
+  end_time?: number;
  // eslint-disable-next-line @typescript-eslint/no-explicit-any
  metadata?: { [key: string]: any };

@@ -256,6 +258,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
    prompt_id: string,
    tool_type: 'native' | 'mcp',
    error?: string,
+    start_time?: number,
+    end_time?: number,
  );
  constructor(
    call?: CompletedToolCall,
@@ -266,6 +270,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
    prompt_id?: string,
    tool_type?: 'native' | 'mcp',
    error?: string,
+    start_time?: number,
+    end_time?: number,
  ) {
    this['event.name'] = 'tool_call';
    this['event.timestamp'] = new Date().toISOString();
@@ -282,6 +288,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
      this.error_type = call.response.errorType;
      this.prompt_id = call.request.prompt_id;
      this.content_length = call.response.contentLength;
+      this.start_time = call.startTime;
+      this.end_time = call.endTime;
      if (
        typeof call.tool !== 'undefined' &&
        call.tool instanceof DiscoveredMCPTool
@@ -332,6 +340,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
      this.prompt_id = prompt_id!;
      this.tool_type = tool_type!;
      this.error = error;
+      this.start_time = start_time;
+      this.end_time = end_time;
    }
  }

@@ -351,6 +361,8 @@ export class ToolCallEvent implements BaseTelemetryEvent {
      mcp_server_name: this.mcp_server_name,
      extension_name: this.extension_name,
      extension_id: this.extension_id,
+      start_time: this.start_time,
+      end_time: this.end_time,
      metadata: this.metadata,
    };