MediaMetz/gemini-cli
1
0
Fork 0
mirror of https://github.com/google-gemini/gemini-cli.git synced 2026-03-17 09:30:58 -07:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): prevent server name spoofing in policy engine (#12511)

Browse Source
This commit is contained in:
Allen Hutchison
2025-11-05 10:10:23 -08:00
committed by GitHub
parent 16113647de
commit f5bd474e51
8 changed files with 411 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
packages/core/src/confirmation-bus/message-bus.ts
View File

@@ -50,7 +50,10 @@ export class MessageBus extends EventEmitter {
}
if (message.type === MessageBusType.TOOL_CONFIRMATION_REQUEST) {
const decision = this.policyEngine.check(message.toolCall);
const decision = this.policyEngine.check(
message.toolCall,
message.serverName,
);
switch (decision) {
case PolicyDecision.ALLOW:

1
packages/core/src/confirmation-bus/types.ts
View File

@@ -19,6 +19,7 @@ export interface ToolConfirmationRequest {
type: MessageBusType.TOOL_CONFIRMATION_REQUEST;
toolCall: FunctionCall;
correlationId: string;
serverName?: string;
}
export interface ToolConfirmationResponse {