mirrors/mindcraft
1
0
Fork 0
mirror of https://github.com/kolbytn/mindcraft.git synced 2025-07-04 07:35:19 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: remove obsolete coder code safety check

Browse source
This commit is contained in:
kumavis 2024-10-26 18:16:44 -10:00
parent 7a253c9108
commit c06e2ab792
2 changed files with 0 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/agent/coder.js
View file

@ -1,5 +1,4 @@
import { writeFile, readFile, mkdirSync } from 'fs';
import { checkSafe } from '../utils/safety.js';
import settings from '../../settings.js';
import { makeCompartment } from './library/lockdown.js';
import * as skills from './library/skills.js';
@ -145,13 +144,6 @@ export class Coder {
}
code = res.substring(res.indexOf('```')+3, res.lastIndexOf('```'));
if (!checkSafe(code)) {
console.warn(`Detected insecure generated code, not executing. Insecure code: \n\`${code}\``);
const message = 'Error: Code insecurity detected. Do not import, read/write files, execute dynamic code, or access the internet. Please try again:';
messages.push({ role: 'system', content: message });
continue;
}
let codeStagingResult;
try {
codeStagingResult = await this.stageCode(code);

38
src/utils/safety.js
View file

@ -1,38 +0,0 @@
export function checkSafe(code) {
const dangerousPatterns = [
// Dynamic imports
/\bimport\s*\(/,
// Access to process and global
/\bprocess\b/,
/\bglobal\b/,
// Module manipulation
/\bmodule\b/,
/\bexports\b/,
// Require usage
/\brequire\s*\(/,
// Function constructors
/\bFunction\s*\(/,
/\beval\s*\(/,
// Access to __dirname and __filename
/\b__dirname\b/,
/\b__filename\b/,
// fetch
/\bfetch\s*\(/,
// XMLHttpRequest
/\bXMLHttpRequest\b/,
// Websockets
/\bWebSocket\b/,
];
for (const pattern of dangerousPatterns) {
if (pattern.test(code)) {
return false;
}
}
return true;
}
// generated by o1
// Basic check for malicious code like dynamic imports, code exec, disk access, internet access, etc.
// Will not catch all, and can be bypassed by obfuscation.