gstack/browse/src at 2eb093f8c8e8b332b063ccd16056d8eded1f3790 - gstack - Gitea: Hai

hai/gstack

mirror of https://github.com/garrytan/gstack.git synced 2026-05-09 22:19:47 +08:00

Files

History

Garry Tan 88b12c2b4c fix(security): tool-output context allows single-layer BLOCK

combineVerdict's 2-of-N ensemble rule was designed for user input —
the Stack Overflow FP mitigation where a dev asking about injection
shouldn't kill the session. For tool output (page content, Read/Grep
results), the content wasn't user-authored, so that FP risk doesn't
apply. Before this change: testsavant_content=0.99 on a hostile page
downgraded to WARN when the transcript classifier degraded (timeout,
Haiku unavailable) or voted differently.

Add CombineVerdictOpts.toolOutput flag. When true, a single ML
classifier >= BLOCK threshold blocks directly. User-input default
path unchanged — still requires 2-of-N to block.

Caller: sidebar-agent.ts tool-result scan now passes { toolOutput: true }.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-20 11:07:18 +08:00

..

activity.ts

feat: content security — 4-layer prompt injection defense for pair-agent (#815 )

2026-04-06 14:41:06 -07:00

audit.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

browser-manager.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

buffers.ts

feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29 )

2026-03-13 00:31:41 -07:00

bun-polyfill.cjs

fix: Windows support — Node.js server fallback for Playwright (#255 )

2026-03-20 12:22:11 -07:00

cdp-inspector.ts

refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941 )

2026-04-10 17:13:15 -10:00

cli.ts

fix: headed browser auto-shutdown + disconnect cleanup (v0.18.1.0) (#1025 )

2026-04-16 15:39:44 -07:00

commands.ts

fix(security): wrap snapshot output in untrusted-content envelope

2026-04-20 11:06:45 +08:00

config.ts

fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988 )

2026-04-13 07:49:37 -10:00

content-security.ts

refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941 )

2026-04-10 17:13:15 -10:00

cookie-import-browser.ts

community wave: 6 PRs + hardening (v0.18.1.0) (#1028 )

2026-04-17 00:45:13 -07:00

cookie-picker-routes.ts

community wave: 6 PRs + hardening (v0.18.1.0) (#1028 )

2026-04-17 00:45:13 -07:00

cookie-picker-ui.ts

fix: cookie picker auth token leak (v0.15.17.0) (#904 )

2026-04-08 10:10:13 -07:00

error-handling.ts

refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941 )

2026-04-10 17:13:15 -10:00

find-browse.ts

feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226 )

2026-03-19 18:20:50 -07:00

media-extract.ts

feat: browser data platform for AI agents (v0.16.0.0) (#907 )

2026-04-08 00:41:55 -07:00

meta-commands.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

network-capture.ts

feat: browser data platform for AI agents (v0.16.0.0) (#907 )

2026-04-08 00:41:55 -07:00

path-security.ts

fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988 )

2026-04-13 07:49:37 -10:00

platform.ts

fix: Windows support — Node.js server fallback for Playwright (#255 )

2026-03-20 12:22:11 -07:00

read-commands.ts

fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988 )

2026-04-13 07:49:37 -10:00

security-bunnative.ts

feat(security): Bun-native inference research skeleton + design doc

2026-04-20 05:02:59 +08:00

security-classifier.ts

fix(security): rolling-buffer canary detection + tool_output in Haiku prompt

2026-04-20 11:07:06 +08:00

security.ts

fix(security): tool-output context allows single-layer BLOCK

2026-04-20 11:07:18 +08:00

server.ts

fix(security): relay security_event through processAgentEvent

2026-04-20 05:40:54 +08:00

sidebar-agent.ts

fix(security): rolling-buffer canary detection + tool_output in Haiku prompt

2026-04-20 11:07:06 +08:00

sidebar-utils.ts

fix: sidebar agent uses real tab URL instead of stale Playwright URL (v0.12.6.0) (#544 )

2026-03-26 22:07:03 -06:00

snapshot.ts

feat: UX behavioral foundations + ux-audit command (v0.17.0.0) (#1000 )

2026-04-14 07:47:11 -10:00

tab-session.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

token-registry.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

url-validation.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00

welcome.html

feat: GStack Browser — double-click AI browser with anti-bot stealth (#695 )

2026-04-04 10:17:05 -07:00

write-commands.ts

feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062 )

2026-04-18 23:25:33 +08:00