hai/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-12 15:37:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c2074f4d598b5b896ea86be42a6d4336b561a912
gstack/browse/src
History
Garry Tan c2074f4d59 feat(browse): sidebar prompt-context injection + CDP telemetry 
server.ts spawnClaude now:
- Imports per-project domain skill matching the active tab's hostname
  via readDomainSkill()
- Wraps the body in UNTRUSTED EXTERNAL CONTENT envelope (so the L4
  classifier in sidebar-agent sees it at load time per Eng D4)
- Appends as <domain-skill source="..." host="..." version="..."> block
- Fires domain_skill_fired telemetry (host, source, version)
- Calls recordSkillUse fire-and-forget so the auto-promote-after-N=3
  state machine advances on each successful prompt injection

System prompt also gets a one-liner introducing $B domain-skill commands
to agents (DX D4 start-of-task discoverability hint).

cdp-bridge.ts fires:
- cdp_method_denied (drives next allow-list growth)
- cdp_method_lock_acquire_ms (P50/P99 quantile observability)
- cdp_method_called (allowed methods)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 13:12:17 -07:00
..
activity.ts
feat: content security — 4-layer prompt injection defense for pair-agent (#815)
2026-04-06 14:41:06 -07:00
audit.ts
feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062)
2026-04-18 23:25:33 +08:00
browser-manager.ts
feat(browse): $B cdp escape hatch — deny-default allowlist + two-tier mutex
2026-04-25 13:06:55 -07:00
buffers.ts
feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29)
2026-03-13 00:31:41 -07:00
bun-polyfill.cjs
fix: Windows support — Node.js server fallback for Playwright (#255)
2026-03-20 12:22:11 -07:00
cdp-allowlist.ts
test(browse): CDP allowlist + two-tier mutex
2026-04-25 13:08:17 -07:00
cdp-bridge.ts
feat(browse): sidebar prompt-context injection + CDP telemetry
2026-04-25 13:12:17 -07:00
cdp-commands.ts
feat(browse): $B cdp escape hatch — deny-default allowlist + two-tier mutex
2026-04-25 13:06:55 -07:00
cdp-inspector.ts
refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941)
2026-04-10 17:13:15 -10:00
cli.ts
feat(v1.4.0.0): /make-pdf — markdown to publication-quality PDFs (#1086)
2026-04-20 13:20:30 +08:00
commands.ts
feat(browse): $B domain-skill subcommands
2026-04-25 13:06:55 -07:00
config.ts
fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988)
2026-04-13 07:49:37 -10:00
content-security.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
cookie-import-browser.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
cookie-picker-routes.ts
community wave: 6 PRs + hardening (v0.18.1.0) (#1028)
2026-04-17 00:45:13 -07:00
cookie-picker-ui.ts
fix: cookie picker auth token leak (v0.15.17.0) (#904)
2026-04-08 10:10:13 -07:00
domain-skill-commands.ts
feat(browse): telemetry signals + project-slug helper
2026-04-25 13:12:16 -07:00
domain-skills.ts
feat(browse): domain-skills storage + state machine
2026-04-25 12:59:55 -07:00
error-handling.ts
refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941)
2026-04-10 17:13:15 -10:00
find-browse.ts
feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226)
2026-03-19 18:20:50 -07:00
media-extract.ts
feat: browser data platform for AI agents (v0.16.0.0) (#907)
2026-04-08 00:41:55 -07:00
meta-commands.ts
feat(browse): $B domain-skill subcommands
2026-04-25 13:06:55 -07:00
network-capture.ts
feat: browser data platform for AI agents (v0.16.0.0) (#907)
2026-04-08 00:41:55 -07:00
path-security.ts
fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988)
2026-04-13 07:49:37 -10:00
platform.ts
fix: Windows support — Node.js server fallback for Playwright (#255)
2026-03-20 12:22:11 -07:00
project-slug.ts
feat(browse): telemetry signals + project-slug helper
2026-04-25 13:12:16 -07:00
read-commands.ts
fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988)
2026-04-13 07:49:37 -10:00
security-bunnative.ts
feat(security): ML prompt injection defense for sidebar (v1.4.0.0) (#1089)
2026-04-20 22:18:37 +08:00
security-classifier.ts
v1.6.4.0: cut Haiku classifier FP from 44% to 23%, gate now enforced (#1135)
2026-04-23 10:23:40 -07:00
security.ts
v1.6.4.0: cut Haiku classifier FP from 44% to 23%, gate now enforced (#1135)
2026-04-23 10:23:40 -07:00
server.ts
feat(browse): sidebar prompt-context injection + CDP telemetry
2026-04-25 13:12:17 -07:00
sidebar-agent.ts
feat(security): ML prompt injection defense for sidebar (v1.4.0.0) (#1089)
2026-04-20 22:18:37 +08:00
sidebar-utils.ts
fix: sidebar agent uses real tab URL instead of stale Playwright URL (v0.12.6.0) (#544)
2026-03-26 22:07:03 -06:00
snapshot.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
sse-session-cookie.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
tab-session.ts
feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062)
2026-04-18 23:25:33 +08:00
telemetry.ts
feat(browse): telemetry signals + project-slug helper
2026-04-25 13:12:16 -07:00
token-registry.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
tunnel-denial-log.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00
url-validation.ts
feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062)
2026-04-18 23:25:33 +08:00
welcome.html
feat: GStack Browser — double-click AI browser with anti-bot stealth (#695)
2026-04-04 10:17:05 -07:00
write-commands.ts
security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137)
2026-04-21 21:58:27 -07:00