mosaicstack/stack
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

feat(gateway): tool path hardening + sandbox escape prevention (P8-016) #177

Merged
jason.woltje merged 1 commits from feat/p8-016-tool-hardening into main 2026-03-16 02:02:49 +00:00
Conversation 0 Commits 1 Files Changed 7 +320 -57
jason.woltje commented 2026-03-16 01:59:51 +00:00
Owner
Copy Link

Summary

  • Introduces with (symlink-aware via ) and (lexical-only for non-existent paths) that throw on any escape attempt
  • Replaces weak containment checks ( in file-tools, in git-tools and shell-tools) with strict guards across all three tool factories
  • All escape attempts now return an error response with the full message rather than silently falling back or using flawed relative-path checks
  • Adds 12 unit tests covering: path traversal (), deeply nested traversal, absolute paths outside sandbox, sibling-named directories, sandbox root itself, and valid nested paths

Test plan

mosaic-stack@ typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc
turbo run typecheck

• Packages in scope: @mosaic/agent, @mosaic/auth, @mosaic/brain, @mosaic/cli, @mosaic/coord, @mosaic/db, @mosaic/design-tokens, @mosaic/discord-plugin, @mosaic/gateway, @mosaic/log, @mosaic/memory, @mosaic/mosaic, @mosaic/prdy, @mosaic/quality-rails, @mosaic/queue, @mosaic/telegram-plugin, @mosaic/types, @mosaic/web
• Running typecheck in 18 packages
• Remote caching disabled, using shared worktree cache
@mosaic/discord-plugin:typecheck: cache hit, replaying logs 6949557dcdc8a25d
@mosaic/discord-plugin:typecheck:
@mosaic/discord-plugin:typecheck: > @mosaic/discord-plugin@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/plugins/discord
@mosaic/discord-plugin:typecheck: > tsc --noEmit
@mosaic/discord-plugin:typecheck:
@mosaic/prdy:build: cache hit, replaying logs cb5403384336205f
@mosaic/prdy:build:
@mosaic/prdy:build: > @mosaic/prdy@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/prdy
@mosaic/prdy:build: > tsc
@mosaic/prdy:build:
@mosaic/mosaic:typecheck: cache hit, replaying logs b1577ea913610cd9
@mosaic/mosaic:typecheck:
@mosaic/mosaic:typecheck: > @mosaic/mosaic@0.1.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/mosaic
@mosaic/mosaic:typecheck: > tsc --noEmit
@mosaic/mosaic:typecheck:
@mosaic/telegram-plugin:typecheck: cache hit, replaying logs 4150887d09a1a2f3
@mosaic/telegram-plugin:typecheck:
@mosaic/telegram-plugin:typecheck: > @mosaic/telegram-plugin@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/plugins/telegram
@mosaic/telegram-plugin:typecheck: > tsc --noEmit
@mosaic/telegram-plugin:typecheck:
@mosaic/design-tokens:build: cache hit, replaying logs 270358c643266429
@mosaic/design-tokens:build:
@mosaic/design-tokens:build: > @mosaic/design-tokens@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens
@mosaic/design-tokens:build: > tsc
@mosaic/design-tokens:build:
@mosaic/discord-plugin:build: cache hit, replaying logs 22f73215abb3a79d
@mosaic/discord-plugin:build:
@mosaic/discord-plugin:build: > @mosaic/discord-plugin@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/plugins/discord
@mosaic/discord-plugin:build: > tsc
@mosaic/discord-plugin:build:
@mosaic/mosaic:build: cache hit, replaying logs fa039137292693a0
@mosaic/mosaic:build:
@mosaic/mosaic:build: > @mosaic/mosaic@0.1.0 build /home/jwoltje/src/mosaic-mono-v1/packages/mosaic
@mosaic/mosaic:build: > tsc
@mosaic/mosaic:build:
@mosaic/design-tokens:typecheck: cache hit, replaying logs 107e1e40ecb9b42c
@mosaic/design-tokens:typecheck:
@mosaic/design-tokens:typecheck: > @mosaic/design-tokens@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens
@mosaic/design-tokens:typecheck: > tsc --noEmit
@mosaic/design-tokens:typecheck:
@mosaic/quality-rails:build: cache hit, replaying logs b7f6d1a1f03144a8
@mosaic/quality-rails:build:
@mosaic/quality-rails:build: > @mosaic/quality-rails@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails
@mosaic/quality-rails:build: > tsc
@mosaic/quality-rails:build:
@mosaic/telegram-plugin:build: cache hit, replaying logs 3d58ea44fccd3caf
@mosaic/telegram-plugin:build:
@mosaic/telegram-plugin:build: > @mosaic/telegram-plugin@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/plugins/telegram
@mosaic/telegram-plugin:build: > tsc
@mosaic/telegram-plugin:build:
@mosaic/types:typecheck: cache hit, replaying logs df6c273abce782b1
@mosaic/types:typecheck:
@mosaic/types:typecheck: > @mosaic/types@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/types
@mosaic/types:typecheck: > tsc --noEmit
@mosaic/types:typecheck:
@mosaic/types:build: cache hit, replaying logs 074ac3983e23bbf4
@mosaic/types:build:
@mosaic/types:build: > @mosaic/types@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/types
@mosaic/types:build: > tsc
@mosaic/types:build:
@mosaic/db:build: cache hit, replaying logs 12da17b042d6b1ba
@mosaic/db:build:
@mosaic/db:build: > @mosaic/db@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db
@mosaic/db:build: > tsc
@mosaic/db:build:
@mosaic/quality-rails:typecheck: cache hit, replaying logs 773b5ce675827462
@mosaic/quality-rails:typecheck:
@mosaic/quality-rails:typecheck: > @mosaic/quality-rails@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails
@mosaic/quality-rails:typecheck: > tsc --noEmit
@mosaic/quality-rails:typecheck:
@mosaic/prdy:typecheck: cache hit, replaying logs a6a0c18bda2a2b63
@mosaic/prdy:typecheck:
@mosaic/prdy:typecheck: > @mosaic/prdy@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/prdy
@mosaic/prdy:typecheck: > tsc --noEmit
@mosaic/prdy:typecheck:
@mosaic/db:typecheck: cache hit, replaying logs 8133ed2356ff8768
@mosaic/db:typecheck:
@mosaic/db:typecheck: > @mosaic/db@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db
@mosaic/db:typecheck: > tsc --noEmit
@mosaic/db:typecheck:
@mosaic/web:typecheck: cache hit, replaying logs 7a438f573892ad8d
@mosaic/web:typecheck:
@mosaic/web:typecheck: > @mosaic/web@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/apps/web
@mosaic/web:typecheck: > tsc --noEmit
@mosaic/web:typecheck:
@mosaic/queue:typecheck: cache hit, replaying logs ce0c703d33563e90
@mosaic/queue:typecheck:
@mosaic/queue:typecheck: > @mosaic/queue@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/queue
@mosaic/queue:typecheck: > tsc --noEmit
@mosaic/queue:typecheck:
@mosaic/queue:build: cache hit, replaying logs 6fe6ffc59cf9effb
@mosaic/queue:build:
@mosaic/queue:build: > @mosaic/queue@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/queue
@mosaic/queue:build: > tsc
@mosaic/queue:build:
@mosaic/coord:typecheck: cache hit, replaying logs 246baa94d04886fd
@mosaic/coord:typecheck:
@mosaic/coord:typecheck: > @mosaic/coord@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/coord
@mosaic/coord:typecheck: > tsc --noEmit
@mosaic/coord:typecheck:
@mosaic/agent:typecheck: cache hit, replaying logs 60f39fdabbbe8ceb
@mosaic/agent:typecheck:
@mosaic/agent:typecheck: > @mosaic/agent@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/agent
@mosaic/agent:typecheck: > tsc --noEmit
@mosaic/agent:typecheck:
@mosaic/coord:build: cache hit, replaying logs 5036e580e6509c57
@mosaic/coord:build:
@mosaic/coord:build: > @mosaic/coord@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/coord
@mosaic/coord:build: > tsc
@mosaic/coord:build:
@mosaic/cli:typecheck: cache hit, replaying logs a6334a9fdfa4f9a0
@mosaic/cli:typecheck:
@mosaic/cli:typecheck: > @mosaic/cli@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/cli
@mosaic/cli:typecheck: > tsc --noEmit
@mosaic/cli:typecheck:
@mosaic/brain:typecheck: cache hit, replaying logs 0167f910ab00f844
@mosaic/brain:typecheck:
@mosaic/brain:typecheck: > @mosaic/brain@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/brain
@mosaic/brain:typecheck: > tsc --noEmit
@mosaic/brain:typecheck:
@mosaic/log:typecheck: cache hit, replaying logs 443baf67f0ae3783
@mosaic/log:typecheck:
@mosaic/log:typecheck: > @mosaic/log@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log
@mosaic/log:typecheck: > tsc --noEmit
@mosaic/log:typecheck:
@mosaic/auth:build: cache hit, replaying logs 97aa6d96e58a08e6
@mosaic/auth:build:
@mosaic/auth:build: > @mosaic/auth@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth
@mosaic/auth:build: > tsc
@mosaic/auth:build:
@mosaic/memory:build: cache hit, replaying logs 91eb301ba67a52f6
@mosaic/memory:build:
@mosaic/memory:build: > @mosaic/memory@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/memory
@mosaic/memory:build: > tsc
@mosaic/memory:build:
@mosaic/brain:build: cache hit, replaying logs 088c3cfad1bbc33e
@mosaic/brain:build:
@mosaic/brain:build: > @mosaic/brain@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/brain
@mosaic/brain:build: > tsc
@mosaic/brain:build:
@mosaic/log:build: cache hit, replaying logs 17dda16b4298eea9
@mosaic/log:build:
@mosaic/log:build: > @mosaic/log@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log
@mosaic/log:build: > tsc
@mosaic/log:build:
@mosaic/auth:typecheck: cache hit, replaying logs 760a8e3453b0eb3a
@mosaic/auth:typecheck:
@mosaic/auth:typecheck: > @mosaic/auth@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth
@mosaic/auth:typecheck: > tsc --noEmit
@mosaic/auth:typecheck:
@mosaic/memory:typecheck: cache hit, replaying logs 475a29631c252e67
@mosaic/memory:typecheck:
@mosaic/memory:typecheck: > @mosaic/memory@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/memory
@mosaic/memory:typecheck: > tsc --noEmit
@mosaic/memory:typecheck:
@mosaic/gateway:typecheck: cache hit, replaying logs 1802b1f13f147733
@mosaic/gateway:typecheck:
@mosaic/gateway:typecheck: > @mosaic/gateway@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc/apps/gateway
@mosaic/gateway:typecheck: > tsc --noEmit -p tsconfig.typecheck.json
@mosaic/gateway:typecheck:

Tasks: 32 successful, 32 total
Cached: 32 cached, 32 total
Time: 70ms >>> FULL TURBO — 32/32 passing

mosaic-stack@ lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc
turbo run lint

• Packages in scope: @mosaic/agent, @mosaic/auth, @mosaic/brain, @mosaic/cli, @mosaic/coord, @mosaic/db, @mosaic/design-tokens, @mosaic/discord-plugin, @mosaic/gateway, @mosaic/log, @mosaic/memory, @mosaic/mosaic, @mosaic/prdy, @mosaic/quality-rails, @mosaic/queue, @mosaic/telegram-plugin, @mosaic/types, @mosaic/web
• Running lint in 18 packages
• Remote caching disabled, using shared worktree cache
@mosaic/prdy:lint: cache hit, replaying logs 48d86f65ce99eae1
@mosaic/prdy:lint:
@mosaic/prdy:lint: > @mosaic/prdy@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/prdy
@mosaic/prdy:lint: > eslint src
@mosaic/prdy:lint:
@mosaic/telegram-plugin:lint: cache hit, replaying logs 541b9739fc80302e
@mosaic/telegram-plugin:lint:
@mosaic/telegram-plugin:lint: > @mosaic/telegram-plugin@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/plugins/telegram
@mosaic/telegram-plugin:lint: > eslint src
@mosaic/telegram-plugin:lint:
@mosaic/design-tokens:lint: cache hit, replaying logs 8fe85fe02729fa77
@mosaic/design-tokens:lint:
@mosaic/design-tokens:lint: > @mosaic/design-tokens@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens
@mosaic/design-tokens:lint: > eslint src
@mosaic/design-tokens:lint:
@mosaic/discord-plugin:lint: cache hit, replaying logs 589a2558c93e4cb5
@mosaic/discord-plugin:lint:
@mosaic/discord-plugin:lint: > @mosaic/discord-plugin@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/plugins/discord
@mosaic/discord-plugin:lint: > eslint src
@mosaic/discord-plugin:lint:
@mosaic/mosaic:lint: cache hit, replaying logs 2f98b3cdcece7721
@mosaic/mosaic:lint:
@mosaic/mosaic:lint: > @mosaic/mosaic@0.1.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/mosaic
@mosaic/mosaic:lint: > eslint src
@mosaic/mosaic:lint:
@mosaic/quality-rails:lint: cache hit, replaying logs 9cfa5a7ef8975eec
@mosaic/quality-rails:lint:
@mosaic/quality-rails:lint: > @mosaic/quality-rails@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails
@mosaic/quality-rails:lint: > eslint src
@mosaic/quality-rails:lint:
@mosaic/db:lint: cache hit, replaying logs ccc19c990fa25bb1
@mosaic/db:lint:
@mosaic/db:lint: > @mosaic/db@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db
@mosaic/db:lint: > eslint src
@mosaic/db:lint:
@mosaic/types:lint: cache hit, replaying logs 4ac543f1f479bdce
@mosaic/types:lint:
@mosaic/types:lint: > @mosaic/types@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/types
@mosaic/types:lint: > eslint src
@mosaic/types:lint:
@mosaic/web:lint: cache hit, replaying logs 2d9d95e582088036
@mosaic/web:lint:
@mosaic/web:lint: > @mosaic/web@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/apps/web
@mosaic/web:lint: > eslint src
@mosaic/web:lint:
@mosaic/auth:lint: cache hit, replaying logs 74160e9cb0ee0559
@mosaic/auth:lint:
@mosaic/auth:lint: > @mosaic/auth@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth
@mosaic/auth:lint: > eslint src
@mosaic/auth:lint:
@mosaic/log:lint: cache hit, replaying logs 6048d3c34c16319b
@mosaic/log:lint:
@mosaic/log:lint: > @mosaic/log@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log
@mosaic/log:lint: > eslint src
@mosaic/log:lint:
@mosaic/memory:lint: cache hit, replaying logs 848fcb4be59bfc27
@mosaic/memory:lint:
@mosaic/memory:lint: > @mosaic/memory@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/memory
@mosaic/memory:lint: > eslint src
@mosaic/memory:lint:
@mosaic/cli:lint: cache hit, replaying logs e5a371624dc71500
@mosaic/cli:lint:
@mosaic/cli:lint: > @mosaic/cli@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/cli
@mosaic/cli:lint: > eslint src
@mosaic/cli:lint:
@mosaic/coord:lint: cache hit, replaying logs 8945b9e8a430a3da
@mosaic/coord:lint:
@mosaic/coord:lint: > @mosaic/coord@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/coord
@mosaic/coord:lint: > eslint src
@mosaic/coord:lint:
@mosaic/brain:lint: cache hit, replaying logs 8aab01bb2c109deb
@mosaic/brain:lint:
@mosaic/brain:lint: > @mosaic/brain@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/brain
@mosaic/brain:lint: > eslint src
@mosaic/brain:lint:
@mosaic/agent:lint: cache hit, replaying logs 2469396621e92f40
@mosaic/agent:lint:
@mosaic/agent:lint: > @mosaic/agent@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/agent
@mosaic/agent:lint: > eslint src
@mosaic/agent:lint:
@mosaic/queue:lint: cache hit, replaying logs 36c65d693ee24f5c
@mosaic/queue:lint:
@mosaic/queue:lint: > @mosaic/queue@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/queue
@mosaic/queue:lint: > eslint src
@mosaic/queue:lint:
@mosaic/gateway:lint: cache hit, replaying logs 7945ee605110a1fe
@mosaic/gateway:lint:
@mosaic/gateway:lint: > @mosaic/gateway@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc/apps/gateway
@mosaic/gateway:lint: > eslint src
@mosaic/gateway:lint:

Tasks: 18 successful, 18 total
Cached: 18 cached, 18 total
Time: 51ms >>> FULL TURBO — 18/18 passing

mosaic-stack@ format:check /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc
prettier --check "**/*.{ts,tsx,js,jsx,json,md}"

Checking formatting...
All matched files use Prettier code style! — all files clean

🤖 Generated with Claude Code

## Summary - Introduces with (symlink-aware via ) and (lexical-only for non-existent paths) that throw on any escape attempt - Replaces weak containment checks ( in file-tools, in git-tools and shell-tools) with strict guards across all three tool factories - All escape attempts now return an error response with the full message rather than silently falling back or using flawed relative-path checks - Adds 12 unit tests covering: path traversal (), deeply nested traversal, absolute paths outside sandbox, sibling-named directories, sandbox root itself, and valid nested paths ## Test plan - [x] > mosaic-stack@ typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc > turbo run typecheck • Packages in scope: @mosaic/agent, @mosaic/auth, @mosaic/brain, @mosaic/cli, @mosaic/coord, @mosaic/db, @mosaic/design-tokens, @mosaic/discord-plugin, @mosaic/gateway, @mosaic/log, @mosaic/memory, @mosaic/mosaic, @mosaic/prdy, @mosaic/quality-rails, @mosaic/queue, @mosaic/telegram-plugin, @mosaic/types, @mosaic/web • Running typecheck in 18 packages • Remote caching disabled, using shared worktree cache @mosaic/discord-plugin:typecheck: cache hit, replaying logs 6949557dcdc8a25d @mosaic/discord-plugin:typecheck: @mosaic/discord-plugin:typecheck: > @mosaic/discord-plugin@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/plugins/discord @mosaic/discord-plugin:typecheck: > tsc --noEmit @mosaic/discord-plugin:typecheck: @mosaic/prdy:build: cache hit, replaying logs cb5403384336205f @mosaic/prdy:build: @mosaic/prdy:build: > @mosaic/prdy@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/prdy @mosaic/prdy:build: > tsc @mosaic/prdy:build: @mosaic/mosaic:typecheck: cache hit, replaying logs b1577ea913610cd9 @mosaic/mosaic:typecheck: @mosaic/mosaic:typecheck: > @mosaic/mosaic@0.1.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/mosaic @mosaic/mosaic:typecheck: > tsc --noEmit @mosaic/mosaic:typecheck: @mosaic/telegram-plugin:typecheck: cache hit, replaying logs 4150887d09a1a2f3 @mosaic/telegram-plugin:typecheck: @mosaic/telegram-plugin:typecheck: > @mosaic/telegram-plugin@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/plugins/telegram @mosaic/telegram-plugin:typecheck: > tsc --noEmit @mosaic/telegram-plugin:typecheck: @mosaic/design-tokens:build: cache hit, replaying logs 270358c643266429 @mosaic/design-tokens:build: @mosaic/design-tokens:build: > @mosaic/design-tokens@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens @mosaic/design-tokens:build: > tsc @mosaic/design-tokens:build: @mosaic/discord-plugin:build: cache hit, replaying logs 22f73215abb3a79d @mosaic/discord-plugin:build: @mosaic/discord-plugin:build: > @mosaic/discord-plugin@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/plugins/discord @mosaic/discord-plugin:build: > tsc @mosaic/discord-plugin:build: @mosaic/mosaic:build: cache hit, replaying logs fa039137292693a0 @mosaic/mosaic:build: @mosaic/mosaic:build: > @mosaic/mosaic@0.1.0 build /home/jwoltje/src/mosaic-mono-v1/packages/mosaic @mosaic/mosaic:build: > tsc @mosaic/mosaic:build: @mosaic/design-tokens:typecheck: cache hit, replaying logs 107e1e40ecb9b42c @mosaic/design-tokens:typecheck: @mosaic/design-tokens:typecheck: > @mosaic/design-tokens@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens @mosaic/design-tokens:typecheck: > tsc --noEmit @mosaic/design-tokens:typecheck: @mosaic/quality-rails:build: cache hit, replaying logs b7f6d1a1f03144a8 @mosaic/quality-rails:build: @mosaic/quality-rails:build: > @mosaic/quality-rails@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails @mosaic/quality-rails:build: > tsc @mosaic/quality-rails:build: @mosaic/telegram-plugin:build: cache hit, replaying logs 3d58ea44fccd3caf @mosaic/telegram-plugin:build: @mosaic/telegram-plugin:build: > @mosaic/telegram-plugin@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/plugins/telegram @mosaic/telegram-plugin:build: > tsc @mosaic/telegram-plugin:build: @mosaic/types:typecheck: cache hit, replaying logs df6c273abce782b1 @mosaic/types:typecheck: @mosaic/types:typecheck: > @mosaic/types@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/types @mosaic/types:typecheck: > tsc --noEmit @mosaic/types:typecheck: @mosaic/types:build: cache hit, replaying logs 074ac3983e23bbf4 @mosaic/types:build: @mosaic/types:build: > @mosaic/types@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/types @mosaic/types:build: > tsc @mosaic/types:build: @mosaic/db:build: cache hit, replaying logs 12da17b042d6b1ba @mosaic/db:build: @mosaic/db:build: > @mosaic/db@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db @mosaic/db:build: > tsc @mosaic/db:build: @mosaic/quality-rails:typecheck: cache hit, replaying logs 773b5ce675827462 @mosaic/quality-rails:typecheck: @mosaic/quality-rails:typecheck: > @mosaic/quality-rails@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails @mosaic/quality-rails:typecheck: > tsc --noEmit @mosaic/quality-rails:typecheck: @mosaic/prdy:typecheck: cache hit, replaying logs a6a0c18bda2a2b63 @mosaic/prdy:typecheck: @mosaic/prdy:typecheck: > @mosaic/prdy@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/prdy @mosaic/prdy:typecheck: > tsc --noEmit @mosaic/prdy:typecheck: @mosaic/db:typecheck: cache hit, replaying logs 8133ed2356ff8768 @mosaic/db:typecheck: @mosaic/db:typecheck: > @mosaic/db@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db @mosaic/db:typecheck: > tsc --noEmit @mosaic/db:typecheck: @mosaic/web:typecheck: cache hit, replaying logs 7a438f573892ad8d @mosaic/web:typecheck: @mosaic/web:typecheck: > @mosaic/web@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/apps/web @mosaic/web:typecheck: > tsc --noEmit @mosaic/web:typecheck: @mosaic/queue:typecheck: cache hit, replaying logs ce0c703d33563e90 @mosaic/queue:typecheck: @mosaic/queue:typecheck: > @mosaic/queue@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/queue @mosaic/queue:typecheck: > tsc --noEmit @mosaic/queue:typecheck: @mosaic/queue:build: cache hit, replaying logs 6fe6ffc59cf9effb @mosaic/queue:build: @mosaic/queue:build: > @mosaic/queue@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/queue @mosaic/queue:build: > tsc @mosaic/queue:build: @mosaic/coord:typecheck: cache hit, replaying logs 246baa94d04886fd @mosaic/coord:typecheck: @mosaic/coord:typecheck: > @mosaic/coord@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/coord @mosaic/coord:typecheck: > tsc --noEmit @mosaic/coord:typecheck: @mosaic/agent:typecheck: cache hit, replaying logs 60f39fdabbbe8ceb @mosaic/agent:typecheck: @mosaic/agent:typecheck: > @mosaic/agent@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/agent @mosaic/agent:typecheck: > tsc --noEmit @mosaic/agent:typecheck: @mosaic/coord:build: cache hit, replaying logs 5036e580e6509c57 @mosaic/coord:build: @mosaic/coord:build: > @mosaic/coord@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/coord @mosaic/coord:build: > tsc @mosaic/coord:build: @mosaic/cli:typecheck: cache hit, replaying logs a6334a9fdfa4f9a0 @mosaic/cli:typecheck: @mosaic/cli:typecheck: > @mosaic/cli@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/cli @mosaic/cli:typecheck: > tsc --noEmit @mosaic/cli:typecheck: @mosaic/brain:typecheck: cache hit, replaying logs 0167f910ab00f844 @mosaic/brain:typecheck: @mosaic/brain:typecheck: > @mosaic/brain@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/brain @mosaic/brain:typecheck: > tsc --noEmit @mosaic/brain:typecheck: @mosaic/log:typecheck: cache hit, replaying logs 443baf67f0ae3783 @mosaic/log:typecheck: @mosaic/log:typecheck: > @mosaic/log@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log @mosaic/log:typecheck: > tsc --noEmit @mosaic/log:typecheck: @mosaic/auth:build: cache hit, replaying logs 97aa6d96e58a08e6 @mosaic/auth:build: @mosaic/auth:build: > @mosaic/auth@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth @mosaic/auth:build: > tsc @mosaic/auth:build: @mosaic/memory:build: cache hit, replaying logs 91eb301ba67a52f6 @mosaic/memory:build: @mosaic/memory:build: > @mosaic/memory@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/memory @mosaic/memory:build: > tsc @mosaic/memory:build: @mosaic/brain:build: cache hit, replaying logs 088c3cfad1bbc33e @mosaic/brain:build: @mosaic/brain:build: > @mosaic/brain@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/packages/brain @mosaic/brain:build: > tsc @mosaic/brain:build: @mosaic/log:build: cache hit, replaying logs 17dda16b4298eea9 @mosaic/log:build: @mosaic/log:build: > @mosaic/log@0.0.0 build /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log @mosaic/log:build: > tsc @mosaic/log:build: @mosaic/auth:typecheck: cache hit, replaying logs 760a8e3453b0eb3a @mosaic/auth:typecheck: @mosaic/auth:typecheck: > @mosaic/auth@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth @mosaic/auth:typecheck: > tsc --noEmit @mosaic/auth:typecheck: @mosaic/memory:typecheck: cache hit, replaying logs 475a29631c252e67 @mosaic/memory:typecheck: @mosaic/memory:typecheck: > @mosaic/memory@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/packages/memory @mosaic/memory:typecheck: > tsc --noEmit @mosaic/memory:typecheck: @mosaic/gateway:typecheck: cache hit, replaying logs 1802b1f13f147733 @mosaic/gateway:typecheck: @mosaic/gateway:typecheck: > @mosaic/gateway@0.0.0 typecheck /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc/apps/gateway @mosaic/gateway:typecheck: > tsc --noEmit -p tsconfig.typecheck.json @mosaic/gateway:typecheck: Tasks: 32 successful, 32 total Cached: 32 cached, 32 total Time: 70ms >>> FULL TURBO — 32/32 passing - [x] > mosaic-stack@ lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc > turbo run lint • Packages in scope: @mosaic/agent, @mosaic/auth, @mosaic/brain, @mosaic/cli, @mosaic/coord, @mosaic/db, @mosaic/design-tokens, @mosaic/discord-plugin, @mosaic/gateway, @mosaic/log, @mosaic/memory, @mosaic/mosaic, @mosaic/prdy, @mosaic/quality-rails, @mosaic/queue, @mosaic/telegram-plugin, @mosaic/types, @mosaic/web • Running lint in 18 packages • Remote caching disabled, using shared worktree cache @mosaic/prdy:lint: cache hit, replaying logs 48d86f65ce99eae1 @mosaic/prdy:lint: @mosaic/prdy:lint: > @mosaic/prdy@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/prdy @mosaic/prdy:lint: > eslint src @mosaic/prdy:lint: @mosaic/telegram-plugin:lint: cache hit, replaying logs 541b9739fc80302e @mosaic/telegram-plugin:lint: @mosaic/telegram-plugin:lint: > @mosaic/telegram-plugin@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/plugins/telegram @mosaic/telegram-plugin:lint: > eslint src @mosaic/telegram-plugin:lint: @mosaic/design-tokens:lint: cache hit, replaying logs 8fe85fe02729fa77 @mosaic/design-tokens:lint: @mosaic/design-tokens:lint: > @mosaic/design-tokens@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/design-tokens @mosaic/design-tokens:lint: > eslint src @mosaic/design-tokens:lint: @mosaic/discord-plugin:lint: cache hit, replaying logs 589a2558c93e4cb5 @mosaic/discord-plugin:lint: @mosaic/discord-plugin:lint: > @mosaic/discord-plugin@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/plugins/discord @mosaic/discord-plugin:lint: > eslint src @mosaic/discord-plugin:lint: @mosaic/mosaic:lint: cache hit, replaying logs 2f98b3cdcece7721 @mosaic/mosaic:lint: @mosaic/mosaic:lint: > @mosaic/mosaic@0.1.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/mosaic @mosaic/mosaic:lint: > eslint src @mosaic/mosaic:lint: @mosaic/quality-rails:lint: cache hit, replaying logs 9cfa5a7ef8975eec @mosaic/quality-rails:lint: @mosaic/quality-rails:lint: > @mosaic/quality-rails@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/quality-rails @mosaic/quality-rails:lint: > eslint src @mosaic/quality-rails:lint: @mosaic/db:lint: cache hit, replaying logs ccc19c990fa25bb1 @mosaic/db:lint: @mosaic/db:lint: > @mosaic/db@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/db @mosaic/db:lint: > eslint src @mosaic/db:lint: @mosaic/types:lint: cache hit, replaying logs 4ac543f1f479bdce @mosaic/types:lint: @mosaic/types:lint: > @mosaic/types@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/types @mosaic/types:lint: > eslint src @mosaic/types:lint: @mosaic/web:lint: cache hit, replaying logs 2d9d95e582088036 @mosaic/web:lint: @mosaic/web:lint: > @mosaic/web@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/apps/web @mosaic/web:lint: > eslint src @mosaic/web:lint: @mosaic/auth:lint: cache hit, replaying logs 74160e9cb0ee0559 @mosaic/auth:lint: @mosaic/auth:lint: > @mosaic/auth@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/auth @mosaic/auth:lint: > eslint src @mosaic/auth:lint: @mosaic/log:lint: cache hit, replaying logs 6048d3c34c16319b @mosaic/log:lint: @mosaic/log:lint: > @mosaic/log@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-add1760b/packages/log @mosaic/log:lint: > eslint src @mosaic/log:lint: @mosaic/memory:lint: cache hit, replaying logs 848fcb4be59bfc27 @mosaic/memory:lint: @mosaic/memory:lint: > @mosaic/memory@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/memory @mosaic/memory:lint: > eslint src @mosaic/memory:lint: @mosaic/cli:lint: cache hit, replaying logs e5a371624dc71500 @mosaic/cli:lint: @mosaic/cli:lint: > @mosaic/cli@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/cli @mosaic/cli:lint: > eslint src @mosaic/cli:lint: @mosaic/coord:lint: cache hit, replaying logs 8945b9e8a430a3da @mosaic/coord:lint: @mosaic/coord:lint: > @mosaic/coord@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/coord @mosaic/coord:lint: > eslint src @mosaic/coord:lint: @mosaic/brain:lint: cache hit, replaying logs 8aab01bb2c109deb @mosaic/brain:lint: @mosaic/brain:lint: > @mosaic/brain@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/brain @mosaic/brain:lint: > eslint src @mosaic/brain:lint: @mosaic/agent:lint: cache hit, replaying logs 2469396621e92f40 @mosaic/agent:lint: @mosaic/agent:lint: > @mosaic/agent@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/agent @mosaic/agent:lint: > eslint src @mosaic/agent:lint: @mosaic/queue:lint: cache hit, replaying logs 36c65d693ee24f5c @mosaic/queue:lint: @mosaic/queue:lint: > @mosaic/queue@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/packages/queue @mosaic/queue:lint: > eslint src @mosaic/queue:lint: @mosaic/gateway:lint: cache hit, replaying logs 7945ee605110a1fe @mosaic/gateway:lint: @mosaic/gateway:lint: > @mosaic/gateway@0.0.0 lint /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc/apps/gateway @mosaic/gateway:lint: > eslint src @mosaic/gateway:lint: Tasks: 18 successful, 18 total Cached: 18 cached, 18 total Time: 51ms >>> FULL TURBO — 18/18 passing - [x] > mosaic-stack@ format:check /home/jwoltje/src/mosaic-mono-v1/.claude/worktrees/agent-aba695bc > prettier --check "**/*.{ts,tsx,js,jsx,json,md}" Checking formatting... All matched files use Prettier code style! — all files clean - [x] — 12/12 tests pass - Closes #169 🤖 Generated with [Claude Code](https://claude.com/claude-code)
jason.woltje added 1 commit 2026-03-16 01:59:52 +00:00
feat(gateway): tool path hardening + sandbox escape prevention (P8-016)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
8d511ddb67 
Introduces path-guard.ts with guardPath (symlink-aware) and guardPathUnsafe
(lexical-only) that throw SandboxEscapeError on any escape attempt. Replaces
weak containment checks in file-tools, git-tools, and shell-tools with strict
guards. Adds 12 unit tests covering traversal, absolute-path, and sibling-dir
escape vectors.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
jason.woltje merged commit 7f6464bbda into main 2026-03-16 02:02:49 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
jason.woltje
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: mosaicstack/stack#177
Delete Branch "feat/p8-016-tool-hardening"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?