Hua/nanobot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
219 Commits 1 Branch 0 Tags
994f5601e96e97238c649734d65cbb0785ba2862
Commit Graph

33 Commits

Author SHA1 Message Date
Re-bin
2931694eb8 fix: preserve reasoning_content in conversation history for thinking models 2026-02-08 18:37:41 +00:00
Re-bin
f7f812a177 feat: add /reset and /help commands for Telegram bot 2026-02-08 05:06:41 +00:00
Re-bin
572eab8237 feat: add AiHubMix provider support and refactor provider matching 2026-02-07 08:10:05 +00:00
Re-bin
943579b96a refactor(security): lift restrictToWorkspace to tools level 2026-02-06 09:28:08 +00:00
Re-bin
c5191eed1a refactor: unify workspace restriction for file tools, remove redundant checks, fix SECURITY.md 2026-02-06 09:16:20 +00:00
Re-bin
96e6f31387 resolve merge conflict in README 2026-02-06 08:45:38 +00:00
Re-bin
764c6d02a1 refactor: simplify runtime environment info in system prompt 2026-02-06 03:26:39 +00:00
Re-bin
980c5992f4 Merge branch 'main' into pr-107 2026-02-06 03:21:44 +00:00
Dontrail Cotlage
6df2905c04 Merge branch 'main' into main 2026-02-05 18:35:19 -05:00
Re-bin
b1d6670ce0 feat: add cron tool for scheduling reminders and tasks 2026-02-05 15:09:51 +00:00
Devin
d5ee8f3e55 Update context.py 
Add doc string.
 2026-02-05 10:45:36 +08:00
Dontrail Cotlage
bd4c2ca604 Merge branch 'main' into main 2026-02-04 09:59:33 -05:00
Shukfan Law
22156d3a40 feat: added runtime environment summary to system prompt 2026-02-04 22:17:35 +08:00
Re-bin
9a0f8fcc73 refactor: simplify parameter validation logic 2026-02-04 03:50:39 +00:00
Re-bin
a20d887f9e feat: add parameter validation and safety guard for exec tool 2026-02-04 03:45:26 +00:00
Re-bin
e508f73f54 Merge branch 'main' into pr-30 2026-02-04 03:24:31 +00:00
Dontrail Cotlage
fcb2a6588a Merge branch 'main' into main 2026-02-03 21:26:41 -05:00
copilot-swe-agent[bot]
56d301de3e Address code review feedback: improve function naming and consolidate patterns 
Co-authored-by: kingassune <6126851+kingassune@users.noreply.github.com>
 2026-02-03 22:12:01 +00:00
copilot-swe-agent[bot]
cbb99c64e5 Add comprehensive security documentation and improve command filtering 
Co-authored-by: kingassune <6126851+kingassune@users.noreply.github.com>
 2026-02-03 22:10:43 +00:00
copilot-swe-agent[bot]
8b4e0a8868 Security audit: Fix critical dependency vulnerabilities and add security controls 
Co-authored-by: kingassune <6126851+kingassune@users.noreply.github.com>
 2026-02-03 22:08:33 +00:00
Re-bin
1a784fca1e refactor: simplify _validate_url function 2026-02-03 17:13:30 +00:00
Re-bin
1660d7b261 Merge branch 'main' into pr-22 2026-02-03 17:09:37 +00:00
Kiplangatkorir
00841309c1 Harden exec tool with safety guard 2026-02-02 21:14:29 +03:00
Kiplangat Korir
9b09cb5c63 Update nanobot/agent/tools/base.py 
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
 2026-02-02 20:52:30 +03:00
Kiplangatkorir
7ef18c4e8a Validate tool params and add tests 2026-02-02 20:39:08 +03:00
Re-bin
ac390253c3 simplify vision support code 2026-02-02 13:29:38 +00:00
Re-bin
7f2c335a76 Merge branch 'main' into pr-12 2026-02-02 13:26:04 +00:00
Cheng Wang
ea849650ef feat: improve web_fetch URL validation and security 
Add URL validation and redirect limits to web_fetch tool to prevent potential security issues:

- Add _validate_url() function to validate URLs before fetching
  - Only allow http:// and https:// schemes (prevent file://, ftp://, etc.)
  - Verify URL has valid scheme and domain
  - Return descriptive error messages for invalid URLs

- Limit HTTP redirects to 5 (down from default 20) to prevent DoS attacks
  - Add MAX_REDIRECTS constant for easy configuration
  - Explicitly configure httpx.AsyncClient with max_redirects parameter

- Improve error handling with JSON error responses for validation failures

This addresses security concerns identified in code review where web_fetch
had no URL validation or redirect limits, potentially allowing:
- Unsafe URL schemes (file://, etc.)
- Redirect-based DoS attacks
- Invalid URL formats causing unclear errors
 2026-02-02 19:34:22 +08:00
Manus
f61e7a5968 feat: improve tool execution logging (fix #10) 2026-02-02 04:24:14 -05:00
Yitong Li
f4b081b83f feat: add vision support for image recognition in Telegram 2026-02-02 15:32:12 +08:00
Re-bin
ac527d40d7 fix: unify skill metadata format 2026-02-01 18:45:42 +00:00
Re-bin
051a97fa4e feat: add sub-agent system 2026-02-01 16:28:45 +00:00
Re-bin
d4cc48afd5 🐈nanobot: hello world! 2026-02-01 07:36:42 +00:00