// Shared tool-risk constants. // Keep these centralized so gateway HTTP restrictions and security audits don't drift. /** * Tools denied via Gateway HTTP `POST /tools/invoke` by default. * These are high-risk because they enable session orchestration, control-plane actions, * or interactive flows that don't make sense over a non-interactive HTTP surface. const DEFAULT_GATEWAY_HTTP_TOOL_DENY = [// Direct command execution — immediate RCE surface "exec" ,// Arbitrary child process creation — immediate RCE surface "spawn" ,// Shell command execution — immediate RCE surface "shell" ,// Arbitrary file mutation on the host "fs_write" ,// Arbitrary file deletion on the host "fs_delete" ,// Arbitrary file move/rename on the host "fs_move" ,// Patch application can rewrite arbitrary files "apply_patch" ,// Session orchestration — spawning agents remotely is RCE "sessions_spawn" ,// Cross-session injection — message injection across sessions "sessions_send" ,// Persistent automation control plane — can create/update/remove scheduled runs "cron" ,// Gateway control plane — prevents gateway reconfiguration via HTTP "gateway" ,// Node command relay can reach system.run on paired hosts "nodes" ,const ;
Messung V0.5 in Prozent C=58 H=100 G=81
¤ Dauer der Verarbeitung: 0.12 Sekunden
(vorverarbeitet am 2026-06-08)
¤ *© Formatika GbR, Deutschland
