orcs-oss/orcs-code
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hardening: isolate third-party paths and clean external-build metadata (#311)

Browse Source 
* hardening: isolate third-party paths and clean external-build metadata

* fix: restore external feedback flow and make privacy check portable
This commit is contained in:
KRATOS
2026-04-04 11:52:33 +05:30
committed by GitHub
parent cdbe016e6f
commit 27e6505bfd
18 changed files with 367 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/tools/WebFetchTool/utils.ts
View File

@@ -8,6 +8,7 @@ import { queryHaiku } from '../../services/api/claude.js'
import { AbortError } from '../../utils/errors.js'
import { getWebFetchUserAgent } from '../../utils/http.js'
import { logError } from '../../utils/log.js'
import { getAPIProvider } from '../../utils/model/providers.js'
import {
isBinaryContentType,
persistBinaryContent,
@@ -176,6 +177,11 @@ type DomainCheckResult =
export async function checkDomainBlocklist(
domain: string,
): Promise<DomainCheckResult> {
// Third-party providers should not consult Anthropic's domain policy.
if (getAPIProvider() !== 'firstParty') {
return { status: 'allowed' }
}
if (DOMAIN_CHECK_CACHE.has(domain)) {
return { status: 'allowed' }
}