MrSphay/odysseus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SSRF-guarded web fetch agent tool

Browse Source 
* feat(web-fetch): add web_fetch tool to read a specific URL's content

* test(web-fetch): add SSRF coverage and fail closed on empty DNS resolution

Add explicit SSRF regression tests for the web_fetch path covering
loopback, private LAN ranges, link-local/metadata, IPv6 private/local,
redirect-into-private, and unsupported schemes. Harden _public_http_url
to fail closed when a hostname resolves to no addresses.
This commit is contained in:
Rifqi Akram
2026-06-01 14:57:28 +07:00
committed by GitHub
parent 92c2392fd6
commit 5b1e56407b
11 changed files with 192 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/task_scheduler.py
View File

@@ -2059,7 +2059,7 @@ class TaskScheduler:
"manage_calendar", "manage_notes", "manage_tasks", "manage_memory",
"list_email_accounts", "list_emails", "read_email", "send_email", "reply_to_email", "archive_email",
"mark_email_read", "delete_email", "resolve_contact",
"search_chats", "web_search", "read_file",
"search_chats", "web_search", "web_fetch", "read_file",
"create_document", "update_document", "edit_document",
"generate_image", "trigger_research",
"download_model", "serve_model", "list_served_models", "stop_served_model",