RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/browse/src
History
Garry Tan e6a27993fe
feat(browser-skills): \$B skill list/show/run/test/rm subcommands 
handleSkillCommand dispatches to per-subcommand handlers; spawnSkill is
the load-bearing function that:

  1. Mints a per-spawn scoped token (read+write only) bound to the
     skill name + spawn-id.
  2. Builds the spawn env:
     - trusted: passes process.env minus GSTACK_TOKEN (defense in depth).
     - untrusted: minimal allowlist (LANG, LC_ALL, TERM, TZ) + locked
       PATH; explicitly drops anything matching TOKEN/KEY/SECRET/etc.
       Also drops AWS_/AZURE_/GCP_/GOOGLE_APPLICATION_/ANTHROPIC_/OPENAI_/
       GITHUB_/GH_/SSH_/GPG_/NPM_TOKEN/PYPI_ patterns.
   3. Always injects GSTACK_PORT + GSTACK_SKILL_TOKEN last (cannot be
     overridden by parent env).
  4. Spawns bun run script.ts -- <args> with cwd=skillDir, captures
     stdout (1MB cap), stderr, and timeout-kills past the deadline.
  5. Revokes the token in finally{}, always.

list output prints the resolved tier inline so "why did it run that
one?" never becomes a debugging mystery (Codex finding #4 mitigation).

server.ts threads the listen port to meta-commands via MetaCommandOpts.daemonPort.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 		2026-04-26 05:03:17 -07:00
..
activity.ts feat: content security — 4-layer prompt injection defense for pair-agent (#815) 2026-04-06 14:41:06 -07:00
audit.ts feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062) 2026-04-18 23:25:33 +08:00
browse-client.ts feat(browse-client): SDK for browser-skill scripts 2026-04-26 04:52:16 -07:00
browser-manager.ts feat(browse): $B cdp escape hatch — deny-default allowlist + two-tier mutex 2026-04-25 13:06:55 -07:00
browser-skill-commands.ts feat(browser-skills): \$B skill list/show/run/test/rm subcommands 2026-04-26 05:03:17 -07:00
browser-skills.ts feat(browser-skills): 3-tier storage helpers 2026-04-26 04:55:38 -07:00
buffers.ts feat: Phase 3.5 — cookie import, QA testing, team retro (v0.3.1) (#29) 2026-03-13 00:31:41 -07:00
bun-polyfill.cjs fix: Windows support — Node.js server fallback for Playwright (#255) 2026-03-20 12:22:11 -07:00
cdp-allowlist.ts test(browse): CDP allowlist + two-tier mutex 2026-04-25 13:08:17 -07:00
cdp-bridge.ts feat(browse): sidebar prompt-context injection + CDP telemetry 2026-04-25 13:12:17 -07:00
cdp-commands.ts feat(browse): $B cdp escape hatch — deny-default allowlist + two-tier mutex 2026-04-25 13:06:55 -07:00
cdp-inspector.ts refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941) 2026-04-10 17:13:15 -10:00
cli.ts feat(v1.4.0.0): /make-pdf — markdown to publication-quality PDFs (#1086) 2026-04-20 13:20:30 +08:00
commands.ts feat(browser-skills): \$B skill list/show/run/test/rm subcommands 2026-04-26 05:03:17 -07:00
config.ts fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988) 2026-04-13 07:49:37 -10:00
content-security.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
cookie-import-browser.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
cookie-picker-routes.ts community wave: 6 PRs + hardening (v0.18.1.0) (#1028) 2026-04-17 00:45:13 -07:00
cookie-picker-ui.ts fix: cookie picker auth token leak (v0.15.17.0) (#904) 2026-04-08 10:10:13 -07:00
domain-skill-commands.ts feat(browse): telemetry signals + project-slug helper 2026-04-25 13:12:16 -07:00
domain-skills.ts fix(browse): lazy GSTACK_HOME resolution in domain-skills 2026-04-25 13:30:48 -07:00
error-handling.ts refactor: AI slop reduction with cross-model quality review (v0.16.3.0) (#941) 2026-04-10 17:13:15 -10:00
find-browse.ts feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
media-extract.ts feat: browser data platform for AI agents (v0.16.0.0) (#907) 2026-04-08 00:41:55 -07:00
meta-commands.ts feat(browser-skills): \$B skill list/show/run/test/rm subcommands 2026-04-26 05:03:17 -07:00
network-capture.ts feat: browser data platform for AI agents (v0.16.0.0) (#907) 2026-04-08 00:41:55 -07:00
path-security.ts fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988) 2026-04-13 07:49:37 -10:00
platform.ts fix: Windows support — Node.js server fallback for Playwright (#255) 2026-03-20 12:22:11 -07:00
project-slug.ts feat(browse): telemetry signals + project-slug helper 2026-04-25 13:12:16 -07:00
read-commands.ts fix: security wave 3 — 12 fixes, 7 contributors (v0.16.4.0) (#988) 2026-04-13 07:49:37 -10:00
security-bunnative.ts feat(security): ML prompt injection defense for sidebar (v1.4.0.0) (#1089) 2026-04-20 22:18:37 +08:00
security-classifier.ts v1.6.4.0: cut Haiku classifier FP from 44% to 23%, gate now enforced (#1135) 2026-04-23 10:23:40 -07:00
security.ts v1.6.4.0: cut Haiku classifier FP from 44% to 23%, gate now enforced (#1135) 2026-04-23 10:23:40 -07:00
server.ts feat(browser-skills): \$B skill list/show/run/test/rm subcommands 2026-04-26 05:03:17 -07:00
sidebar-agent.ts feat(security): ML prompt injection defense for sidebar (v1.4.0.0) (#1089) 2026-04-20 22:18:37 +08:00
sidebar-utils.ts fix: sidebar agent uses real tab URL instead of stale Playwright URL (v0.12.6.0) (#544) 2026-03-26 22:07:03 -06:00
skill-token.ts feat(skill-token): mint scoped tokens per skill spawn 2026-04-26 04:49:34 -07:00
snapshot.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
sse-session-cookie.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
tab-session.ts feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062) 2026-04-18 23:25:33 +08:00
telemetry.ts feat(browse): telemetry signals + project-slug helper 2026-04-25 13:12:16 -07:00
token-registry.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
tunnel-denial-log.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00
url-validation.ts feat(browse): Puppeteer parity — load-html, screenshot --selector, viewport --scale, file:// (v1.1.0.0) (#1062) 2026-04-18 23:25:33 +08:00
welcome.html feat: GStack Browser — double-click AI browser with anti-bot stealth (#695) 2026-04-04 10:17:05 -07:00
write-commands.ts security: tunnel dual-listener + SSRF + envelope + path wave (v1.6.0.0) (#1137) 2026-04-21 21:58:27 -07:00