RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/browse
History
Garry Tan 50d7b5fa1c
fix: content trust boundary markers in browse output 
Wrap page-content commands (text, html, links, forms, accessibility,
console, dialog, snapshot) with --- BEGIN/END UNTRUSTED EXTERNAL CONTENT ---
markers. Covers direct commands (server.ts), chain sub-commands, and
snapshot output (meta-commands.ts).

Adds PAGE_CONTENT_COMMANDS set and wrapUntrustedContent() helper in
commands.ts (single source of truth, DRY). Expands the SKILL.md trust
warning with explicit processing rules for agents.

Clears Snyk W011 (third-party content exposure).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 		2026-03-28 23:37:58 -07:00
..
bin feat: multi-agent support — gstack works on Codex, Gemini CLI, and Cursor (v0.9.0) (#226) 2026-03-19 18:20:50 -07:00
scripts fix: Windows support — Node.js server fallback for Playwright (#255) 2026-03-20 12:22:11 -07:00
src fix: content trust boundary markers in browse output 2026-03-28 23:37:58 -07:00
test fix: content trust boundary markers in browse output 2026-03-28 23:37:58 -07:00
SKILL.md fix: content trust boundary markers in browse output 2026-03-28 23:37:58 -07:00
SKILL.md.tmpl feat: worktree isolation for E2E tests + infrastructure elegance (v0.11.12.0) (#425) 2026-03-23 23:05:22 -07:00