RomanNum3ral
/
gstack
mirror of https://github.com/garrytan/gstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gstack/extension
History
Garry Tan 929190c588
fix: innerHTML XSS in extension content script and sidepanel (MEDIUM-01) 
- content.js: replace innerHTML with createElement/textContent for ref panel
- sidepanel.js: escape entry.command with escapeHtml() in activity feed
- Both found by security audit + Codex adversarial red team
 		2026-03-27 22:13:59 -07:00
..
icons feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
background.js fix: remove auth token from /health, secure extension bootstrap (CRITICAL-02 + HIGH-03) 2026-03-27 22:13:45 -07:00
content.css feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
content.js fix: innerHTML XSS in extension content script and sidepanel (MEDIUM-01) 2026-03-27 22:13:59 -07:00
manifest.json feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
popup.html feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
popup.js feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
sidepanel.css feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
sidepanel.html feat: headed mode + sidebar agent + Chrome extension (v0.12.0) (#517) 2026-03-26 11:15:24 -06:00
sidepanel.js fix: remove auth token from /health, secure extension bootstrap (CRITICAL-02 + HIGH-03) 2026-03-27 22:13:45 -07:00