Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SECURITY: change execute_entrypoint conditions #145

Merged
merged 1 commit into from
Jun 18, 2023

Conversation

NoCLin
Copy link
Contributor

@NoCLin NoCLin commented Jun 18, 2023

The current version would execute the commands even if user typed no.

This pull request enhances code execution security by requiring users to explicitly type "yes" in order to execute commands from the AI response.

@NoCLin
Copy link
Contributor Author

NoCLin commented Jun 18, 2023

@AntonOsika I highly recommend that you consider accepting this PR.

I accidentally executed the code even if I answered "no", although that particular code segment seemed harmless.

@FOLLGAD FOLLGAD merged commit 6ef9110 into AntonOsika:main Jun 18, 2023
@FOLLGAD
Copy link
Contributor

FOLLGAD commented Jun 18, 2023

Great find, thank you!

@NoCLin
Copy link
Contributor Author

NoCLin commented Jun 18, 2023

Your response is incredibly prompt, thank you! @FOLLGAD

@NoCLin NoCLin deleted the fix-execute branch June 18, 2023 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants