AstrBot/astrbot/core at 4b1bda5f2ea25e2c72980d16a01c0c0cf726a799 - AstrBot - Gitea: Git with a cup of tea

laoxong/AstrBot

Files

T

History

camera-2018 87cbcc9875 fix(neo): sanitize skill name in frontmatter to prevent injection

Sanitize the `name` field in `SKILL.md` frontmatter to remove newlines and control characters. This prevents potential frontmatter injection vulnerabilities where a malicious skill name could introduce arbitrary YAML fields or corrupt the file structure.

- Modified `_ensure_skill_frontmatter` in `astrbot/core/skills/neo_skill_sync.py` to normalize whitespace in `name`.
- Ensured `name` is cast to string before splitting to handle non-string inputs safely.

2026-02-26 08:03:44 +00:00

..

fix: ensure tool call/response pairing in context truncation (#5417 )

2026-02-25 15:21:30 +08:00

fix: 修复备份时缺失的人格文件夹映射 (#5042 )

2026-02-12 16:40:45 +08:00

style: format code

2026-02-26 15:27:37 +08:00

Merge remote-tracking branch 'origin/master' into feat/neo-skill-self-iteration

2026-02-26 10:04:48 +08:00

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

fix: 修复Pyright静态类型检查报错 (#5437 )

2026-02-25 19:49:16 +08:00

perf: batch metadata query in KB retrieval to fix N+1 problem (#5463 )

2026-02-26 09:59:37 +08:00

fix(core): 优化 File 组件处理逻辑并增强 OneBot 驱动层路径兼容性 (#5391 )

2026-02-24 21:03:06 +08:00

fix: resolve pipeline and star import cycles (#5353 )

2026-02-24 13:53:29 +08:00

fix(telegram): avoid duplicate message_thread_id in streaming (#5430 )

2026-02-25 19:53:17 +08:00

fix: cannot automatically get embedding dim when create embedding provider (#5442 )

2026-02-25 19:48:03 +08:00

fix(neo): sanitize skill name in frontmatter to prevent injection

2026-02-26 08:03:44 +00:00

fix: 修复Pyright静态类型检查报错 (#5437 )

2026-02-25 19:49:16 +08:00

perf(cron): enhance future task session isolation

2026-02-25 16:32:09 +08:00

fix: 修复Pyright静态类型检查报错 (#5437 )

2026-02-25 19:49:16 +08:00

__init__.py

feat: trace and log file config (#4747 )

2026-01-31 00:05:54 +08:00

astr_agent_context.py

fix: type checking of AstrAgentContext

2025-12-16 10:09:57 +08:00

astr_agent_hooks.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

astr_agent_run_util.py

feat: add support for showing tool call results in agent execution (#5388 )

2026-02-24 00:46:45 +08:00

astr_agent_tool_exec.py

feat: enable computer-use tools for subagent handoff (#5399 )

2026-02-24 16:32:12 +08:00

astr_main_agent_resources.py

Merge branch 'master' into feat/neo-skill-self-iteration

2026-02-17 16:23:14 +08:00

astr_main_agent.py

fix(agent): enforce relative paths for neo sandbox tools

2026-02-26 10:33:22 +08:00

astrbot_config_mgr.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

conversation_mgr.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

core_lifecycle.py

feat: temporary file handling and introduce TempDirCleaner (#5026 )

2026-02-12 01:04:48 +08:00

event_bus.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

exceptions.py

refactor: decople the agent impl part and introduce some helper context method to call llm

2025-11-14 19:17:24 +08:00

file_token_service.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

initial_loader.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

log.py

fix: update retention logic in LogManager to handle backup count correctly

2026-02-15 23:42:12 +08:00

persona_mgr.py

fix(persona): enhance persona resolution logic for conversations and sessions

2026-02-25 15:14:46 +08:00

platform_message_history_mgr.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

subagent_orchestrator.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

umop_config_router.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00

updator.py

fix: prevent updates for AstrBot launched via launcher

2026-02-17 09:33:45 +08:00

zip_updator.py

chore: auto ann fix by ruff (#4903 )

2026-02-09 00:22:24 +08:00