npm - oathbound - Versions diffs - 0.13.0 → 0.13.1 - Mend

oathbound 0.13.0 → 0.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/cli.ts +30 -9
package/package.json +2 -2

package/cli.ts CHANGED Viewed

@@ -29,7 +29,7 @@ export { stripJsoncComments, writeOathboundConfig, mergeClaudeSettings, type Mer
 export { isNewer } from './update';
 export { installDevDependency, type InstallResult, setup, addPrepareScript, type PrepareResult, addTrustedDependency, type TrustedDepResult };
-const VERSION = '0.13.0';
+const VERSION = '0.13.1';
 // --- Supabase ---
 const SUPABASE_URL = 'https://mjnfqagwuewhgwbtrdgs.supabase.co';
@@ -426,23 +426,44 @@ async function agentPull(agentArg: string): Promise<void> {
     fail('Verification failed', `Downloaded file does not match expected hash for ${fullName}`);
   }
-  // Warn about hooks/mcpServers if present
+  // Validate name has no path traversal characters
+  if (name.includes('/') || name.includes('\\') || name.includes('..')) {
+    fail('Invalid agent name', `Name "${name}" contains path traversal characters`);
+  }
+  // Ensure .claude/agents/ directory exists
+  const agentsDir = join(process.cwd(), '.claude', 'agents');
+  mkdirSync(agentsDir, { recursive: true });
+  // Validate resolved path stays within agentsDir
+  const targetPath = join(agentsDir, `${name}.md`);
+  if (!targetPath.startsWith(agentsDir)) {
+    fail('Invalid agent name', `Resolved path escapes agents directory`);
+  }
+  // Warn and confirm if hooks/mcpServers are present
   const config = agent.config;
+  let hasDangerous = false;
   if (config?.hooks) {
-    console.log(`\n${YELLOW}${BOLD} ⚠ This agent defines hooks:${RESET}`);
+    console.log(`\n${YELLOW}${BOLD} ⚠ This agent defines hooks (arbitrary command execution):${RESET}`);
     console.log(`${DIM}${JSON.stringify(config.hooks, null, 2)}${RESET}\n`);
+    hasDangerous = true;
   }
   if (config?.mcpServers) {
-    console.log(`\n${YELLOW}${BOLD} ⚠ This agent defines MCP servers:${RESET}`);
+    console.log(`\n${YELLOW}${BOLD} ⚠ This agent defines MCP servers (external connections):${RESET}`);
     console.log(`${DIM}${JSON.stringify(config.mcpServers, null, 2)}${RESET}\n`);
+    hasDangerous = true;
+  }
+  if (hasDangerous) {
+    const answer = await confirm({
+      message: 'This agent contains security-sensitive configuration. Install anyway?',
+    });
+    if (isCancel(answer) || !answer) {
+      fail('Aborted', 'Agent not installed');
+    }
   }
-  // Ensure .claude/agents/ directory exists
-  const agentsDir = join(process.cwd(), '.claude', 'agents');
-  mkdirSync(agentsDir, { recursive: true });
   // Write agent file
-  const targetPath = join(agentsDir, `${name}.md`);
   writeFileSync(targetPath, content);
   console.log(`${BOLD}${GREEN} ✓ Agent verified${RESET}`);

package/package.json CHANGED Viewed

@@ -1,8 +1,8 @@
 {
   "name": "oathbound",
-  "version": "0.13.0",
+  "version": "0.13.1",
   "description": "Install verified Claude Code skills and agents from the Oath Bound registry",
-  "license": "BUSL-1.1",
+  "license": "MIT",
   "author": "Josh Anderson",
   "homepage": "https://oathbound.ai",
   "repository": {