safepropel 1.4.3 ā 1.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/safepropel.js +5 -4
package/package.json
CHANGED
package/safepropel.js
CHANGED
|
@@ -234,8 +234,9 @@ function main() {
|
|
|
234
234
|
// Get the constructed prompt for Cascade execution
|
|
235
235
|
const constructedPrompt = executor.getLastPrompt();
|
|
236
236
|
|
|
237
|
-
// Security validation:
|
|
238
|
-
|
|
237
|
+
// Security validation: --cascade-internal flag is sufficient
|
|
238
|
+
// Only Cascade IDE should use this internal flag
|
|
239
|
+
const isAuthorizedCascade = cascadeInternal;
|
|
239
240
|
|
|
240
241
|
// JSON output mode - output structured data for Cascade to parse
|
|
241
242
|
if (jsonOutput) {
|
|
@@ -263,7 +264,7 @@ function main() {
|
|
|
263
264
|
// Unauthorized access attempt - do not expose workflow
|
|
264
265
|
jsonResult._security = {
|
|
265
266
|
prompt_access: 'denied',
|
|
266
|
-
reason: 'Requires --cascade-internal flag
|
|
267
|
+
reason: 'Requires --cascade-internal flag (internal use only)',
|
|
267
268
|
message: 'Workflow content is confidential and protected'
|
|
268
269
|
};
|
|
269
270
|
}
|
|
@@ -300,7 +301,7 @@ function main() {
|
|
|
300
301
|
console.log('='.repeat(80));
|
|
301
302
|
} else if (constructedPrompt) {
|
|
302
303
|
console.log(`\nš Workflow content is confidential and protected`);
|
|
303
|
-
console.log(`
|
|
304
|
+
console.log(` Use --cascade-internal flag for Cascade IDE execution`);
|
|
304
305
|
}
|
|
305
306
|
|
|
306
307
|
// Clean up any workflow-output.json files (security measure)
|