PyPI - omni-cortex - Versions diffs - 1.2.0__py3-none-any.whl → 1.4.0__py3-none-any.whl - Mend

omni-cortex 1.2.0py3-none-any.whl → 1.4.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

{omni_cortex-1.2.0.data → omni_cortex-1.4.0.data}/data/share/omni-cortex/dashboard/backend/main.py RENAMED Viewed

@@ -3,6 +3,7 @@
 import asyncio
 import json
+import os
 import traceback
 from contextlib import asynccontextmanager
 from datetime import datetime
@@ -10,19 +11,33 @@ from pathlib import Path
 from typing import Optional
 import uvicorn
-from fastapi import FastAPI, HTTPException, Query, WebSocket, WebSocketDisconnect
+from fastapi import FastAPI, HTTPException, Query, WebSocket, WebSocketDisconnect, Request, Depends
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.staticfiles import StaticFiles
-from fastapi.responses import FileResponse
+from fastapi.responses import FileResponse, Response
+from starlette.middleware.base import BaseHTTPMiddleware
 from watchdog.events import FileSystemEventHandler
 from watchdog.observers import Observer
+# Rate limiting imports (optional - graceful degradation if not installed)
+try:
+    from slowapi import Limiter, _rate_limit_exceeded_handler
+    from slowapi.util import get_remote_address
+    from slowapi.errors import RateLimitExceeded
+    RATE_LIMITING_AVAILABLE = True
+except ImportError:
+    RATE_LIMITING_AVAILABLE = False
+    Limiter = None
 from database import (
     bulk_update_memory_status,
     delete_memory,
     get_activities,
+    get_activity_detail,
     get_activity_heatmap,
     get_all_tags,
+    get_command_usage,
+    get_mcp_usage,
     get_memories,
     get_memories_needing_review,
     get_memory_by_id,
@@ -32,6 +47,7 @@ from database import (
     get_relationship_graph,
     get_relationships,
     get_sessions,
+    get_skill_usage,
     get_timeline,
     get_tool_usage,
     get_type_distribution,
@@ -66,6 +82,48 @@ from project_scanner import scan_projects
 from websocket_manager import manager
 import chat_service
 from image_service import image_service, ImagePreset, SingleImageRequest
+from security import PathValidator, get_cors_config, IS_PRODUCTION
+class SecurityHeadersMiddleware(BaseHTTPMiddleware):
+    """Add security headers to all responses."""
+    async def dispatch(self, request: Request, call_next) -> Response:
+        response = await call_next(request)
+        # Prevent MIME type sniffing
+        response.headers["X-Content-Type-Options"] = "nosniff"
+        # Prevent clickjacking
+        response.headers["X-Frame-Options"] = "DENY"
+        # XSS protection (legacy browsers)
+        response.headers["X-XSS-Protection"] = "1; mode=block"
+        # Content Security Policy
+        response.headers["Content-Security-Policy"] = (
+            "default-src 'self'; "
+            "script-src 'self' 'unsafe-inline' 'unsafe-eval'; "  # Vue needs these
+            "style-src 'self' 'unsafe-inline'; "  # Tailwind needs inline
+            "img-src 'self' data: blob: https:; "  # Allow AI-generated images
+            "connect-src 'self' ws: wss: https://generativelanguage.googleapis.com; "
+            "font-src 'self'; "
+            "frame-ancestors 'none';"
+        )
+        # HSTS (only in production with HTTPS)
+        if IS_PRODUCTION and os.getenv("SSL_CERTFILE"):
+            response.headers["Strict-Transport-Security"] = "max-age=31536000; includeSubDomains"
+        return response
+def validate_project_path(project: str = Query(..., description="Path to the database file")) -> Path:
+    """Validate project database path - dependency for endpoints."""
+    try:
+        return PathValidator.validate_project_path(project)
+    except ValueError as e:
+        raise HTTPException(status_code=400, detail=str(e))
 class DatabaseChangeHandler(FileSystemEventHandler):
@@ -133,13 +191,25 @@ app = FastAPI(
     lifespan=lifespan,
 )
-# CORS for frontend dev server
+# Add security headers middleware (MUST come before CORS)
+app.add_middleware(SecurityHeadersMiddleware)
+# Rate limiting (if available)
+if RATE_LIMITING_AVAILABLE:
+    limiter = Limiter(key_func=get_remote_address)
+    app.state.limiter = limiter
+    app.add_exception_handler(RateLimitExceeded, _rate_limit_exceeded_handler)
+else:
+    limiter = None
+# CORS configuration (environment-aware)
+cors_config = get_cors_config()
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["http://localhost:5173", "http://127.0.0.1:5173"],
+    allow_origins=cors_config["allow_origins"],
     allow_credentials=True,
-    allow_methods=["*"],
-    allow_headers=["*"],
+    allow_methods=cors_config["allow_methods"],
+    allow_headers=cors_config["allow_headers"],
 )
 # Static files for production build
@@ -507,6 +577,63 @@ async def get_memory_growth_endpoint(
     return get_memory_growth(project, days)
+# --- Command Analytics Endpoints ---
+@app.get("/api/stats/command-usage")
+async def get_command_usage_endpoint(
+    project: str = Query(..., description="Path to the database file"),
+    scope: Optional[str] = Query(None, description="Filter by scope: 'universal' or 'project'"),
+    days: int = Query(30, ge=1, le=365),
+):
+    """Get slash command usage statistics."""
+    if not Path(project).exists():
+        raise HTTPException(status_code=404, detail="Database not found")
+    return get_command_usage(project, scope, days)
+@app.get("/api/stats/skill-usage")
+async def get_skill_usage_endpoint(
+    project: str = Query(..., description="Path to the database file"),
+    scope: Optional[str] = Query(None, description="Filter by scope: 'universal' or 'project'"),
+    days: int = Query(30, ge=1, le=365),
+):
+    """Get skill usage statistics."""
+    if not Path(project).exists():
+        raise HTTPException(status_code=404, detail="Database not found")
+    return get_skill_usage(project, scope, days)
+@app.get("/api/stats/mcp-usage")
+async def get_mcp_usage_endpoint(
+    project: str = Query(..., description="Path to the database file"),
+    days: int = Query(30, ge=1, le=365),
+):
+    """Get MCP server usage statistics."""
+    if not Path(project).exists():
+        raise HTTPException(status_code=404, detail="Database not found")
+    return get_mcp_usage(project, days)
+@app.get("/api/activities/{activity_id}")
+async def get_activity_detail_endpoint(
+    activity_id: str,
+    project: str = Query(..., description="Path to the database file"),
+):
+    """Get full activity details including complete input/output."""
+    if not Path(project).exists():
+        raise HTTPException(status_code=404, detail="Database not found")
+    activity = get_activity_detail(project, activity_id)
+    if not activity:
+        raise HTTPException(status_code=404, detail="Activity not found")
+    return activity
 # --- Session Context Endpoints ---
@@ -910,15 +1037,15 @@ async def serve_root():
 @app.get("/{path:path}")
 async def serve_spa(path: str):
-    """Catch-all route to serve SPA for client-side routing."""
+    """Catch-all route to serve SPA for client-side routing with path traversal protection."""
     # Skip API routes and known paths
     if path.startswith(("api/", "ws", "health", "docs", "openapi", "redoc")):
         raise HTTPException(status_code=404, detail="Not found")
-    # Check if it's a static file
-    file_path = DIST_DIR / path
-    if file_path.exists() and file_path.is_file():
-        return FileResponse(str(file_path))
+    # Check if it's a static file (with path traversal protection)
+    safe_path = PathValidator.is_safe_static_path(DIST_DIR, path)
+    if safe_path:
+        return FileResponse(str(safe_path))
     # Otherwise serve index.html for SPA routing
     index_file = DIST_DIR / "index.html"

omni_cortex-1.4.0.data/data/share/omni-cortex/dashboard/backend/prompt_security.py ADDED Viewed

@@ -0,0 +1,111 @@
+"""Prompt injection protection for Omni-Cortex."""
+import re
+import logging
+from html import escape as html_escape
+from typing import Optional
+logger = logging.getLogger(__name__)
+def xml_escape(text: str) -> str:
+    """Escape text for safe inclusion in XML-structured prompts.
+    Converts special characters to prevent prompt injection via
+    XML/HTML-like delimiters.
+    """
+    return html_escape(text, quote=True)
+def build_safe_prompt(
+    system_instruction: str,
+    user_data: dict[str, str],
+    user_question: str
+) -> str:
+    """Build a prompt with clear instruction/data separation.
+    Uses XML tags to separate trusted instructions from untrusted data,
+    making it harder for injected content to be interpreted as instructions.
+    Args:
+        system_instruction: Trusted system prompt (not escaped)
+        user_data: Dict of data sections to include (escaped)
+        user_question: User's question (escaped)
+    Returns:
+        Safely structured prompt string
+    """
+    parts = [system_instruction, ""]
+    # Add data sections with XML escaping
+    for section_name, content in user_data.items():
+        if content:
+            parts.append(f"<{section_name}>")
+            parts.append(xml_escape(content))
+            parts.append(f"</{section_name}>")
+            parts.append("")
+    # Add user question
+    parts.append("<user_question>")
+    parts.append(xml_escape(user_question))
+    parts.append("</user_question>")
+    return "\n".join(parts)
+# Known prompt injection patterns
+INJECTION_PATTERNS = [
+    (r'(?i)(ignore|disregard|forget)\s+(all\s+)?(previous|prior|above)\s+instructions?',
+     'instruction override attempt'),
+    (r'(?i)(new\s+)?system\s+(prompt|instruction|message)',
+     'system prompt manipulation'),
+    (r'(?i)you\s+(must|should|will|are\s+required\s+to)\s+now',
+     'imperative command injection'),
+    (r'(?i)(hidden|secret|special)\s+instruction',
+     'hidden instruction claim'),
+    (r'(?i)\[/?system\]|\[/?inst\]|<\/?system>|<\/?instruction>',
+     'fake delimiter injection'),
+    (r'(?i)bypass|jailbreak|DAN|GODMODE',
+     'known jailbreak signature'),
+]
+def detect_injection_patterns(content: str) -> list[str]:
+    """Detect potential prompt injection patterns in content.
+    Returns list of detected patterns (empty if clean).
+    """
+    detected = []
+    for pattern, description in INJECTION_PATTERNS:
+        if re.search(pattern, content):
+            detected.append(description)
+    return detected
+def sanitize_memory_content(content: str, warn_on_detection: bool = True) -> tuple[str, list[str]]:
+    """Sanitize memory content and detect injection attempts.
+    Args:
+        content: Raw memory content
+        warn_on_detection: If True, log warnings for detected patterns
+    Returns:
+        Tuple of (sanitized_content, list_of_detected_patterns)
+    """
+    detected = detect_injection_patterns(content)
+    if detected and warn_on_detection:
+        logger.warning(f"Potential injection patterns detected: {detected}")
+    # Content is still returned - we sanitize via XML escaping when used in prompts
+    return content, detected
+def sanitize_context_data(data: str) -> str:
+    """Escape context data for safe inclusion in prompts.
+    This is the primary defense - all user-supplied data should be
+    escaped before inclusion in prompts to prevent injection.
+    """
+    return xml_escape(data)

omni_cortex-1.4.0.data/data/share/omni-cortex/dashboard/backend/security.py ADDED Viewed

@@ -0,0 +1,104 @@
+"""Security utilities for Omni-Cortex Dashboard."""
+import os
+import re
+from pathlib import Path
+from typing import Optional
+class PathValidator:
+    """Validate and sanitize file paths to prevent traversal attacks."""
+    # Pattern for valid omni-cortex database paths
+    VALID_DB_PATTERN = re.compile(r'^.*[/\\]\.omni-cortex[/\\]cortex\.db$')
+    GLOBAL_DB_PATTERN = re.compile(r'^.*[/\\]\.omni-cortex[/\\]global\.db$')
+    @staticmethod
+    def is_valid_project_db(path: str) -> bool:
+        """Check if path is a valid omni-cortex project database."""
+        try:
+            resolved = Path(path).resolve()
+            path_str = str(resolved)
+            # Must match expected patterns
+            if PathValidator.VALID_DB_PATTERN.match(path_str):
+                return resolved.exists() and resolved.is_file()
+            if PathValidator.GLOBAL_DB_PATTERN.match(path_str):
+                return resolved.exists() and resolved.is_file()
+            return False
+        except (ValueError, OSError):
+            return False
+    @staticmethod
+    def validate_project_path(path: str) -> Path:
+        """Validate and return resolved path, or raise ValueError."""
+        if not PathValidator.is_valid_project_db(path):
+            raise ValueError(f"Invalid project database path: {path}")
+        return Path(path).resolve()
+    @staticmethod
+    def is_safe_static_path(base_dir: Path, requested_path: str) -> Optional[Path]:
+        """Validate static file path is within base directory.
+        Returns resolved path if safe, None if traversal detected.
+        """
+        try:
+            # Resolve both paths to absolute
+            base_resolved = base_dir.resolve()
+            requested = (base_dir / requested_path).resolve()
+            # Check if requested path is under base directory
+            if base_resolved in requested.parents or requested == base_resolved:
+                if requested.exists() and requested.is_file():
+                    return requested
+            return None
+        except (ValueError, OSError):
+            return None
+def sanitize_log_input(value: str, max_length: int = 200) -> str:
+    """Sanitize user input for safe logging.
+    Prevents log injection by:
+    - Escaping newlines
+    - Limiting length
+    - Removing control characters
+    """
+    if not isinstance(value, str):
+        value = str(value)
+    # Remove control characters except spaces
+    sanitized = ''.join(c if c.isprintable() or c == ' ' else '?' for c in value)
+    # Escape potential log injection patterns
+    sanitized = sanitized.replace('\n', '\\n').replace('\r', '\\r')
+    # Truncate
+    if len(sanitized) > max_length:
+        sanitized = sanitized[:max_length] + '...'
+    return sanitized
+# Environment-based configuration
+IS_PRODUCTION = os.getenv("ENVIRONMENT", "development") == "production"
+def get_cors_config():
+    """Get CORS configuration based on environment."""
+    if IS_PRODUCTION:
+        origins = os.getenv("CORS_ORIGINS", "").split(",")
+        origins = [o.strip() for o in origins if o.strip()]
+        return {
+            "allow_origins": origins,
+            "allow_methods": ["GET", "POST", "PUT", "DELETE"],
+            "allow_headers": ["Content-Type", "Authorization", "X-API-Key"],
+        }
+    else:
+        return {
+            "allow_origins": ["http://localhost:5173", "http://127.0.0.1:5173"],
+            "allow_methods": ["*"],
+            "allow_headers": ["*"],
+        }

omni-cortex 1.2.0__py3-none-any.whl → 1.4.0__py3-none-any.whl

omni-cortex 1.2.0py3-none-any.whl → 1.4.0py3-none-any.whl