fix(security): Harden Lisp reader against macro injection in reason loop
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 22s
Some checks failed
Deploy-Agent-V15-Stdin / JOB-V15-STDIN (push) Failing after 22s
This commit is contained in:
@@ -69,8 +69,9 @@ The `think` function represents the "intuitive" side of the agent. It identifies
|
||||
;; Ensure we are working with a string for read-from-string
|
||||
(cleaned (if (stringp thought) (string-trim '(#\Space #\Newline #\Tab) thought) thought)))
|
||||
(if (stringp cleaned)
|
||||
(handler-case (read-from-string cleaned)
|
||||
(error (c) (list :type :EVENT :payload (list :sensor :syntax-error :code cleaned :error (format nil "~a" c)))))
|
||||
(let ((*read-eval* nil))
|
||||
(handler-case (read-from-string cleaned)
|
||||
(error (c) (list :type :EVENT :payload (list :sensor :syntax-error :code cleaned :error (format nil "~a" c))))))
|
||||
cleaned))
|
||||
(list :type :LOG :payload (list :text (format nil "Skill '~a' triggered (Deterministic only)" (skill-name active-skill))))))
|
||||
nil)))
|
||||
|
||||
@@ -44,8 +44,9 @@
|
||||
;; Ensure we are working with a string for read-from-string
|
||||
(cleaned (if (stringp thought) (string-trim '(#\Space #\Newline #\Tab) thought) thought)))
|
||||
(if (stringp cleaned)
|
||||
(handler-case (read-from-string cleaned)
|
||||
(error (c) (list :type :EVENT :payload (list :sensor :syntax-error :code cleaned :error (format nil "~a" c)))))
|
||||
(let ((*read-eval* nil))
|
||||
(handler-case (read-from-string cleaned)
|
||||
(error (c) (list :type :EVENT :payload (list :sensor :syntax-error :code cleaned :error (format nil "~a" c))))))
|
||||
cleaned))
|
||||
(list :type :LOG :payload (list :text (format nil "Skill '~a' triggered (Deterministic only)" (skill-name active-skill))))))
|
||||
nil)))
|
||||
|
||||
Reference in New Issue
Block a user