Skip to content

🐛 sec: Sanitize error leakage and input reflection in kc-agent#13425

Merged
kubestellar-hive[bot] merged 1 commit into
mainfrom
fix/13419
May 13, 2026
Merged

🐛 sec: Sanitize error leakage and input reflection in kc-agent#13425
kubestellar-hive[bot] merged 1 commit into
mainfrom
fix/13419

Conversation

@kubestellar-hive
Copy link
Copy Markdown
Contributor

@kubestellar-hive kubestellar-hive Bot commented May 13, 2026

Fixes #13419

Sanitizes ~24 instances of error leakage and input reflection across 7 kc-agent files:

Error leakage fixed:

  • server_exec.go: K8s client/config errors
  • prometheus.go: K8s config + HTTP transport errors
  • server_ai_mixed.go: AI provider errors
  • provider_antigravity.go: CLI path/exec errors
  • update_checker.go: git/npm/build errors

Input reflection fixed:

  • server_ai_chat.go: agent name reflection
  • server_ai_mixed.go: thinking/execution agent names
  • server_exec.go: cluster name reflection
  • prometheus.go: validation error details

All instances now return generic error messages to clients while preserving detailed slog logging server-side.
Copilot AI review requested due to automatic review settings May 13, 2026 05:02
@kubestellar-prow kubestellar-prow Bot added the dco-signoff: yes Indicates the PR's author has signed the DCO. label May 13, 2026
Copilot AI reviewed May 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.
@kubestellar-prow
Copy link
Copy Markdown
Contributor

kubestellar-prow Bot commented May 13, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign mikespreitzer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@netlify
Copy link
Copy Markdown

netlify Bot commented May 13, 2026
edited
Loading

Deploy Preview for kubestellarconsole canceled.

Name Link
🔨 Latest commit 88dccd5
🔍 Latest deploy log https://app.netlify.com/projects/kubestellarconsole/deploys/6a040837b3f259000940513c
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026

👋 Hey @kubestellar-hive[bot] — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

This is an automated message.
@github-actions github-actions Bot added copilot tier/2-standard ai-generated Pull request generated by AI labels May 13, 2026
@kubestellar-prow kubestellar-prow Bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label May 13, 2026
🐛 Sanitize error leakage and input reflection in kc-agent handlers
88dccd5 
Replace raw err.Error() in client-facing responses with generic messages.
Remove user-supplied input reflection from error responses.
Preserve detailed server-side slog logging for debugging.

Fixes server_exec.go, prometheus.go, server_ai_mixed.go,
server_ai_chat.go, provider_antigravity.go, and update_checker.go.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Signed-off-by: Copilot <223556219+Copilot@users.noreply.github.com>
@kubestellar-hive kubestellar-hive Bot mentioned this pull request May 13, 2026
Merged
@kubestellar-hive kubestellar-hive Bot merged commit 207265f into main May 13, 2026
30 of 31 checks passed
@kubestellar-hive kubestellar-hive Bot deleted the fix/13419 branch May 13, 2026 05:34
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026

Thank you for your contribution! Your PR has been merged.

Check out what's new:

Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026

❌ Post-Merge Verification: failed

Commit: 207265fa16c55f45692fc2f4d029ef824ef0ecc8
Specs run: smoke.spec.ts
Report: https://github.com/kubestellar/console/actions/runs/25780493792
@github-actions github-actions Bot mentioned this pull request May 13, 2026
Closed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026

Post-merge build verification passed

Both Go and frontend builds compiled successfully against merge commit 207265fa16c55f45692fc2f4d029ef824ef0ecc8.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ai-generated Pull request generated by AI copilot dco-signoff: yes Indicates the PR's author has signed the DCO. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. tier/2-standard

2 participants