Pull Requests by yubrew

20 total
← Show all PRs
# Title Author Cluster Created
12802 fix(gateway): default unscoped operator connections to read-only yubrew Device Pairing and Gat... 2026-02-09
8846 fix(tools): block LLM writes to hooks directories yubrew Security Enhancements ... 2026-02-04
8818 fix(browser): block unsafe code patterns in browser evaluate yubrew SSRF Protection Enhanc... 2026-02-04
8767 fix(signal): validate cliPath before spawning signal-cli daemon yubrew Cross-Platform Fixes 2026-02-04
8600 fix(update): add --ignore-scripts to prevent supply chain attacks yubrew Plugin Management Enha... 2026-02-04
8339 fix(tts): validate ElevenLabs base URL against allowlist yubrew Voice Call and TTS Imp... 2026-02-03
8305 fix(browser): add SSRF protection to browser navigation yubrew SSRF Protection Enhanc... 2026-02-03
8228 fix(link-understanding): block private IPs and internal hostnames in URL extr... yubrew SSRF Protection Enhanc... 2026-02-03
8186 fix(sandbox): validate setupCommand to prevent shell injection yubrew Environment Variable S... 2026-02-03
8161 fix(sandbox): block dangerous environment variables from Docker containers yubrew Environment Variable S... 2026-02-03
8150 fix(skills): block dangerous environment variables from skill config yubrew Environment Variable S... 2026-02-03
8139 fix(config): block dangerous environment variables from config.env yubrew Environment Variable S... 2026-02-03
8129 fix(auth): validate OAuth redirect URI to prevent open redirects yubrew Authentication and Rat... 2026-02-03
8124 fix(browser): add path validation for file upload and download yubrew Browser Security Enhan... 2026-02-03
8121 fix(gateway): remove query parameter token support for hooks yubrew Security Enhancements ... 2026-02-03
8103 fix(tts): sanitize API keys from error messages yubrew Voice Call and TTS Imp... 2026-02-03
8078 fix(config): add prototype pollution protection to deepMerge yubrew Environment Variable S... 2026-02-03
8075 fix(skills): add --ignore-scripts to all package managers yubrew Plugin Management Enha... 2026-02-03
8073 fix(plugins): add --ignore-scripts to npm install yubrew Plugin Management Enha... 2026-02-03
8067 fix(telegram): use timing-safe comparison for webhook secret yubrew Webhook Security Enhan... 2026-02-03