Skip to content

P11-R1: harden provider runtime security#142

Merged
samrusani merged 1 commit intomainfrom
codex/phase11-remediation-provider-runtime-hardening
Apr 12, 2026
Merged

P11-R1: harden provider runtime security#142
samrusani merged 1 commit intomainfrom
codex/phase11-remediation-provider-runtime-hardening

Conversation

@samrusani
Copy link
Copy Markdown
Owner

@samrusani samrusani commented Apr 12, 2026

Summary

  • add centralized provider URL validation to block SSRF-relevant targets and reject credential-bearing userinfo in provider base URLs
  • sanitize provider discovery and runtime error handling so raw upstream failure detail is not reflected to clients or persisted verbatim
  • add security regression coverage for blocked targets, no-outbound-on-reject behavior, error sanitization, and legacy URL redaction

Scope Notes

  • keeps the remediation narrow to the shipped provider runtime surface from Phase 11
  • does not add providers, packs, framework integrations, or unrelated UI/product work
  • excludes the unrelated local README.md worktree change from merge scope

Security Findings Closed

  • High: authenticated SSRF via provider registration plus provider test/runtime invocation
  • Medium: upstream error detail reflection and persistence
  • Medium: provider base_url userinfo credential exposure

Verification

  • python3 scripts/check_control_doc_truth.py
  • ./.venv/bin/python -m pytest tests/unit tests/integration -q
  • ./.venv/bin/bandit -r apps/api/src/alicebot_api/provider_runtime.py apps/api/src/alicebot_api/local_provider_helpers.py apps/api/src/alicebot_api/azure_provider_helpers.py apps/api/src/alicebot_api/main.py

Upgrade Overview

Protected Areas

  • continuity APIs
  • memory schema
  • trust rules

Compatibility Impact

This change hardens the shipped provider registration, provider test, and runtime invoke surfaces without widening the feature surface. Existing Phase 11 provider and model-pack behavior remains intact outside the intended security rejection and sanitization paths.

Migration / Rollout

Deploy the API changes together so provider registration, provider test, and runtime invoke all enforce the same URL policy and error sanitization behavior. No schema migration is required for this remediation sprint.

Operator Action

Re-test the blocked target cases from the security report, including metadata, loopback, RFC1918, and non-canonical IPv4 forms. Confirm legacy provider rows with embedded userinfo serialize in redacted form only.

Validation

Branch-local verification passed:

  • python3 scripts/check_control_doc_truth.py -> PASS
  • ./.venv/bin/python -m pytest tests/unit tests/integration -q -> 1169 passed in 185.41s (0:03:05)
  • ./.venv/bin/bandit -r apps/api/src/alicebot_api/provider_runtime.py apps/api/src/alicebot_api/local_provider_helpers.py apps/api/src/alicebot_api/azure_provider_helpers.py apps/api/src/alicebot_api/main.py -> No issues identified

Rollback

Revert the squash merge commit to restore the prior provider-runtime behavior, then re-run the provider runtime regression suite before redeploying.

@samrusani samrusani merged commit f7c093b into main Apr 12, 2026
4 checks passed
@samrusani samrusani deleted the codex/phase11-remediation-provider-runtime-hardening branch April 12, 2026 21:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@samrusani