let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: honor gateway env token for doctor/security

Browse Source 
Co-authored-by: azade-c <azade-c@users.noreply.github.com>
This commit is contained in:
Peter Steinberger
2026-01-23 03:13:44 +00:00
parent f1deffa681
commit ec2c69c230
6 changed files with 77 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/security/audit.test.ts
View File

@@ -656,6 +656,31 @@ describe("security audit", () => {
);
});
it("warns when hooks token reuses the gateway env token", async () => {
const prevToken = process.env.CLAWDBOT_GATEWAY_TOKEN;
process.env.CLAWDBOT_GATEWAY_TOKEN = "shared-gateway-token-1234567890";
const cfg: ClawdbotConfig = {
hooks: { enabled: true, token: "shared-gateway-token-1234567890" },
};
try {
const res = await runSecurityAudit({
config: cfg,
includeFilesystem: false,
includeChannelSecurity: false,
});
expect(res.findings).toEqual(
expect.arrayContaining([
expect.objectContaining({ checkId: "hooks.token_reuse_gateway_token", severity: "warn" }),
]),
);
} finally {
if (prevToken === undefined) delete process.env.CLAWDBOT_GATEWAY_TOKEN;
else process.env.CLAWDBOT_GATEWAY_TOKEN = prevToken;
}
});
it("warns when state/config look like a synced folder", async () => {
const cfg: ClawdbotConfig = {};