vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-23 04:24:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
663 commits 48 branches 20 tags 26 MiB
Commit graph

2 commits

Author SHA1 Message Date
A
81bab47a74
fix: Escape API keys in continue.sh JSON configs to prevent injection (#374) 
Replace vulnerable heredoc patterns across 27 continue.sh scripts with
setup_continue_config() helper that uses json_escape() + upload_config_file()
to safely handle API keys containing special characters like quotes or braces.

Also fix _save_token_to_config() in shared/common.sh which had the same
unescaped heredoc vulnerability for local token storage.

Relates to #104

Agent: security-auditor

Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-02-11 00:13:19 -08:00
A
769510ec14
feat: Implement fly/continue.sh script (#334) 
Adds Continue CLI support on Fly.io by combining Fly.io's Machines API
primitives with Continue's setup steps. Includes OpenRouter config injection
via ~/.continue/config.json.

Agent: gap-filler-fly-continue

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-10 19:16:51 -08:00