vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-04-29 12:29:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
spawn/sh/e2e/lib/clouds
History
A 8d76ad90d3
security: base64-encode cmd in _sprite_exec to prevent injection (#2803) 
Apply the same base64 encoding mitigation used by all other cloud
drivers (aws, hetzner, digitalocean, gcp). The command is encoded
locally, validated for safe characters, then decoded and executed
on the remote side via `base64 -d | bash`.

Fixes #2800

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-19 13:19:07 -07:00
..
aws.sh fix(e2e): use aggressive cleanup threshold (5 min) for pre-run to prevent quota exhaustion (#2798) 2026-03-19 11:23:55 -07:00
digitalocean.sh fix(e2e): use aggressive cleanup threshold (5 min) for pre-run to prevent quota exhaustion (#2798) 2026-03-19 11:23:55 -07:00
gcp.sh fix(e2e): use aggressive cleanup threshold (5 min) for pre-run to prevent quota exhaustion (#2798) 2026-03-19 11:23:55 -07:00
hetzner.sh fix(e2e): use aggressive cleanup threshold (5 min) for pre-run to prevent quota exhaustion (#2798) 2026-03-19 11:23:55 -07:00
sprite.sh security: base64-encode cmd in _sprite_exec to prevent injection (#2803) 2026-03-19 13:19:07 -07:00