From 5ab0eaf038fd81dc21432d0aaa15bcf425c63674 Mon Sep 17 00:00:00 2001 From: hzhang Date: Fri, 15 May 2026 21:50:40 +0100 Subject: [PATCH] chore: bump Plugin (MediaPaths SSRF fix); P14 verified-extent notes Co-Authored-By: Claude Opus 4.7 (1M context) --- Fabric.OpenclawPlugin | 2 +- docs/TEST_POINTS.md | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/Fabric.OpenclawPlugin b/Fabric.OpenclawPlugin index 42228e0..cc655ff 160000 --- a/Fabric.OpenclawPlugin +++ b/Fabric.OpenclawPlugin @@ -1 +1 @@ -Subproject commit 42228e0a23e9b82d8a05696ebd3a15982891c604 +Subproject commit cc655ffcc38eedded4f8632b26e4afcbe4dbd4c1 diff --git a/docs/TEST_POINTS.md b/docs/TEST_POINTS.md index ecc0a32..52c1d24 100644 --- a/docs/TEST_POINTS.md +++ b/docs/TEST_POINTS.md @@ -150,7 +150,7 @@ Guild1 :7002 = `test-guild1`, Guild2 :7003 = `test-guild2`, Frontend :8088). | P11 | tools | `fabric-register`; `create-{chat,work,report,discussion}-channel` (→ x_type); `discussion-complete` (summary + close) | | P12 | gateway lifecycle | starts inbound on `gateway_start`, stops on `gateway_stop`; no separate sidecar | | P13 | full round-trip | human posts in Fabric → wakeup → agent runs → reply lands in channel as agent | -| P14 | file delivery to agent | message attachments downloaded with the agent's guild token to a temp dir; `MediaPaths`/`MediaTypes`/`MediaUrls` (+ singular) set on the finalized inbound context so the model receives the files | +| P14 | file delivery to agent | message attachments downloaded with the agent's guild token to a temp dir; **only local** `MediaPaths`/`MediaTypes` (+ singular) set on the finalized inbound context. No `MediaUrls` — the guild URL is a private host and openclaw's SSRF guard blocks re-fetching it (verified live: `fabric: fetched N attachment(s)`, SSRF WARN gone after the fix) | ## 8. Fabric.Backend.Guild — files & canvas @@ -194,9 +194,17 @@ Guild1 :7002 = `test-guild1`, Guild2 :7003 = `test-guild2`, Frontend :8088). `?access_token` download, 401, attachment persistence, canvas share/update/replace/delete + sharer-only/access enforcement; retention deadline asserted, sweep logic unit-level only — not waited out). -- **Plugin file delivery (P14)** is build- + install-verified and follows - the documented openclaw inbound media contract; a live agent media - round-trip was not re-exercised (reuses the validated P13 path). +- **Plugin file delivery (P14)** verified live up to the agent boundary: + human posts a file in Fabric → `wakeup` → plugin admits → **downloads + the attachment with the agent's guild token** and sets local + `MediaPaths` → inbound turn runs through the kernel and returns cleanly. + The agent→Fabric **reply leg (P13) could not be exercised** in the local + openclaw instance: it emits **zero agent replies on any channel** (no + responder wired — `echo` agentId is undefined so it falls back to + `main`, whose model produces no deliverable output). That is a + pre-existing environment gap, independent of Fabric. Bug found & fixed + during this test: `MediaUrls` (a `localhost` URL) tripped openclaw's + SSRF guard — now only local `MediaPaths` are passed. - `discuss`/`work` differ only in x_type label; turn semantics identical — test one, both covered. - Desktop / Android submodules are out of scope (untouched).