chore: bump Plugin (MediaPaths SSRF fix); P14 verified-extent notes
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Submodule Fabric.OpenclawPlugin updated: 42228e0a23...cc655ffcc3
@@ -150,7 +150,7 @@ Guild1 :7002 = `test-guild1`, Guild2 :7003 = `test-guild2`, Frontend :8088).
|
|||||||
| P11 | tools | `fabric-register`; `create-{chat,work,report,discussion}-channel` (→ x_type); `discussion-complete` (summary + close) |
|
| P11 | tools | `fabric-register`; `create-{chat,work,report,discussion}-channel` (→ x_type); `discussion-complete` (summary + close) |
|
||||||
| P12 | gateway lifecycle | starts inbound on `gateway_start`, stops on `gateway_stop`; no separate sidecar |
|
| P12 | gateway lifecycle | starts inbound on `gateway_start`, stops on `gateway_stop`; no separate sidecar |
|
||||||
| P13 | full round-trip | human posts in Fabric → wakeup → agent runs → reply lands in channel as agent |
|
| P13 | full round-trip | human posts in Fabric → wakeup → agent runs → reply lands in channel as agent |
|
||||||
| P14 | file delivery to agent | message attachments downloaded with the agent's guild token to a temp dir; `MediaPaths`/`MediaTypes`/`MediaUrls` (+ singular) set on the finalized inbound context so the model receives the files |
|
| P14 | file delivery to agent | message attachments downloaded with the agent's guild token to a temp dir; **only local** `MediaPaths`/`MediaTypes` (+ singular) set on the finalized inbound context. No `MediaUrls` — the guild URL is a private host and openclaw's SSRF guard blocks re-fetching it (verified live: `fabric: fetched N attachment(s)`, SSRF WARN gone after the fix) |
|
||||||
|
|
||||||
## 8. Fabric.Backend.Guild — files & canvas
|
## 8. Fabric.Backend.Guild — files & canvas
|
||||||
|
|
||||||
@@ -194,9 +194,17 @@ Guild1 :7002 = `test-guild1`, Guild2 :7003 = `test-guild2`, Frontend :8088).
|
|||||||
`?access_token` download, 401, attachment persistence, canvas
|
`?access_token` download, 401, attachment persistence, canvas
|
||||||
share/update/replace/delete + sharer-only/access enforcement; retention
|
share/update/replace/delete + sharer-only/access enforcement; retention
|
||||||
deadline asserted, sweep logic unit-level only — not waited out).
|
deadline asserted, sweep logic unit-level only — not waited out).
|
||||||
- **Plugin file delivery (P14)** is build- + install-verified and follows
|
- **Plugin file delivery (P14)** verified live up to the agent boundary:
|
||||||
the documented openclaw inbound media contract; a live agent media
|
human posts a file in Fabric → `wakeup` → plugin admits → **downloads
|
||||||
round-trip was not re-exercised (reuses the validated P13 path).
|
the attachment with the agent's guild token** and sets local
|
||||||
|
`MediaPaths` → inbound turn runs through the kernel and returns cleanly.
|
||||||
|
The agent→Fabric **reply leg (P13) could not be exercised** in the local
|
||||||
|
openclaw instance: it emits **zero agent replies on any channel** (no
|
||||||
|
responder wired — `echo` agentId is undefined so it falls back to
|
||||||
|
`main`, whose model produces no deliverable output). That is a
|
||||||
|
pre-existing environment gap, independent of Fabric. Bug found & fixed
|
||||||
|
during this test: `MediaUrls` (a `localhost` URL) tripped openclaw's
|
||||||
|
SSRF guard — now only local `MediaPaths` are passed.
|
||||||
- `discuss`/`work` differ only in x_type label; turn semantics identical —
|
- `discuss`/`work` differ only in x_type label; turn semantics identical —
|
||||||
test one, both covered.
|
test one, both covered.
|
||||||
- Desktop / Android submodules are out of scope (untouched).
|
- Desktop / Android submodules are out of scope (untouched).
|
||||||
|
|||||||
Reference in New Issue
Block a user