fix: harden Windows exec allowlist

2026-02-03 09:34:08 -08:00
parent 8f3bfbd1c4
commit a7f4a53ce8
5 changed files with 170 additions and 2 deletions
--- a/src/agents/bash-tools.exec.ts
+++ b/src/agents/bash-tools.exec.ts
@@ -1046,6 +1046,7 @@ export function createExecTool(
          safeBins: new Set(),
          cwd: workdir,
          env,
+          platform: nodeInfo?.platform,
        });
        let analysisOk = baseAllowlistEval.analysisOk;
        let allowlistSatisfied = false;
@@ -1073,6 +1074,7 @@ export function createExecTool(
                safeBins: new Set(),
                cwd: workdir,
                env,
+                platform: nodeInfo?.platform,
              });
              allowlistSatisfied = allowlistEval.allowlistSatisfied;
              analysisOk = allowlistEval.analysisOk;
@@ -1282,6 +1284,7 @@ export function createExecTool(
          safeBins,
          cwd: workdir,
          env,
+          platform: process.platform,
        });
        const allowlistMatches = allowlistEval.allowlistMatches;
        const analysisOk = allowlistEval.analysisOk;