Issue search results

42.5M results (680 ms)

LukeSantossz/sb100_agents
security(api): nao vazar str(e) interno no detail dos 503 do /chat

Descrição Nas tres branches de falha do pipeline, a HTTPException retornada ao cliente embute a mensagem bruta da excecao via str(e): linha 127-130 ( Erro ao gerar embedding: {str(e)}... ), 139-142 ( ...

medium

security

MartinMSPedersen/Breakthrough
Engine played a simple losing move

If all moves loses the engine should choose the longest PV.

bug

engine

LukeSantossz/sb100_agents
security(generation): sanitizar historico de conversa antes do prompt (bypass T61)

Descrição Em generate(), apenas a pergunta do turno atual passa por _sanitize_question (linha 151). O historico de conversa e anexado as mensagens sem nenhuma sanitizacao (loop linhas 157-158: messages.append({ ...

medium

security

LukeSantossz/sb100_agents
security(infra): proteger Qdrant exposto sem autenticacao no compose

Descrição O servico qdrant publica as portas 6333 (REST) e 6334 (gRPC) no host (linhas 12-14). O Docker faz bind em 0.0.0.0 por padrao, entao qualquer host que alcance a maquina ve o Qdrant. Nenhuma API ...

infrastructure

medium

security

LukeSantossz/sb100_agents
security(ci): isolar corpo de issue do prompt do agente em claude-auto.yml

Descrição O prompt da claude-code-action interpola diretamente github.event.issue.title (linha 50) e github.event.issue.body (linha 52) — texto 100% controlavel por qualquer pessoa que abra uma issue ...

infrastructure

medium

security

afokapu/atdd
feat(atdd): Issue Reconcile Crashes Unboundlocalerror Shadowed Import

Issue Metadata | Field | Value | | --- | --- | | Date | 2026-06-11 | | Status | INIT | | Type | implementation | | Branch | feat/issue-reconcile-crashes-unboundlocalerror-shadowed-import | | Archetypes ...

atdd:INIT

atdd-issue

LukeSantossz/sb100_agents
security(chat): adicionar rate-limit em POST /chat (DoS/amplificacao de custo)

Descrição O endpoint POST /chat (unico endpoint pesado da API) nao possui nenhum rate-limit nem quota por usuario. Somente auth.py aplica @limiter.limit (register 3/h, token 5/15min); o decorator de limite ...

high

security

LukeSantossz/sb100_agents
security(config): remover segredo JWT funcional de .env.example e SETUP.md

Descrição O repositorio e PUBLICO e tanto .env.example (linha 102) quanto SETUP.md (linhas 94 e 121) fornecem JWT_SECRET_KEY=super-secret-key-replace-in-production. Esse valor tem 38 caracteres, passando ...

high

security

LukeSantossz/sb100_agents
security(chat): escopar buffer de sessao ao usuario autenticado (IDOR)

Descrição O cache global _sessions (linha 41) e indexado APENAS pelo req.session_id fornecido pelo cliente. _get_or_create_buffer(req.session_id) (linha 118) nao usa current_user em nenhum momento — o ...

high

security

LukeSantossz/sb100_agents
bug(eval): vincular checkpoint ao dataset (orfaos contaminam saida)

Descrição load_checkpoint aceita qualquer resultado e run_evaluation_async faz results = list(existing) sem verificar se cada question_id existe no dataset atual. O caminho do checkpoint e fixo e compartilhado ...

bug

medium

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Filter by

State

Advanced

LukeSantossz/sb100_agents
security(api): nao vazar str(e) interno no detail dos 503 do /chat

MartinMSPedersen/Breakthrough
Engine played a simple losing move

LukeSantossz/sb100_agents
security(generation): sanitizar historico de conversa antes do prompt (bypass T61)

LukeSantossz/sb100_agents
security(infra): proteger Qdrant exposto sem autenticacao no compose

LukeSantossz/sb100_agents
security(ci): isolar corpo de issue do prompt do agente em claude-auto.yml

afokapu/atdd
feat(atdd): Issue Reconcile Crashes Unboundlocalerror Shadowed Import

LukeSantossz/sb100_agents
security(chat): adicionar rate-limit em POST /chat (DoS/amplificacao de custo)

LukeSantossz/sb100_agents
security(config): remover segredo JWT funcional de .env.example e SETUP.md

LukeSantossz/sb100_agents
security(chat): escopar buffer de sessao ao usuario autenticado (IDOR)

LukeSantossz/sb100_agents
bug(eval): vincular checkpoint ao dataset (orfaos contaminam saida)

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.

issues Search Results · language:Dune language:Python language:Java language:Java language:HTML language:Java language:HTML

Filter by

State

Advanced

42.5M results

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.