Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ZIm/crates/assistant_tools/src
History
Conrad Irwin a102b08743
Require confirmation for fetch tool (#36881) 
Using prompt injection, the agent may be tricked into making a fetch
request that includes unexpected data from the conversation in the URL.

As agent conversations may contain sensitive information (like private
code, or
potentially even API keys), this seems bad.

The easiest way to prevent this is to require the user to look at the
URL
before the model is allowed to fetch it.

Thanks to @ant4g0nist for bringing this to our attention.

Release Notes:

- agent panel: The fetch tool now requires confirmation.
2025-08-25 16:03:07 +00:00
..
copy_path_tool Add copy-path tool (#27371) 2025-03-24 21:21:55 -04:00
create_directory_tool Add Create Directory Tool (#27505) 2025-03-26 11:59:03 -04:00
delete_path_tool Delete tool uses paths instead of globs (#26715) 2025-03-16 11:58:25 +01:00
diagnostics_tool Systematically optimize agentic editing performance (#28961) 2025-04-19 02:47:59 +00:00
edit_agent Fix clippy::manual_map lint violations (#36584) 2025-08-20 15:17:28 +02:00
edit_file_tool Fix agent reading and editing files over SSH (#30144) 2025-05-07 17:07:01 +00:00
fetch_tool assistant_tools: Add fetch tool (#26999) 2025-03-18 16:25:51 +00:00
find_path_tool agent: Improve initial file search quality (#29317) 2025-04-23 21:24:41 -03:00
grep_tool assistant: Partial fix for HTML entities in tools params (#32148) 2025-06-05 10:36:55 +00:00
list_directory_tool agent: Improve initial file search quality (#29317) 2025-04-23 21:24:41 -03:00
move_path_tool Add move_path tool (#27366) 2025-03-24 14:45:19 +00:00
open_tool Add eval for open_tool (#29801) 2025-05-02 15:56:07 +00:00
project_notifications_tool agent: Send stale file notifications using the project_notifications tool (#34005) 2025-07-07 19:48:18 +03:00
read_file_tool Systematically optimize agentic editing performance (#28961) 2025-04-19 02:47:59 +00:00
templates edit_file: Add diff-fenced output format (#32737) 2025-06-16 14:28:18 +00:00
terminal_tool agent: Discourage long-running commands (#29627) 2025-04-29 19:21:16 -03:00
thinking_tool Add thinking tool (#26675) 2025-03-14 16:26:22 -04:00
ui Fix clippy::redundant_clone lint violations (#36558) 2025-08-20 12:20:13 +02:00
assistant_tools.rs Another batch of lint fixes (#36521) 2025-08-19 20:33:44 +00:00
copy_path_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
create_directory_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
delete_path_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
diagnostics_tool.rs agent2: Port more tools (#35987) 2025-08-11 17:24:48 +00:00
edit_agent.rs Auto-fix clippy::collapsible_if violations (#36428) 2025-08-19 13:27:24 +00:00
edit_file_tool.rs Fix clippy::redundant_clone lint violations (#36558) 2025-08-20 12:20:13 +02:00
fetch_tool.rs Require confirmation for fetch tool (#36881) 2025-08-25 16:03:07 +00:00
find_path_tool.rs Fix clippy::len_zero lint style violations (#36589) 2025-08-20 14:35:59 +00:00
grep_tool.rs Fix clippy::redundant_clone lint violations (#36558) 2025-08-20 12:20:13 +02:00
list_directory_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
move_path_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
now_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
open_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
project_notifications_tool.rs Fix clippy::needless_borrow lint violations (#36444) 2025-08-18 21:54:35 +00:00
read_file_tool.rs Fix a bunch of other low-hanging style lints (#36498) 2025-08-19 21:26:17 +02:00
schema.rs Auto-fix clippy::collapsible_if violations (#36428) 2025-08-19 13:27:24 +00:00
templates.rs Introduce a new StreamingEditFileTool (#29733) 2025-05-01 17:37:43 +02:00
terminal_tool.rs Fix clippy::redundant_clone lint violations (#36558) 2025-08-20 12:20:13 +02:00
thinking_tool.rs Pull action_log into its own crate (#35959) 2025-08-10 21:57:55 +00:00
ui.rs agent: Display full terminal output without scrolling (#31922) 2025-06-03 10:54:25 -07:00
web_search_tool.rs Fix clippy::redundant_clone lint violations (#36558) 2025-08-20 12:20:13 +02:00