Open
Conversation
- Add model selection step when OpenRouter is chosen in onboarding (CLI + UI) - Fix config path: save model to agent.model - Downgrade @elizaos/plugin-openrouter to 2.0.0-alpha.3 to match @elizaos/core Without this fix, selecting OpenRouter would save the API key but no model, causing 'No handler found for delegate type: TEXT_LARGE' errors.
Add a model selection step when OpenRouter is chosen during onboarding (both CLI and UI). Without this, selecting OpenRouter saves the API key but no model, causing 'No handler found for delegate type' errors. Changes: - CLI: prompt for model after API key via clack.select - UI: show model grid in llmProvider step when OpenRouter + key entered - Server: new getOpenRouterModelOptions(), persist model to agent config - AppContext: wire onboardingOpenRouterModel state through to submission Closes milady-ai#10, incorporates milady-ai#55 (migrated from apps/ui to apps/app). Co-authored-by: Cursor <cursoragent@cursor.com>
- Bump @elizaos/plugin-openai and @elizaos/plugin-openrouter to alpha.5 (fixes MAX_EMBEDDING_TOKENS version skew) - OpenRouter model selection in onboarding (CLI + UI) - Lint config improvements (biome check instead of biome lint) Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
The MCP config endpoints (POST /api/mcp/config/server, PUT /api/mcp/config, and PUT /api/config) allowed registering stdio MCP servers with arbitrary commands. An attacker could register /bin/bash or curl|sh as an MCP server with a single unauthenticated request — the payload persists to disk and executes on every restart. Changes: - Add command allowlist for stdio MCP servers (npx, node, bun, bunx, deno, python, python3, uvx, uv, docker, podman) — rejects arbitrary binaries - Block dangerous env vars (LD_PRELOAD, NODE_OPTIONS, PATH, etc.) that enable code injection into spawned MCP processes - Validate args are string arrays (prevent object injection) - Validate env, cwd, and timeoutInMillis field types - Block prototype pollution via server name (__proto__, constructor) - Apply validation to all three MCP config write paths including the general PUT /api/config endpoint (validates before safeMerge) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit introduces a complete overhaul of the onboarding wizard UI with the following improvements: ## New Features - **Grid Layout**: AI providers displayed in a 2-column grid with logos - **Provider Logos**: Added logo system with 21 provider icons (dark/light variants) - **Modal Dialogs**: API key input and confirmation modals with smooth animations - **Modern Dark Theme**: New "dark" theme with zinc palette and blue accent (#3b82f6) - **Auto-progression**: Wizard automatically advances after provider confirmation - **Scrollable Provider List**: Added overflow scroll for long provider lists ## Visual Improvements - Provider cards with hover effects (elevation, glow, translate) - Logo support for: OpenAI, Anthropic/Claude, Groq, Google/Gemini, Ollama, Grok/xAI, OpenRouter, ElizaCloud, DeepSeek, Mistral, Together.ai, z.ai - Responsive design with proper spacing and borders - Smooth fade-in and slide-up animations ## Technical Changes - Added `apps/app/src/provider-logos.ts` - Logo mapping system with fallbacks - Added `apps/app/public/logos/` - 21 provider logo files - Updated `OnboardingWizard.tsx` - Grid layout, modals, and improved UX - Updated `base.css` - New dark theme and animations - Updated `AppContext.tsx` - Dark theme as default ## Theme System - New "dark" theme set as default - Modern shadcn/ui-inspired design tokens - Improved color contrast and accessibility Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
…gram token Resolve merge conflicts across 5 files by combining both sides: - Keep onboardingTelegramToken from develop in AppContext/OnboardingWizard - Adopt PR-56 styling for OpenRouter model selector (consistent with wizard) - Combine both OpenRouter model persistence strategies (agents.list + config.agent) - Keep plugin-openai at alpha.5 (develop), downgrade plugin-openrouter to alpha.3 (PR) Co-authored-by: Cursor <cursoragent@cursor.com>
Resolved conflicts in OnboardingWizard.tsx: combined import statements, kept both OpenRouter model selector from PR milady-ai#56 and modal system + provider logo grid from PR milady-ai#61. Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
…egories Co-authored-by: Sol <sol@shad0w.xyz>
- Fix ConnectorConfig type casts in server.ts (Record<string, unknown> -> ConnectorConfig) and import the type from config module - Fix fetch interceptor in claude-code-stealth.ts to preserve Bun's preconnect property and satisfy typeof fetch - Auto-fix import ordering and formatting via biome Co-authored-by: Cursor <cursoragent@cursor.com>
The electron-builder 26.7.0 cannot resolve electron from a semver range when node_modules is not available (which happens when bunx downloads electron-builder in an isolated context). - Pin electron to exact 26.6.10 (was ^26.6.10) - Bump electron-builder to ^26.7.0 to match CI runtime - Replace bunx with npx in release workflow so electron-builder uses the locally installed electron from npm install step Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
Co-authored-by: Sol <sol@shad0w.xyz>
…s properly Co-authored-by: Sol <sol@shad0w.xyz>
…injection fix: prevent arbitrary command execution via MCP server registration
PR milady-ai#63 (MCP security): - Add missing blocked env vars (PYTHONPATH, PYTHONSTARTUP, RUBYOPT, PERL5OPT) - Validate URL scheme (http/https only) for remote MCP servers PR milady-ai#61 (onboarding UI): - Rename mistra-icon.png -> mistral-icon.png (typo fix) - Wrap llmProvider case in braces for proper block scope PR milady-ai#60 (connectors/restart): - Remove duplicate /api/channels endpoints (use existing /api/connectors) - Rename all "channel" references to "connector" in frontend - Remove duplicate getChannels/saveChannel/deleteChannel client methods - Consolidate "channels" onboarding step into existing "connectors" step - Update ConfigView to use existing connector API endpoints - Keep /api/restart endpoint (useful feature) Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Add comprehensive integration tests for @elizaos/plugin-computeruse: - Plugin classification: verify optional (not core), feature-flag gated - Config enablement: features.computeruse, plugins.entries.computeruse - Module import: valid Plugin export shape, named exports - ComputerUseService and config schema validation - Config schema: COMPUTERUSE_ENABLED, COMPUTERUSE_MODE, COMPUTERUSE_MCP_SERVER - Action declarations: all 5 expected actions present (OPEN_APPLICATION, CLICK, TYPE, GET_WINDOW_TREE, GET_APPLICATIONS) 18 tests, all passing. Co-authored-by: Cursor <cursoragent@cursor.com>
Add comprehensive integration tests for @elizaos/plugin-shell: - Plugin classification: verify core plugin (always loaded) - Module import: valid Plugin export shape, named exports - Actions: executeCommand, processAction, clearHistory - Services: ShellService, processRegistry session management - Approval system: ExecApprovalService, analyzeShellCommand, DEFAULT_SAFE_BINS, EXEC_APPROVAL_DEFAULTS - Utilities: command safety checks, forbidden commands, path validation, PTY key encoding, shell config loading - Provider: shellHistoryProvider shape validation 24 tests, all passing. Co-authored-by: Cursor <cursoragent@cursor.com>
Add comprehensive integration tests for @elizaos/plugin-code and the milaidy coding agent context system: - Plugin classification: verify core plugin (always loaded) - Module import: valid Plugin export, named coderPlugin - Actions: readFile, writeFile, editFile, executeShell, git, listFiles, searchFiles, changeDirectory (8 total) - Services: CoderService, configureCodingTools - Provider: coderStatusProvider shape validation - Coding agent context system: - Zod schema validation for all context types - Context creation and validation helpers - Iteration management (add, errors, max check, loop control) - Feedback injection - Connector types (local-fs, git-repo, api, browser, sandbox) - Interaction modes (fully-automated, human-in-the-loop, manual-guidance) - File operation and captured error validation - Workspace provider enrichment: - buildCodingAgentSummary, buildContext, truncate utilities 32 tests, all passing. Co-authored-by: Cursor <cursoragent@cursor.com>
…merge-security-fixes-81-82-83
ESCAPE '' (empty string) declares no escape character, so the backslash escaping of % and _ wildcards on the preceding lines had no effect — wildcards remained active in search terms. Changed to ESCAPE '\' and added backslash escaping so literal backslashes in search input aren't misinterpreted as escape sequences. Before: searching "100%" matched "1000", "100x", etc. After: searching "100%" matches only "100%" Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…rocessObject Both deepMerge() and IncludeProcessor.processObject() iterate over object keys from config files without filtering dangerous keys. A malicious config include file containing __proto__, constructor, or prototype keys could pollute the Object prototype. Added BLOCKED_MERGE_KEYS guard to both functions, consistent with the project's other merge functions (safeMerge in server.ts, BLOCKED_KEYS in config-paths.ts). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… reset
POST /api/agent/reset calls rmSync(stateDir, { recursive: true, force: true })
where stateDir comes from resolveStateDir() which can be overridden by
MILAIDY_STATE_DIR env var. If set to "/" or another sensitive path (via
env injection or config manipulation), this would recursively delete the
entire filesystem.
Now validates the resolved path before deletion:
- Rejects filesystem roots (/ on Unix, C:\ on Windows)
- Rejects home directory itself
- Requires path to contain a "milaidy" or ".milaidy" segment
- Returns 400 with a warning log if path appears unsafe
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Export ensureBrowserServerLink from eliza.ts for browser integration tests - Rename applyChannelSecretsToEnv to applyConnectorSecretsToEnv with backward-compatible fallback from config.connectors to config.channels - Update collectPluginNames to prefer config.connectors over config.channels - Map telegram connector to @milaidy/plugin-telegram-enhanced - Update local-embedding test to match intentional keep-always behavior (milady-ai#10) - Fix unused imports in browser/shell/cloud test files - Apply biome formatting fixes across server, cloud-routes, and test files - Add temp_capture_*.jpg to .gitignore Co-authored-by: Cursor <cursoragent@cursor.com>
… deletion in reset
Develop -> Main: reviewed PRs milady-ai#60, milady-ai#61, milady-ai#63, milady-ai#64 with fixes
milaidy: handle database JSON parse errors
milaidy: harden plugins open editor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sync fork's main branch with upstream milady-ai/milaidy main.