andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-04-10 21:12:37 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
397d5225aeb9c4714e46e910cd6323a954635fdf
crewAI/lib/crewai-tools/tests/tools
History
Devin AI fefa6761f9 Fix command injection and sandbox escape in CodeInterpreterTool (#4516) 
- Replace os.system() with subprocess.run() using list args in run_code_unsafe()
  to prevent command injection via malicious library names (CWE-78)
- Add BLOCKED_ATTRS set to SandboxPython to block dangerous dunder attributes
  (__class__, __bases__, __subclasses__, __mro__, __globals__, __code__,
  __reduce__, __reduce_ex__, __builtins__) that enable sandbox escape (CWE-94)
- Add getattr, setattr, delattr, type, breakpoint to UNSAFE_BUILTINS
- Add _check_for_blocked_attrs() pre-execution scan for blocked attribute patterns
- Add comprehensive tests for both vulnerabilities

Co-Authored-By: João <joao@crewai.com>
2026-02-19 11:29:42 +00:00
..
cassettes
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
crewai_platform_tools
fix: correct tool-calling content handling and schema serialization
2026-01-27 15:47:29 -05:00
rag
fix: ensure parameters in RagTool.add, add typing, tests (#3979)
2025-11-26 22:32:43 -08:00
__init__.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
arxiv_paper_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
brave_search_tool_test.py
test: avoid URL substring assertion in brave search test (#4453)
2026-02-11 14:32:10 +08:00
brightdata_serp_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
brightdata_webunlocker_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
couchbase_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
exa_search_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
files_compressor_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
firecrawl_crawl_website_tool_test.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
firecrawl_scrape_website_tool_test.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
firecrawl_search_tool_test.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
generate_crewai_automation_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
merge_agent_handler_tool_test.py
feat: Add Merge Agent Handler tool (#3911)
2025-11-20 16:58:41 -08:00
parallel_search_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
selenium_scraping_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
serper_dev_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
singlestore_search_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
snowflake_search_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
stagehand_tool_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_code_interpreter_tool.py
Fix command injection and sandbox escape in CodeInterpreterTool (#4516)
2026-02-19 11:29:42 +00:00
test_file_writer_tool.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_import_without_warnings.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_mongodb_vector_search_tool.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_oxylabs_tools.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_pdf_search_tool_config.py
fix: rag tool embeddings config
2025-11-24 16:51:28 -05:00
test_search_tools.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_txt_search_tool_config.py
fix: rag tool embeddings config
2025-11-24 16:51:28 -05:00
tool_collection_test.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00