php-agentic

core/php-agentic

Fork 0

Commit graph

Author	SHA1	Message	Date
Snider	a2a9423ad6	security: fix SQL injection and add workspace scoping to MCP tools - Replace orderByRaw with parameterised CASE statements - Add Task::scopeOrderByPriority() and scopeOrderByStatus() - Add AgentPlan::scopeOrderByStatus() - Add workspace validation to StateSet, StateGet, StateList tools - Add workspace validation to PlanGet, PlanList tools - Add SecurityTest.php with comprehensive isolation tests Fixes SEC-002, SEC-003 from security audit. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 12:21:01 +00:00

Author

SHA1

Message

Date

Snider

a2a9423ad6

security: fix SQL injection and add workspace scoping to MCP tools

- Replace orderByRaw with parameterised CASE statements
- Add Task::scopeOrderByPriority() and scopeOrderByStatus()
- Add AgentPlan::scopeOrderByStatus()
- Add workspace validation to StateSet, StateGet, StateList tools
- Add workspace validation to PlanGet, PlanList tools
- Add SecurityTest.php with comprehensive isolation tests

Fixes SEC-002, SEC-003 from security audit.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 12:21:01 +00:00

1 commit