masci / banks
95%

DEFAULT BRANCH: main
Repo Added
Files 24
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst

LAST BUILD ON BRANCH main
branch: main
CHANGE BRANCH
x

coverage: 94.769% (+0.006%) from 94.763%
24994328106

push

github

web-flow 
fix: prevent SSTI by switching to SandboxedEnvironment (#74)

* docs: warn that prompt templates are trusted code

Templates are rendered in an unsandboxed Jinja2 environment, so passing
untrusted user input as template text allows arbitrary code execution.
Document the safe pattern (variables) vs the unsafe one (raw user strings).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: use SandboxedEnvironment to prevent SSTI

Switch from jinja2.Environment to jinja2.sandbox.SandboxedEnvironment.
This blocks access to dunder attributes in templates, preventing SSTI
payloads from reaching __builtins__ and executing arbitrary code.

All existing tests pass unchanged. Add a regression test that verifies
the canonical SSTI payload raises an exception.

Also document that templates are trusted code and that user-supplied
strings must never be passed as template text.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* Apply suggestions from code review

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* fix: tighten SSTI test to assert SecurityError and update docs to reflect SandboxedEnvironment

Agent-Logs-Url: https://github.com/masci/banks/sessions/de6273d5-80bf-468c-8853-feeb273a7294

Co-authored-by: masci <7241+masci@users.noreply.github.com>

* chore: remove e2e tests and Python 3.9 from CI

e2e tests require an OpenAI API key that is no longer valid.
Python 3.9 is EOL (Oct 2025) and newer virtualenv drops support for it.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: masci <7241+masci@users.noreply.github.com>

102 of 108 branches covered (94.44%)

Branch coverage included in aggregate %.

2 of 2 new or added lines in 1 file covered. (100.0%)

840 of 886 relevant lines covered (94.81%)

0.95 hits per line

Relevant lines Covered
886 RELEVANT LINES 840 COVERED LINES
0.95 HITS PER LINE
Source Files on main

Recent builds

Builds Branch Commit Type Ran Committer Via Coverage
24994328106 main fix: prevent SSTI by switching to SandboxedEnvironment (#74) * docs: warn that prompt templates are trusted code Templates are rendered in an unsandboxed Jinja2 environment, so passing untrusted user input as template text allows arbitrary code ... push web-flow github
94.77
22096426347 main Add backfordward support for Python 3.9 (#71) Co-authored-by: Massimiliano Pippi <mpippi@gmail.com> push web-flow github
94.76
22095354489 main explicitly ignore missing stubs for griffe (#72) push web-flow github
94.74
21754818069 main one-click release process push masci github
94.74
21442915167 main docs: move AI guidance to AGENTS.md for tool-agnostic access (#69) Renames the AI assistant guidance file to AGENTS.md so it works with any AI coding tool (Claude, Cursor, Gemini, etc). CLAUDE.md now redirects to AGENTS.md. Also improves the docu... push web-flow github
94.74
21394681090 main Support binary inputs to Image, Audio, Video, and Document types (#67) * Support binary inputs to Image, Audio, Video, and Document types * PR Feedback push web-flow github
94.74
21205259678 main bump version push masci github
94.36
21204924131 main feat: Support Video (#65) * feat: Support video * PR Feedback push web-flow github
94.36
21166795434 main feat: Support documents (#66) push web-flow github
94.02
20271722773 main Stop testing on Python 3.9, introduce Python 3.14 (#64) * stop testing on Python 3.9, introduce Python 3.14 * keep linting for 3.9 until we support it push web-flow github
93.64
See All Builds (153)