🛡️ fix: Sanitize Agent List Skill Scope#13122
Merged
Merged
Conversation
danny-avila
changed the title
Owner
Author
|
@codex review |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens the /api/agents list response to prevent VIEW callers from receiving raw per-agent skill scope configuration, while still enabling the client to render the $ skill popover using a viewer-scoped “effective” skill scope.
Changes:
- Adds an
includeSkillConfigflag togetListAgentsByAccessto excludeskills/skills_enabledfrom the default projection unless explicitly requested. - Updates the agents list controller to sanitize skill scope for VIEW callers by intersecting configured skills with the caller’s VIEW-accessible skills.
- Adds regression tests covering default projection behavior, safe VIEW list shape, VIEW skill filtering, and EDIT raw skill config behavior.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| packages/data-schemas/src/methods/agent.ts | Adds opt-in projection control (includeSkillConfig) for returning raw skill configuration in list results. |
| packages/data-schemas/src/methods/agent.spec.ts | Updates/extends data-layer tests to lock in the new default projection and the opt-in behavior. |
| api/server/controllers/agents/v1.js | Sanitizes skill scope for VIEW list responses while allowing EDIT list callers to receive raw skill config. |
| api/server/controllers/agents/v1.spec.js | Adds controller-level regression tests for safe VIEW list fields and skill scope filtering behavior. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+62
to
+94
| const hasEditBit = (permission) => (permission & PermissionBits.EDIT) === PermissionBits.EDIT; | ||
|
|
||
| const sanitizeViewerSkillScope = (agent, accessibleSkillSet) => { | ||
| const skillScopeEnabled = agent.skills_enabled === true; | ||
| delete agent.skills_enabled; | ||
|
|
||
| if (!skillScopeEnabled) { | ||
| delete agent.skills; | ||
| return agent; | ||
| } | ||
|
|
||
| const configuredSkills = Array.isArray(agent.skills) ? agent.skills : []; | ||
| if (configuredSkills.length === 0) { | ||
| delete agent.skills; | ||
| if (accessibleSkillSet.size > 0) { | ||
| agent.skills_enabled = true; | ||
| } | ||
| return agent; | ||
| } | ||
|
|
||
| const visibleSkills = configuredSkills | ||
| .map((skillId) => String(skillId)) | ||
| .filter((skillId) => accessibleSkillSet.has(skillId)); | ||
|
|
||
| if (visibleSkills.length === 0) { | ||
| delete agent.skills; | ||
| return agent; | ||
| } | ||
|
|
||
| agent.skills = visibleSkills; | ||
| agent.skills_enabled = true; | ||
| return agent; | ||
| }; |
Comment on lines
+966
to
+975
| let accessibleSkillSet = null; | ||
| if (!canReturnSkillConfig) { | ||
| const accessibleSkillIds = await findAccessibleResources({ | ||
| userId, | ||
| role: req.user.role, | ||
| resourceType: ResourceType.SKILL, | ||
| requiredPermissions: PermissionBits.VIEW, | ||
| }); | ||
| accessibleSkillSet = new Set(accessibleSkillIds.map((oid) => oid.toString())); | ||
| } |
|
Codex Review: Didn't find any major issues. Keep them coming! ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Contributor
GitNexus: 🚀 deployedThe |
fuuuzzy
pushed a commit
to fuuuzzy/LibreChat
that referenced
this pull request
May 15, 2026
patricia2510
pushed a commit
to lexaeon-org/libre-chat
that referenced
this pull request
May 21, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
I fixed the agent list response so VIEW callers no longer receive raw skill-scope configuration, while preserving the
$skill popover behavior through a viewer-scoped effective skill response.includeSkillConfigprojection flag togetListAgentsByAccessso rawskillsandskills_enabledare excluded by default./api/agentsVIEW responses by intersecting configured skill IDs with the caller's VIEW-accessible skill IDs before returning any skill scope.Change Type
Testing
node --check api/server/controllers/agents/v1.js.node --check api/server/controllers/agents/v1.spec.js.git diff --check.apiis missingcross-env, andpackages/data-schemasis missingjest-junit.Test Configuration:
danny-avila/fix-agent-list-skill-scope-leakChecklist