Morph MORPH
SIGN IN SIGN UP
dhruvhead / UFO UNCLAIMED
0 0 51 Python

COMMITS

main
May 26, 2026
K
Merge pull request #332 from rhmsd/rhmsd/MSRC112143
kangyu committed
adef15b
R
Replace xml.etree.ElementTree with defusedxml.ElementTree for enhanced security; add defusedxml to requirements.
Ray Huang (from Dev Box) committed
9d8349c
May 15, 2026
R
Merge commit from fork
rhmsd committed
e6195cb
R
Implement session ownership checks to prevent cross-client session reuse
Ray Huang (from Dev Box) committed
bdd46aa
R
Merge commit from fork
rhmsd committed
1206b73
R
Enhance task response handling to prevent cross-device task-result injection
Ray Huang (from Dev Box) committed
fce110d
May 14, 2026
R
Merge commit from fork
rhmsd committed
e058e1f
R
Add WebSocket connection context to prevent cross-client response hijacking
Ray Huang (from Dev Box) committed
ffbc5f7
R
Merge commit from fork
rhmsd committed
ebda608
R
Add regression tests for WebSocket role/identity spoofing hardening and enhance client registration error handling
Ray Huang (from Dev Box) committed
723d557
May 13, 2026
K
Merge pull request #330 from rhmsd/rhmsd/GHSA-whcg-fgpx-76f2
kangyu committed
493b9b3
R
Implement task name sanitization and validation to prevent path traversal vulnerabilities
Ray Huang (from Dev Box) committed
e1b376c
May 9, 2026
K
Merge pull request #329 from rhmsd/rhmsd/MSRC114224
kangyu committed
e262665
K
Merge pull request #328 from rhmsd/rhmsd/MSRC114053
kangyu committed
6e21367
May 8, 2026
R
Implement URL security measures to prevent SSRF attacks: add validation helpers and replace direct URL handling with safe_get in webclient and web_search modules.
Ray Huang (from Dev Box) committed
fce6e6b
R
Add unit tests for shell command security hardening and enhance path validation
Ray Huang (from Dev Box) committed
6048461
April 29, 2026
K
Merge pull request #321 from rhmsd/rhmsd/MSRC114052
kangyu committed
6d709d9
R
Merge branch 'main' of https://github.com/rhmsd/UFO into rhmsd/MSRC114052
Ray Huang (from Dev Box) committed
4482e9a
K
Merge pull request #322 from rhmsd/rhmsd/MSRC114156
kangyu committed
adbb38c
R
Enhance security features in Linux MCP Server: implement command allow-list, dangerous pattern scanning, and API key validation for command execution.
Ray Huang (from Dev Box) committed
e0d4bbd
R
Add authentication router and enhance path validation for security
Ray Huang (from Dev Box) committed
59ba6ba
April 14, 2026
K
Merge pull request #307 from rhmsd/rhmsd/MSRC576143
kangyu committed
c5a8db3
R
Enhance documentation for Galaxy WebUI and batch mode; add API key authentication details and security considerations
Ray Huang (from Dev Box) committed
a9e6c62
April 3, 2026
K
Merge pull request #301 from rhmsd/rhmsd/MSRC572151
kangyu committed
0f6229c
K
Merge pull request #300 from rhmsd/rhmsd/MSRC563005
kangyu committed
7d58ce4
R
Merge branch 'main' into rhmsd/MSRC563005
rhmsd committed
5cf6318
R
Merge branch 'main' into rhmsd/MSRC572151
rhmsd committed
9dcc89c
K
Merge pull request #299 from rhmsd/rayhuang/MSRC571925
kangyu committed
4ce80e7
R
fix: Update CommandLineExecutor documentation to clarify application launching without shell and adjust example commands
Ray Huang (from Dev Box) committed
4f6e06b
April 2, 2026
R
fix: Enhance CORS configuration and improve application process termination logic
Ray Huang (from Dev Box) committed
1de9307