Documentation
¶
Overview ¶
Package toolcap provides capability probing for epack tools.
This package provides a single, canonical implementation for querying --capabilities from tool binaries. It consolidates duplicate implementations from internal/tool/probe.go and internal/dispatch/executor.go.
SECURITY:
- Uses restricted environment to prevent secret exfiltration during probes
- Uses bounded output capture to prevent OOM from malicious tools
- Validates JSON for duplicate keys to prevent ambiguous overrides
- Uses BuildRestrictedEnvSafe to strip proxy credentials
Index ¶
Constants ¶
const MaxResponseBytes = 64 * 1024
MaxResponseBytes is the maximum size of --capabilities response (64KB). This prevents untrusted tool binaries from causing OOM by returning huge responses.
const Timeout = 5 * time.Second
Timeout is the maximum time to wait for --capabilities response.
Variables ¶
This section is empty.
Functions ¶
func Probe ¶
func Probe(ctx context.Context, binaryPath string) (*toolprotocol.Capabilities, error)
Probe runs --capabilities on a tool binary and parses the JSON response. Sets EPACK_MODE=capabilities to signal the tool that this is a probe, not execution.
SECURITY:
- Uses restricted environment to prevent secret exfiltration during probes
- Uses bounded output capture to prevent OOM from malicious tools
- Uses BuildRestrictedEnvSafe to strip proxy credentials from untrusted binaries
- Validates JSON for duplicate keys to prevent ambiguous capability overrides
func ProbeWithBackground ¶
func ProbeWithBackground(binaryPath string) (*toolprotocol.Capabilities, error)
ProbeWithBackground is a convenience wrapper that uses context.Background().
Types ¶
This section is empty.
Source Files