GeneralBots/gb
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gb/TASKS.md

2.6 KiB
Raw Blame History

TASKS.md — General Bots Workspace Audit

Generated: 2026-02-19 Workspace: /home/rodriguez/gb (v6.2.0) Scope: Security Audit and Improvements Execution

🔴 P0 — CRITICAL SECURITY FLAWS

SEC-01: RESOLVED — vault-unseal-keys removed

Status: Removed from tracking. History purge required.

  • git rm --cached vault-unseal-keys
  • Rotate ALL 5 Vault unseal keys immediately
  • Use git filter-repo to purge history

SEC-02: PARTIALLY RESOLVED — .env exposure

Status: Mitigated (Untracked, Example created). Rotation needed.

  • Verified .env untracked
  • Created .env.example
  • Rotate Vault tokens immediately

SEC-03: RESOLVED — init.json removed

Status: Removed from tracking.

SEC-04: RESOLVED — Command Execution Hardened

Status: Replaced Command::new with SafeCommand.

SEC-05: RESOLVED — SQL Injection Hardened

Status: Parameterized queries implemented. Build verified.

SEC-06: 🟡 IN PROGRESS — unwrap()/expect() Reduction

Status: Started. Fixed rate_limiter.rs and utils.rs.

  • Replaced expect in utils.rs with safe fallback
  • Replaced unsafe in rate_limiter.rs
  • Continue elimination in core/ and llm/

🟠 P1 — HIGH PRIORITY IMPROVEMENTS (Selected)

IMP-03: RESOLVED — Artifact Cleanup

  • Deleted .bas, PROMPT.md
  • Added Cargo.lock to tracking (.gitignore)

IMP-04: RESOLVED — Unsafe Code Fix

  • Replaced unsafe block in rate_limiter.rs with safe NonZeroU32 construction

IMP-06: RESOLVED — CORS Configuration

  • Fixed syntax error in validate_origin
  • Hardened origin validation logic

🟡 P2 — MEDIUM PRIORITY IMPROVEMENTS (Policies)

IMP-07 to IMP-10: RESOLVED — Security Policies Added

Status: Added to AGENTS.md.

  • IMP-07: Rate Limiting
  • IMP-08: CSRF Protection
  • IMP-09: Security Headers
  • IMP-10: Dependency Pinning

🔵 P3 — LOW PRIORITY / PENDING

IMP-14: 🟡 TODO — Code Cleanup (TODOs)

Action: Triage ~40 TODO comments.

  • Remove stale TODOs
  • Fix critical TODOs

IMP-15: 🟡 TODO — Integration Tests

Action: Set up coverage.

  • Add cargo-tarpaulin or similar
  • Generate coverage report

IMP-16: RESOLVED — Tool Consolidation

  • Removed puppeteer from package.json (Consolidated on Playwright)

IMP-17: RESOLVED — Lockfile Tracking

  • Removed Cargo.lock from .gitignore

Note: Unlisted tasks (IMP-01, 02, 05, 11-13, 18, 19) have been removed from focus.