-
Notifications
You must be signed in to change notification settings - Fork 1
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
[docs] Post-Phase-4 drift: app-studio README, sandbox-runtime doc, infra chart comment, dead cloud filter
documentationImprovements or additions to documentationImprovements or additions to documentationStatus: Open.#409 In faroshq/kedge;[bug] No-op spec fields (CatalogEntry.virtualWorkspace, oidc.mode=platform) + stale doc-comments
documentationImprovements or additions to documentationImprovements or additions to documentationStatus: Open.#408 In faroshq/kedge;[cleanup] Dead legacy kro broker client with hardcoded-stub template trap
bugSomething isn't workingSomething isn't workingStatus: Open.#407 In faroshq/kedge;[security][low] Dev query-param identity escape hatches + tokens in URLs must be prod-impossible
securitySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#406 In faroshq/kedge;[bug] Silent error-swallowing: interrupted assistant turns lost; project-create rollback orphans resources
bugSomething isn't workingSomething isn't workingStatus: Open.#405 In faroshq/kedge;[bug] Unimplemented advertised endpoints: /auth/refresh returns 501; agent token create is a silent stub
bugSomething isn't workingSomething isn't workingStatus: Open.#404 In faroshq/kedge;[security][medium] Assistant prompt injection becomes autonomous mutation under APP_STUDIO_AUTO_APPROVE_ACTIONS
securitySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#403 In faroshq/kedge;[security][medium] Auth endpoints are not rate-limited (rateLimiter never wired)
bugSomething isn't workingSomething isn't workingsecuritySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#402 In faroshq/kedge;[security][medium] kuery trusts X-Kedge-Tenant header with no RBAC backstop
bugSomething isn't workingSomething isn't workingsecuritySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#401 In faroshq/kedge;[security][medium] SSRF via tenant-controlled baseURL (code provider + app-studio LLM); LLM client has no timeout
bugSomething isn't workingSomething isn't workingsecuritySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#400 In faroshq/kedge;[security][medium] MCPServer spec.readOnly not enforced on federated provider tools
bugSomething isn't workingSomething isn't workingsecuritySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#399 In faroshq/kedge;[security][high] Tunneled traffic runs at agent-SA privilege; per-user RBAC not enforced
bugSomething isn't workingSomething isn't workingsecuritySecurity vulnerability or concernSecurity vulnerability or concernStatus: Open.#398 In faroshq/kedge;