fix: bound breach history + CostGuard thread safety (#247, #246)#253
Merged
imran-siddique merged 1 commit intomainfrom Mar 15, 2026
Merged
fix: bound breach history + CostGuard thread safety (#247, #246)#253imran-siddique merged 1 commit intomainfrom
imran-siddique merged 1 commit intomainfrom
Conversation
- RingBreachDetector: change _breach_history from unbounded list to deque(maxlen=10_000) with configurable max_breach_history (#247) - CostGuard: add threading.Lock protecting _org_spent_month read-modify- write in check_task() and record_cost() (#246) Closes #247, closes #246 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
github-actions
bot
added
agent-hypervisor
imran-siddique
added a commit
to imran-siddique/agent-governance-toolkit
that referenced
this pull request
Mar 18, 2026
…CHANGELOG Move CostGuard org kill bypass (microsoft#272), CostGuard thread safety (microsoft#253), ErrorBudget unbounded deque (microsoft#172), and VectorClock race condition (microsoft#243) from 'Fixed' to 'Security' section in v2.1.0 CHANGELOG — these are security fixes affecting concurrent governance enforcement. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
imran-siddique
added a commit
to imran-siddique/agent-governance-toolkit
that referenced
this pull request
Mar 18, 2026
…CHANGELOG Move CostGuard org kill bypass (microsoft#272), CostGuard thread safety (microsoft#253), ErrorBudget unbounded deque (microsoft#172), and VectorClock race condition (microsoft#243) from 'Fixed' to 'Security' section in v2.1.0 CHANGELOG — these are security fixes affecting concurrent governance enforcement. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
imran-siddique
added a commit
that referenced
this pull request
Mar 18, 2026
…ents (#296) * fix(security): replace XOR placeholder with AES-256-GCM, add Security Model section Address 3 findings from security review: 1. Replace insecure XOR placeholder encryption in DMZ module with real AES-256-GCM via cryptography library (was: 'NOT SECURE - placeholder only' comment in nexus/dmz.py) 2. Add 'Security Model & Limitations' section to root README making clear this is application-level middleware, not OS kernel isolation. Includes table of what each layer provides vs. does not provide. 3. Add checksum verification guidance to community preview disclaimer. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix(security): add demo warnings, adversarial mode, and security advisories - Add in-memory storage warning to demo startup - Add sample policy disclaimer to demo startup - Add --include-attacks flag for adversarial demo scenarios (prompt injection, tool alias bypass, SQL policy bypass) - Add security advisories to SECURITY.md for CostGuard org kill bypass (#272) and thread safety fixes (v2.1.0) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs: relabel CostGuard and thread safety fixes as security items in CHANGELOG Move CostGuard org kill bypass (#272), CostGuard thread safety (#253), ErrorBudget unbounded deque (#172), and VectorClock race condition (#243) from 'Fixed' to 'Security' section in v2.1.0 CHANGELOG — these are security fixes affecting concurrent governance enforcement. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: address PR review feedback — docstrings, changelog, yaml safety - Add docstring to scenario_adversarial_attacks - Document --include-attacks flag in README - Pin pyyaml version in security-scan workflow - Audit and fix unsafe yaml.load() calls (if any) - Add unreleased changelog entries Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes
Tests: hypervisor 380 passed, cost 34 passed
Closes #247, closes #246