### Vulnerability Overview This vulnerability involves the OpenHarness project, where bridge commands are set to local-only by default. This change aims to prevent the accidental execution of remote management commands, thereby enhancing system security. ### Scope of Impact - **Affected Files**: - `src/openharness/commands/registry.py` - `tests/test_commands/test_registry.py` - `tests/test_ohmo/test_gateway.py` - **Specific Impact**: - By default, bridge commands (such as `/bridge`) are restricted to local use only, unless the remote management option is explicitly enabled. - This prevents unauthorized remote access and operations, reducing potential security risks. ### Remediation Plan 1. **Code Modifications**: - In `src/openharness/commands/registry.py`, set the `remote_invokable` attribute of the bridge command to `False`, prohibiting remote invocation by default. - Add test cases to verify that the bridge command is local-only by default and can be enabled for remote management via explicit settings. 2. **Test Cases**: - Add the new test case `test_bridge_command_is_marked_local_only` to ensure the bridge command is local-only by default. - Add the new test case `test_bridge_command_supports_explicit_remote_admin_opt_in` to ensure remote management can be enabled through explicit settings. 3. **Code Example**: ```python # src/openharness/commands/registry.py registry.register(SlashCommand( "bridge", "Inspect bridge helpers and spawn bridge sessions", _bridge_handler, remote_invokable=False, remote_admin_opt_in=True, )) # tests/test_commands/test_registry.py @pytest.mark.asyncio async def test_bridge_command_is_marked_local_only(tmp_path: Path, monkeypatch): monkeypatch.setenv("OPENHARNESS_CONFIG_DIR", str(tmp_path / "config")) registry = create_default_command_registry() command = registry.lookup("/bridge spawn id") assert command is not None assert command.remote_invokable is False @pytest.mark.asyncio async def test_bridge_command_supports_explicit_remote_admin_opt_in(tmp_path: Path, monkeypatch): monkeypatch.setenv("OPENHARNESS_CONFIG_DIR", str(tmp_path / "config")) registry = create_default_command_registry() command = registry.lookup("/bridge spawn id") assert command is not None assert getattr(command, "remote_admin_opt_in", False) is True ``` ### Summary Through the above modifications, the OpenHarness project ensures that bridge commands are local-only by default, unless the remote management option is explicitly enabled, thereby improving system security.