- SSRF protection in media fetch: block private IPs, localhost, link-local
addresses using ipaddr.js; manually follow redirects to validate each hop
- Path traversal protection in web media: allowlist ~/.clawdbot and tmpdir,
follow symlinks to prevent escape attacks
- Shell injection fix in CLI credentials: use spawnSync with argument arrays
instead of execSync with string interpolation
- Rate limiting for gateway auth: 5 failures = 1 minute lockout, prevents
brute-force attacks
- Tailscale auth failure tracking: record failures for whois mismatches
- Logger permissions: set 0o700 on log directory, warn if chmod fails
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Enhanced error handling in image reference detection to skip malformed file URLs without crashing.
- Updated media loading logic to throw an error for invalid file URLs, ensuring better feedback for users.
- Added support for detecting file URLs in prompts using fileURLToPath for accurate path resolution.
- Updated image loading logic to default to JPEG format for optimized image processing.
- Improved error handling in image optimization to continue processing on failures.
- Added handling for file URLs using fileURLToPath for proper resolution.
- Updated logic to skip relative path resolution if ref.resolved is already absolute.
- Enhanced cap calculation for image loading to handle undefined maxBytes more gracefully.
- Skip JPEG optimization for image/gif content type (both local and URL)
- Preserves animation in uploaded GIFs to Discord/other providers
- Added tests for GIF preservation from local files and URLs
- Updated changelog
