Did anyone actually audit this thing?!? #1402
-
|
18 vulnerabilities — 11 high severity. Includes HTTP request smuggling, CRLF injection, and unbounded memory consumption in undici (the HTTP client). These are in the dependency chain, not ruflo's own code, but they're unpatched. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Yes — we did a comprehensive audit. 8 research agents, source code analysis, hands-on testing of every major tool category. Beyond the dependency vulns you found, here's what the code itself does:~290 of 300+ MCP tools are stubs. They accept input and return JSON but don't execute anything:
~10 tools actually work: memory/HNSW vector search, embeddings, terminal, sessions. Token Optimizer claims fabricated in source:
The architectural gap: LLM providers (AnthropicProvider with real fetch) exist. Task queue exists. Agent registry exists. But the wire connecting agent_spawn → execution is missing. Full audit with source code proof: Independent Audit (Gist) |
Beta Was this translation helpful? Give feedback.
Yes — we did a comprehensive audit. 8 research agents, source code analysis, hands-on testing of every major tool category.
Beyond the dependency vulns you found, here's what the code itself does:
~290 of 300+ MCP tools are stubs. They accept input and return JSON but don't execute anything:
agent_spawn→{status: 'idle', taskCount: 0}foreverneural_train→ reportsMath.random()accuracy, predictions always 'coder'wasm_agent_prompt→ echoes input backverifySignature()in consensus → unconditionally returnstrue~10 tools actually work: memory/HNSW vector search, embeddings, terminal, sessions.
Token Optimizer claims …