From c34fdf4b372f78bec89b8e3b059443b2e92018e5 Mon Sep 17 00:00:00 2001
From: Nelson Spence <nelson@projectnavi.ai>
Date: Fri, 27 Feb 2026 22:44:29 -0600
Subject: [PATCH] fix(security): extend action type coverage in security check
 (#12870)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Engel Nyst <engel.nyst@gmail.com>
---
 openhands/controller/agent_controller.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/openhands/controller/agent_controller.py b/openhands/controller/agent_controller.py
index 710e912435..193314d08c 100644
--- a/openhands/controller/agent_controller.py
+++ b/openhands/controller/agent_controller.py
@@ -64,11 +64,14 @@ from openhands.events.action import (
     AgentFinishAction,
     AgentRejectAction,
     BrowseInteractiveAction,
+    BrowseURLAction,
     ChangeAgentStateAction,
     CmdRunAction,
     FileEditAction,
     FileReadAction,
+    FileWriteAction,
     IPythonRunCellAction,
+    MCPAction,
     MessageAction,
     NullAction,
     SystemMessageAction,
@@ -977,8 +980,11 @@ class AgentController:
                 type(action) is CmdRunAction
                 or type(action) is IPythonRunCellAction
                 or type(action) is BrowseInteractiveAction
+                or type(action) is BrowseURLAction
                 or type(action) is FileEditAction
                 or type(action) is FileReadAction
+                or type(action) is FileWriteAction
+                or type(action) is MCPAction
             ):
                 # Handle security risk analysis using the dedicated method
                 await self._handle_security_analyzer(action)