fix(security): extend action type coverage in security check (#12870)

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Engel Nyst <engel.nyst@gmail.com>
2026-03-22 05:37:20 +08:00 · 2026-02-27 22:44:29 -06:00
parent 25076ee44c
commit c34fdf4b37
1 changed files with 6 additions and 0 deletions
--- a/openhands/controller/agent_controller.py
+++ b/openhands/controller/agent_controller.py
@@ -64,11 +64,14 @@ from openhands.events.action import (
    AgentFinishAction,
    AgentRejectAction,
    BrowseInteractiveAction,
+    BrowseURLAction,
    ChangeAgentStateAction,
    CmdRunAction,
    FileEditAction,
    FileReadAction,
+    FileWriteAction,
    IPythonRunCellAction,
+    MCPAction,
    MessageAction,
    NullAction,
    SystemMessageAction,
@@ -977,8 +980,11 @@ class AgentController:
                type(action) is CmdRunAction
                or type(action) is IPythonRunCellAction
                or type(action) is BrowseInteractiveAction
+                or type(action) is BrowseURLAction
                or type(action) is FileEditAction
                or type(action) is FileReadAction
+                or type(action) is FileWriteAction
+                or type(action) is MCPAction
            ):
                # Handle security risk analysis using the dedicated method
                await self._handle_security_analyzer(action)