github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2025-12-26 05:48:36 +08:00
Code Issues Packages Projects Releases Wiki Activity
OpenHands/opendevin/security
History
adragos e0b67ad2f1
feat: add Security Analyzer functionality (#3058) 
* feat: Initial work on security analyzer

* feat: Add remote invariant client

* chore: improve fault tolerance of client

* feat: Add button to enable Invariant Security Analyzer

* [feat] confirmation mode for bash actions

* feat: Add Invariant Tab with security risk outputs

* feat: Add modal setting for Confirmation Mode

* fix: frontend tests for confirmation mode switch

* fix: add missing CONFIRMATION_MODE value in SettingsModal.test.tsx

* fix: update test to integrate new setting

* feat: Initial work on security analyzer

* feat: Add remote invariant client

* chore: improve fault tolerance of client

* feat: Add button to enable Invariant Security Analyzer

* feat: Add Invariant Tab with security risk outputs

* feat: integrate security analyzer with confirmation mode

* feat: improve invariant analyzer tab

* feat: Implement user confirmation for running bash/python code

* fix: don't display rejected actions

* fix: make confirmation show only on assistant messages

* feat: download traces, update policy, implement settings, auto-approve based on defined risk

* Fix: low risk not being shown because it's 0

* fix: duplicate logs in tab

* fix: log duplication

* chore: prepare for merge, remove logging

* Merge confirmation_mode from OpenDevin main

* test: update tests to pass

* chore: finish merging changes, security analyzer now operational again

* feat: document Security Analyzers

* refactor: api, monitor

* chore: lint, fix risk None, revert policy

* fix: check security_risk for None

* refactor: rename instances of invariant to security analyzer

* feat: add /api/options/security-analyzers endpoint

* Move security analyzer from tab to modal

* Temporary fix lock when security analyzer is not chosen

* feat: don't show lock at all when security analyzer is not enabled

* refactor:
- Frontend:
* change type of SECURITY_ANALYZER from bool to string
* add combobox to select SECURITY_ANALYZER, current options are "invariant and "" (no security analyzer)
* Security is now a modal, lock in bottom right is visible only if there's a security analyzer selected
- Backend:
* add close to SecurityAnalyzer
* instantiate SecurityAnalyzer based on provided string from frontend

* fix: update close to be async, to be consistent with other close on resources

* fix: max height of modal (prevent overflow)

* feat: add logo

* small fixes

* update docs for creating a security analyzer module

* fix linting

* update timeout for http client

* fix: move security_analyzer config from agent to session

* feat: add security_risk to browser actions

* add optional remark on combobox

* fix: asdict not called on dataclass, remove invariant dependency

* fix: exclude None values when serializing

* feat: take default policy from invariant-server instead of being hardcoded

* fix: check if policy is None

* update image name

* test: fix some failing runs

* fix: security analyzer tests

* refactor: merge confirmation_mode and security_analyzer into SecurityConfig. Change invariant error message for docker

* test: add tests for invariant parsing actions / observations

* fix: python linting for test_security.py

* Apply suggestions from code review

Co-authored-by: Engel Nyst <enyst@users.noreply.github.com>

* use ActionSecurityRisk | None intead of Optional

* refactor action parsing

* add extra check

* lint parser.py

* test: add field keep_prompt to test_security

* docs: add information about how to enable the analyzer

* test: Remove trailing whitespace in README.md text

---------

Co-authored-by: Mislav Balunovic <mislav.balunovic@gmail.com>
Co-authored-by: Engel Nyst <enyst@users.noreply.github.com>
Co-authored-by: Xingyao Wang <xingyao6@illinois.edu>
2024-08-13 11:29:41 +00:00
..
invariant
feat: add Security Analyzer functionality (#3058)
2024-08-13 11:29:41 +00:00
__init__.py
feat: add Security Analyzer functionality (#3058)
2024-08-13 11:29:41 +00:00
analyzer.py
feat: add Security Analyzer functionality (#3058)
2024-08-13 11:29:41 +00:00
options.py
feat: add Security Analyzer functionality (#3058)
2024-08-13 11:29:41 +00:00
README.md
feat: add Security Analyzer functionality (#3058)
2024-08-13 11:29:41 +00:00

README.md

Security

Given the impressive capabilities of OpenDevin and similar coding agents, ensuring robust security measures is essential to prevent unintended actions or security breaches. The SecurityAnalyzer framework provides a structured approach to monitor and analyze agent actions for potential security risks.

To enable this feature:

  • From the web interface
    • Open Configuration (by clicking the gear icon in the bottom right)
    • Select a Security Analyzer from the dropdown
    • Save settings
    • (to disable) repeat the same steps, but click the X in the Security Analyzer dropdown
  • From config.toml
[security]
# Enable confirmation mode
confirmation_mode = true
# The security analyzer to use
security_analyzer = "your-security-analyzer"

(to disable) remove the lines from config.toml

SecurityAnalyzer Base Class

The SecurityAnalyzer class (analyzer.py) is an abstract base class designed to listen to an event stream and analyze actions for security risks and eventually act before the action is executed. Below is a detailed explanation of its components and methods:

Initialization

  • event_stream: An instance of EventStream that the analyzer will listen to for events.

Event Handling

  • on_event(event: Event): Handles incoming events. If the event is an Action, it evaluates its security risk and acts upon it.

Abstract Methods

  • handle_api_request(request: Request): Abstract method to handle API requests.
  • log_event(event: Event): Logs events.
  • act(event: Event): Defines actions to take based on the analyzed event.
  • security_risk(event: Action): Evaluates the security risk of an action and returns the risk level.
  • close(): Cleanups resources used by the security analyzer.

In conclusion, a concrete security analyzer should evaluate the risk of each event and act accordingly (e.g. auto-confirm, send Slack message, etc).

For customization and decoupling from the OpenDevin core logic, the security analyzer can define its own API endpoints that can then be accessed from the frontend. These API endpoints need to be secured (do not allow more capabilities than the core logic provides).

How to implement your own Security Analyzer

  1. Create a submodule in security with your analyzer's desired name
    • Have your main class inherit from SecurityAnalyzer
    • Optional: define API endpoints for /api/security/{path:path} to manage settings,
  2. Add your analyzer class to the options to have it be visible from the frontend combobox
  3. Optional: implement your modal frontend (for when you click on the lock) in security and add your component to Security.tsx

Implemented Security Analyzers

Invariant

It uses the Invariant Analyzer to analyze traces and detect potential issues with OpenDevin's workflow. It uses confirmation mode to ask for user confirmation on potentially risky actions.

This allows the agent to run autonomously without fear that it will inadvertently compromise security or perform unintended actions that could be harmful.

Features:

  • Detects:
    • potential secret leaks by the agent
    • security issues in Python code
    • malicious bash commands
  • Logs:
    • actions and their associated risk
    • OpenDevin traces in JSON format
  • Run-time settings: