Skip to content

Improve Interactive Shell and Harden Security#206

Draft
hackerxj2010 wants to merge 1 commit into
mainfrom
feature/interactive-shell-security-hardening-11508913986382430769
Draft

Improve Interactive Shell and Harden Security#206
hackerxj2010 wants to merge 1 commit into
mainfrom
feature/interactive-shell-security-hardening-11508913986382430769

Conversation

@hackerxj2010
Copy link
Copy Markdown
Owner

@hackerxj2010 hackerxj2010 commented May 30, 2026

This PR significantly improves the Jeanbot interactive experience and security posture.

Key changes:

  1. Interactivity: The Python mission runner now features a decoupled planning and execution flow. The CLI presents a proposed plan to the user for approval before starting execution.
  2. Real-time Feedback: Mission execution now reports step status (STARTED/COMPLETED) in real-time to the CLI using a new callback mechanism.
  3. Security Hardening: assertInternalRequest in @jeanbot/platform now uses constant-time comparison via crypto.timingSafeEqual and SHA-256 hashing to prevent timing attacks.
  4. Credential Protection: redactSecrets in @jeanbot/security has been expanded to cover Anthropic keys, GitHub tokens, AWS access keys, and generic password fields (supporting quoted and unquoted values).
  5. Quality Assurance: Added a new test suite packages/security/src/redact.test.ts to verify the redaction logic.

These changes bring Jeanbot closer to the interactive and secure experience provided by tools like Claude Code.

PR created automatically by Jules for task 11508913986382430769 started by @hackerxj2010

@google-labs-jules @hackerxj2010
feat: improve interactive shell and harden security
bbdbdc9 
- Refactor Python CLI shell into a robust InteractiveShell class
- Add plan-approval flow and real-time step progress visualization
- Harden internal request validation with timing-safe comparisons
- Enhance secret redaction for Anthropic, GitHub, AWS, and quoted passwords
- Add unit tests for secret redaction logic

Co-authored-by: hackerxj2010 <198651211+hackerxj2010@users.noreply.github.com>
@google-labs-jules
Copy link
Copy Markdown
Contributor

google-labs-jules Bot commented May 30, 2026

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hackerxj2010