Security: Bearer token sent over plaintext HTTP

[tuanaiseo]

Problem

The hook scripts (stop.ts, post-tool-use.ts, etc.) send Bearer tokens in Authorization headers to REST_URL. When AGENTMEMORY_URL defaults to 'http://localhost:3111', tokens are transmitted over plaintext HTTP. While localhost traffic typically doesn't leave the machine, this could be intercepted by local malware or other processes on multi-tenant systems.

Severity: high
File: src/hooks/stop.ts

Solution

Enforce HTTPS or validate that the URL uses https:// protocol. Consider adding a configuration check that errors if AGENTMEMORY_SECRET is set but AGENTMEMORY_URL uses http:// (non-loopback). The integrations/pi/security.ts already has a guard for this pattern - consider centralizing this logic.

Changes

• src/hooks/stop.ts (modified)

Testing

• Existing tests pass
• Manual review completed
• No new warnings/errors introduced

Summary by CodeRabbit

• Bug Fixes
  • Enhanced security validation to prevent sensitive authentication credentials from being transmitted over unsecured network connections. When an authorization secret is configured, the application now enforces HTTPS encryption for all remote connections or restricts to local loopback addresses only, ensuring bearer tokens are never accidentally exposed via unencrypted HTTP.

[vercel]

@tuanaiseo is attempting to deploy a commit to the rohitg00's projects Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 140bfa29-c9a4-4683-b41c-8e7f557f62ee

📥 Commits

Reviewing files that changed from the base of the PR and between b7e1240 and 079c60e.

📒 Files selected for processing (1)

• src/hooks/stop.ts

---

📝 Walkthrough

Walkthrough

This PR adds security validation to the agent memory startup sequence, ensuring that authentication secrets are never transmitted over insecure connections to remote endpoints. A new isSecureUrl() helper function validates that REST URLs are either HTTPS or point to local loopback addresses, and a startup guard exits with an error if a secret is configured but the REST endpoint is not secure.

Changes

Security validation on startup

Layer / File(s)	Summary
URL scheme and loopback validation src/hooks/stop.ts	Adds isSecureUrl() helper accepting only https: URLs or loopback hostnames (localhost, 127.0.0.1, ::1), and a startup guard that terminates the process when AGENTMEMORY_SECRET is set but REST_URL is an insecure http:// non-loopback address.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A secret's born, but where does it roam?
Not o'er plain HTTP—that's not our home!
Just HTTPS pathways or localhost's embrace,
Where tokens stay safe in a secure place.
No bearer-token leaks, no midnight fright—
Our startup now guards with encryption tight! 🔐

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and directly describes the security issue being addressed: preventing Bearer tokens from being sent over plaintext HTTP.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}