Conversation
cristipufu
force-pushed
the
fix/integration_guid_part2
branch
from
e38c9f2 to
cc18a91
Compare
There was a problem hiding this comment.
Pull request overview
This PR improves the integration genome documentation that guides developers in building framework integrations for the UiPath runtime. The changes add comprehensive coding principles, expand best practices, and correct a typo in error contract documentation.
Changes:
- Fixed spelling typo in error contract example comment (InvaliGraphReference → InvalidGraphReference)
- Added extensive "Coding Principles" section with 6 core principles for integration development
- Expanded documentation with security patterns, error categorization, message mapping, and agent caching strategies
- Corrected project path reference in .cursorrules (goob_ai → uipath)
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
src/uipath/runtime/errors/contract.py |
Fixed typo in comment example (InvaliGraphReference → InvalidGraphReference) |
INTEGRATION_GENOME.md |
Major expansion of integration development guide with coding principles, security patterns, serialization best practices, error handling, storage configuration, and reference implementation strategies |
CLAUDE.md |
Reformatted reference integrations section into a structured table with tier and capability information |
.cursorrules |
Corrected project path from old name (goob_ai) to current name (uipath) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # SECURITY: Validate path is within working directory (Coding Principle 6) | ||
| cwd = os.path.abspath(os.getcwd()) | ||
| abs_file_path = os.path.abspath(os.path.normpath(self._module_path)) | ||
| if not abs_file_path.startswith(cwd): |
There was a problem hiding this comment.
The path validation in load() uses abs_file_path.startswith(cwd) to enforce that the agent file stays under the working directory, which is unsafe for preventing path traversal. An attacker who can influence self._module_path can choose a path like /home/app2/agent.py when cwd is /home/app, which still passes the prefix check but points outside the project, allowing arbitrary modules to be loaded from outside the intended directory. Use a proper directory-containment check (e.g., based on normalized common paths rather than raw string prefixes) to ensure the loaded file truly resides within the working directory.
| if not abs_file_path.startswith(cwd): | |
| try: | |
| common_path = os.path.commonpath([cwd, abs_file_path]) | |
| except ValueError: | |
| # Different drive or otherwise incompatible paths – treat as invalid | |
| common_path = "" | |
| if common_path != cwd: |
| ```python | ||
| cwd = os.path.abspath(os.getcwd()) | ||
| abs_file_path = os.path.abspath(os.path.normpath(file_path)) | ||
| if not abs_file_path.startswith(cwd): |
There was a problem hiding this comment.
The security example under "Validate Agent Paths Against Working Directory" also relies on abs_file_path.startswith(cwd) to restrict agent files to the project directory, which is not a safe containment check. A path such as /home/app2/agent.py will still start with /home/app when cwd is /home/app, so an attacker controlling file_path can bypass the intended restriction and load code from outside the project tree. This guidance should be updated to use a robust directory containment check (e.g., based on normalized common paths) so downstream integrations do not copy an exploitable pattern.
| if not abs_file_path.startswith(cwd): | |
| if os.path.commonpath([cwd, abs_file_path]) != cwd: |
1 participant
No description provided.