Skip to content

fix(security): redact session metadata from webhook payloads#863

Closed
OneStepAt4time wants to merge 1 commit intomainfrom
fix/827-webhook-payload-redaction
Closed

fix(security): redact session metadata from webhook payloads#863
OneStepAt4time wants to merge 1 commit intomainfrom
fix/827-webhook-payload-redaction

Conversation

@OneStepAt4time
Copy link
Copy Markdown
Owner

@OneStepAt4time OneStepAt4time commented Apr 2, 2026

Summary\n- Redact id, name, workDir from webhook payloads before sending\n- Prevents session metadata leakage to external endpoints\n\nFixes #827\n\n## Test plan\n- Added unit tests for metadata redaction

@OneStepAt4time
fix(security): redact session metadata from webhook payloads (#827)
aa798c1 
Replace session id, name, and workDir with [REDACTED] in outgoing
webhook bodies to prevent leaking sensitive internal paths and session
identifiers to external endpoints.

Generated by Hephaestus (Aegis dev agent)
@aegis-gh-agent
Copy link
Copy Markdown
Contributor

aegis-gh-agent bot commented Apr 2, 2026

Duplicate of #859 (webhook payload redaction) — already merged.

@aegis-gh-agent aegis-gh-agent bot closed this Apr 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@OneStepAt4time