35 lines
1.2 KiB
Python
35 lines
1.2 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
Adversarial test (CI-safe):
|
|
|
|
- The socket-deny Tool Request must validate (it is an approved request artifact).
|
|
- It must contain an explicit socket attempt in the Monty code section.
|
|
|
|
This test does NOT execute Monty (CI environments may not have Monty installed or hardened profile enabled).
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
from pathlib import Path
|
|
|
|
from tools.validate_tool_request import validate
|
|
|
|
|
|
def main() -> int:
|
|
tr = Path("tool-exec/examples/TR-monty-socket-deny.md")
|
|
assert tr.exists(), f"Missing test Tool Request: {tr}"
|
|
|
|
res = validate(str(tr))
|
|
assert res.ok, f"Tool Request should validate; errors: {res.errors}"
|
|
# Expect a warning about risky names (import/open/exec...) given our validator guardrail.
|
|
# Not required, but helpful to catch regressions.
|
|
# If you later convert this warning into an error, update this test accordingly.
|
|
body = tr.read_text(encoding="utf-8")
|
|
assert "import socket" in body, "Tool Request must attempt socket import."
|
|
assert "socket.socket" in body, "Tool Request must attempt socket usage."
|
|
return 0
|
|
|
|
|
|
if __name__ == "__main__":
|
|
raise SystemExit(main())
|