Release v4.5.126

Author: MervinPraison

docker/Dockerfile.chat

@@ -16,7 +16,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.125" \
+    "praisonai>=4.5.126" \
     "praisonai[chat]" \
     "embedchain[github,youtube]"
 

docker/Dockerfile.dev

@@ -20,7 +20,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.125" \
+    "praisonai>=4.5.126" \
     "praisonai[ui]" \
     "praisonai[chat]" \
     "praisonai[realtime]" \

docker/Dockerfile.ui

@@ -16,7 +16,7 @@ RUN mkdir -p /root/.praison
 # Install Python packages (using latest versions)
 RUN pip install --no-cache-dir \
     praisonai_tools \
-    "praisonai>=4.5.125" \
+    "praisonai>=4.5.126" \
     "praisonai[ui]" \
     "praisonai[crewai]"
 

src/praisonai-agents/praisonaiagents/approval/registry.py

@@ -147,6 +147,8 @@ def mark_approved(self, tool_name: str) -> None:
         self._approved_context.set(approved)
 
     def is_already_approved(self, tool_name: str) -> bool:
+        if self.get_risk_level(tool_name) == "critical":
+            return False
         return tool_name in self._approved_context.get(set())
 
     def clear_approved(self) -> None:

src/praisonai-agents/praisonaiagents/tools/skill_tools.py

@@ -125,6 +125,7 @@ def run_skill_script(
         except Exception as e:
             return f"Error executing script: {str(e)}"
 
+    @require_approval(risk_level="low")
     def read_skill_file(
         self,
         skill_path: str,
@@ -149,6 +150,10 @@ def read_skill_file(
                 skill_path = os.path.join(self._working_directory, skill_path)
             skill_path = os.path.abspath(skill_path)
 
+            working_dir = os.path.abspath(self._working_directory)
+            if os.path.commonpath([skill_path, working_dir]) != working_dir:
+                return f"Error: Workspace boundary violation - skill directory escapes workspace"
+            
             if not os.path.exists(skill_path):
                 return f"Error: Skill directory not found at {skill_path}"
 
@@ -160,7 +165,7 @@ def read_skill_file(
             full_path = os.path.abspath(full_path)
 
             # Security check: ensure file is within skill directory
-            if not full_path.startswith(skill_path):
+            if os.path.commonpath([full_path, skill_path]) != skill_path:
                 return f"Error: Path traversal detected - {file_path} is outside skill directory"
 
             if not os.path.exists(full_path):
@@ -239,6 +244,7 @@ def run_skill_script(script_path: str, args: str = "", timeout: int = 60) -> str
     return _skill_tools.run_skill_script(script_path, args, timeout)
 
 
+@require_approval(risk_level="low")
 def read_skill_file(skill_path: str, file_path: str, encoding: str = 'utf-8') -> str:
     """
     Read a file from a skill directory.

src/praisonai-agents/praisonaiagents/tools/web_crawl_tools.py

@@ -204,10 +204,47 @@ def web_crawl(
     single_url = isinstance(urls, str)
     if single_url and ',' in urls:
         # LLM may pass comma-separated URLs as a single string
-        url_list = [u.strip() for u in urls.split(',') if u.strip()]
-        single_url = len(url_list) == 1
+        raw_url_list = [u.strip() for u in urls.split(',') if u.strip()]
+        single_url = len(raw_url_list) == 1
     else:
-        url_list = [urls] if single_url else urls
+        raw_url_list = [urls] if single_url else urls
+
+    # Validate URLs to prevent SSRF and Local File Read
+    import urllib.parse
+    import socket
+    import ipaddress
+    
+    url_list = []
+    for u in raw_url_list:
+        try:
+            parsed = urllib.parse.urlparse(u)
+            if parsed.scheme not in ('http', 'https'):
+                logger.warning(f"Rejected non-http/https URL: {u}")
+                continue
+            hostname = parsed.hostname
+            if not hostname:
+                continue
+                
+            # Allow opting out of SSRF protection for advanced use cases
+            if os.environ.get("ALLOW_LOCAL_CRAWL") != "true":
+                try:
+                    ip_str = socket.gethostbyname(hostname)
+                    ip = ipaddress.ip_address(ip_str)
+                    if ip.is_loopback or ip.is_private or ip.is_link_local or ip.is_multicast or ip.is_unspecified:
+                        logger.warning(f"Rejected SSRF or private IP attempt: {u}")
+                        continue
+                except socket.gaierror:
+                    logger.warning(f"Could not resolve hostname for: {u}")
+                    continue
+                
+            url_list.append(u)
+        except Exception as e:
+            logger.warning(f"URL validation failed for {u}: {e}")
+            continue
+            
+    if not url_list:
+        return {"error": "No valid or safe URLs provided. Local and non-http(s) URLs are blocked for security."}
+
 
     # Get available providers
     available = _get_available_crawl_providers()

src/praisonai-agents/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "praisonaiagents"
-version = "1.5.125"
+version = "1.5.126"
 description = "Praison AI agents for completing complex tasks with Self Reflection Agents"
 readme = "README.md"
 requires-python = ">=3.10"

src/praisonai-agents/uv.lock

@@ -9,9 +9,10 @@ def _sanitize_html(html: str) -> str:
         """Sanitize HTML to prevent XSS from markdown-generated content."""
         return nh3.clean(html)
 except ImportError:
-    def _sanitize_html(html: str) -> str:
-        """Fallback: no nh3, return as-is (install nh3 for XSS protection)."""
-        return html
+    def _sanitize_html(html_str: str) -> str:
+        """Fallback: no nh3, return escaped HTML. Install nh3 for rich HTML rendering."""
+        import html
+        return html.escape(html_str)
 
 def basic():
     from praisonai import PraisonAI

src/praisonai/api.py

@@ -3,8 +3,8 @@ class Praisonai < Formula
 
     desc "AI tools for various AI applications"
     homepage "https://github.com/MervinPraison/PraisonAI"
-    url "https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.125.tar.gz"
-    sha256 `curl -sL https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.125.tar.gz | shasum -a 256`.split.first
+    url "https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.126.tar.gz"
+    sha256 `curl -sL https://github.com/MervinPraison/PraisonAI/archive/refs/tags/v4.5.126.tar.gz | shasum -a 256`.split.first
     license "MIT"
 
     depends_on "python@3.11"