feat(desktop): add guarded browser click execution (Phase 2F-A2)#9
Closed
gu87 wants to merge 1 commit into
Closed
Conversation
- Move click from AWAITING_SAFETY_ACTIONS to EXECUTABLE_ACTIONS. - Add getInteractiveEnumerationScript(): deterministic @en candidate enumeration shared by verify-action-target and execute-click. - Add executeClick IPC handler with semantic safety guards: - Rejects submit_button, reset_button, file_input, password_input, external_link by semanticRole. - Rejects destructive labels (delete/remove/destroy/discard/clear all). - Re-verifies: targetRef, URL, fingerprint, visible, not disabled. - Executes via Electron wc.sendInputEvent (native mouseDown/mouseUp). - Add getInteractiveSnapshot IPC (read-only element enumeration). - Add buildSafetyContextFromElement() helper in desktop-visible-provider. - Add executeDesktopClick() function with pre-execution bridge checks. - Keep type non-executable (still AWAITING_SAFETY, returns failed). - Keep eval/press_key/scroll permanently denied. - No agent-provided JS execution — all scripts are fixed strings. - sendInputEvent is the only mutation path. 174 browser-runtime tests pass. 79 platform tests pass. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Owner
Author
|
Closing for now. Real click execution crosses the safety boundary and will return after a dedicated design review. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds safe browser click execution for the desktop runtime.
clickmoves from non-executable (AWAITING_SAFETY_ACTIONS) to executable (EXECUTABLE_ACTIONS) — but only after full user approval AND main-process re-verification with semantic safety guards.What Changed
getInteractiveEnumerationScript()— a fixed script that enumerates interactive elements in DOM order, assigning stable@eNrefs. Shared byverify-action-targetandexecute-click.hermes:browser:get-interactive-snapshot(read-only element list).hermes:browser:execute-clickwith re-verification and semantic guards.submit_button,reset_button,file_input,password_input,external_link(bysemanticRole)delete,remove,destroy,discard,clear all,reset all)wc.sendInputEvent(nativemouseDown/mouseUp) — nodispatchEvent, no JS injection,isTrusted: true.action-gateway-ui: click executor now callsexecuteDesktopClick()→ real execution path.Safety Boundary
clicktypeeval,press_key,scrollnavigateGuard Coverage
button[type="submit"]/input[type="submit"]button[type="reset"]/input[type="reset"]input[type="file"]input[type="password"]a[href^="http"](external links)button,input[type="text"], internala[href="#"]Validation
npm run type-check: PASSnpx eslint(scoped): 0 errorsnpx vitest --environment jsdom src/app/browser-runtime/: 174/174 PASS (+8 semantic guard tests)npm run test:desktop:platforms: 79/79 PASSScope
🤖 Generated with Claude Code