Integration codex security review S-2.
list(kind=proposal, proposer=X) lets any caller enumerate any other actor's proposals within a namespace. Within-tenant cross-actor reconnaissance.
Multi-actor fix: filter results to caller's actor unless explicit moderator capability. OSS single-user unaffected.
Integration codex security review S-2.
list(kind=proposal, proposer=X)lets any caller enumerate any other actor's proposals within a namespace. Within-tenant cross-actor reconnaissance.Multi-actor fix: filter results to caller's actor unless explicit moderator capability. OSS single-user unaffected.