Freshbits โ security hardening wave
Fixes
- 5dc50b8 fix(security): harden npm plugin and hook install integrity flow- 3561442 fix(plugins): harden discovery trust checks
- baa335f fix(security): harden SSRF IPv4 literal parsing
- 7758160 fix(security): enforce trusted sender auth for discord moderation
- 26c9b37 fix(security): enforce strict IPv4 SSRF literal handling
- 3d7ad1c fix(security): centralize owner-only tool gating and scope maps
- b40821b fix: harden ACP secret handling and exec preflight boundaries
- 10379e7 fix: harden voice-call tts deep merge
- 81b19aa fix(security): enforce plugin and hook path containment
- 732e531 fix(security): OC-53 enforce 2MB prompt size limit to prevent ACP DoS โ Aether AI Agent
- ebcf197 fix(security): OC-53 validate prompt size before string concatenation to prevent memory exhaustion โ Aether AI Agent
- 63e39d7 fix(security): harden ACP prompt size guardrails
- c45f3c5 fix(gateway): harden canvas auth with session capabilities
- dafe52e fix(daemon): escape schtasks environment assignments
