Problem
handle_apply_batch in apps/skit/src/websocket_handlers.rs does not enforce the same oneshot-only node rejection (streamkit::http_input, streamkit::http_output) or plugin allowlist (perms.is_plugin_allowed) checks that handle_add_node does (lines 432-453).
This means a user could:
- Add oneshot-only marker nodes via the batch API
- Bypass the plugin allowlist via the batch API
Location
handle_add_node: apps/skit/src/websocket_handlers.rs:432-453 (has the checks)handle_apply_batch: apps/skit/src/websocket_handlers.rs:1259-1320 (missing the checks)handle_validate_batch: apps/skit/src/websocket_handlers.rs:1135-1191 (also missing)
Suggested fix
Add the same oneshot and plugin allowlist checks to the batch validation loop. The permission loop at lines 1259-1320 already validates perms.is_node_allowed(kind) and file security — the oneshot and plugin checks should be added alongside them.
Context
Identified during review of PR #286 (async AddNode). This is a pre-existing issue, not introduced by that PR.
Problem
handle_apply_batchinapps/skit/src/websocket_handlers.rsdoes not enforce the same oneshot-only node rejection (streamkit::http_input,streamkit::http_output) or plugin allowlist (perms.is_plugin_allowed) checks thathandle_add_nodedoes (lines 432-453).This means a user could:
Location
handle_add_node:apps/skit/src/websocket_handlers.rs:432-453(has the checks)handle_apply_batch:apps/skit/src/websocket_handlers.rs:1259-1320(missing the checks)handle_validate_batch:apps/skit/src/websocket_handlers.rs:1135-1191(also missing)Suggested fix
Add the same oneshot and plugin allowlist checks to the batch validation loop. The permission loop at lines 1259-1320 already validates
perms.is_node_allowed(kind)and file security — the oneshot and plugin checks should be added alongside them.Context
Identified during review of PR #286 (async AddNode). This is a pre-existing issue, not introduced by that PR.