Skip to content

feat(gateway): ingest inbound Slack text/log attachments (#1718)#1883

Open
kgabryje wants to merge 1 commit into
mainfrom
gateway-slack-text-ingestion
Open

feat(gateway): ingest inbound Slack text/log attachments (#1718)#1883
kgabryje wants to merge 1 commit into
mainfrom
gateway-slack-text-ingestion

Conversation

@kgabryje

Copy link
Copy Markdown
Member

Summary

Extends the inbound Slack attachment ingestion pipeline (#1847) from images-only to text-like files agents use as context: logs, plain text, CSV, JSON, and markdown.

  • Filter generalized: isIngestableImageFileisIngestableFile accepts image/* plus the text-like subset (text/*, application/json) of the existing ALLOWED_UPLOAD_MIME_TYPES upload-route allowlist — no new MIME list is introduced; the security boundary stays defined in one place.
  • Response content-type validation broadened the same way: the download path now accepts allowlisted text types alongside images, and keeps rejecting everything else (text/html login pages, image/svg+xml, scripts, and allowlisted-but-out-of-scope types like application/pdf).
  • Rename: ingestInboundImageAttachmentsingestInboundAttachments. All hardening is unchanged: slack.com host allowlist with per-hop redirect revalidation, streaming byte-cap on actual received bytes, per-file size and per-message count ceilings, file.id-prefixed filenames, graceful degradation (failures append a note, never throw).
  • Reuses the existing ingest_files flag and files:read scope — no new flag or scope. UI labels/tooltips and the MCP tool description updated from "images" to "images and text files".
  • Gateway service call site unchanged in logic — the filter inside the ingest function now decides image vs. text vs. skip.

Out of scope (deferred to #1719): PDFs, office documents, OCR, media.

Tests

  • Text attachment (text/csv) downloaded, stored, and path folded into the prompt
  • isIngestableFile accepts text/plain, text/csv, text/markdown, application/json; rejects application/x-sh, application/xml, image/svg+xml, text/html, and allowlisted-but-out-of-scope application/pdf and application/zip
  • Oversized text stream aborted by the streaming byte-cap
  • Allowlisted-but-out-of-scope response content-type (application/pdf) rejected
  • ingest_files off → no download (existing coverage, unchanged)

Full daemon suite: 1643 passed. pnpm check green.

🤖 Generated with Claude Code

Extend the inbound attachment ingestion pipeline (#1847) from images-only
to the text-like subset of ALLOWED_UPLOAD_MIME_TYPES (text/plain,
text/markdown, text/csv, application/json). Same ingest_files opt-in,
same hardened download path (slack.com allowlist with per-hop redirect
revalidation, streaming byte-cap, size/count limits), same
store-and-fold-path-into-prompt model. PDFs/office/archives stay out of
scope (#1719).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

ai-reviewed-claude-fable-5 Reviewed by Claude Fable 5 ai-reviewed-gpt-5-6-sol Reviewed by Codex GPT-5.6-sol

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants