Parent umbrella issue: #408
Source audit: Weekly tech debt audit: dispatch - 2026-06-17
Source audit date: 2026-06-17
Original recommendation
P1 — Add authentication to POST /api/agents/[agentName]/tasks/report or remove the endpoint until it actually persists reports.
Matched top finding
A new mutating route was added since the last audit that accepts any anonymous POST, validates the body, and returns 200 { ok: true, report } — but does not persist anything to the database. The endpoint is named "report" but is a no-op echo. It has no authorizeRequest() call, no getAuthMode() awareness, and no test asserting that bad auth is rejected (because it cannot be — it accepts everything). A malicious actor can spam it for log poisoning, body-shape probing, or to confuse downstream consumers who think a reported task is real.
Evidence:
src/app/api/agents/[agentName]/tasks/report/route.ts defines POST without authorizeRequest (only Request parameter).- Route summary:
auth=no verbs=POST(.
- The test file
src/app/api/agents/[agentName]/tasks/report/route.test.ts asserts only validation, not auth: 12 test cases, zero 401 paths.
- Body shape:
{ taskType, outcome, repoFullName?, issueNumber?, pullRequestNumber?, pullRequestUrl?, summary?, error? } — echoes back via TaskReportBody.
- Comment in code says "validated" and "report" but no
prisma.auditLog.create / prisma.agentRun.create call exists.
Parent umbrella issue: #408
Source audit: Weekly tech debt audit: dispatch - 2026-06-17
Source audit date: 2026-06-17
Original recommendation
P1 — Add authentication to
POST /api/agents/[agentName]/tasks/reportor remove the endpoint until it actually persists reports.Matched top finding
A new mutating route was added since the last audit that accepts any anonymous POST, validates the body, and returns
200 { ok: true, report }— but does not persist anything to the database. The endpoint is named "report" but is a no-op echo. It has noauthorizeRequest()call, nogetAuthMode()awareness, and no test asserting that bad auth is rejected (because it cannot be — it accepts everything). A malicious actor can spam it for log poisoning, body-shape probing, or to confuse downstream consumers who think a reported task is real.Evidence:
src/app/api/agents/[agentName]/tasks/report/route.tsdefines POST withoutauthorizeRequest(onlyRequestparameter).auth=no verbs=POST(.src/app/api/agents/[agentName]/tasks/report/route.test.tsasserts only validation, not auth: 12 test cases, zero 401 paths.{ taskType, outcome, repoFullName?, issueNumber?, pullRequestNumber?, pullRequestUrl?, summary?, error? }— echoes back viaTaskReportBody.prisma.auditLog.create/prisma.agentRun.createcall exists.