security(#301): harden webhook spool (0700 dir, O_NOFOLLOW, 0600)

[nolanmak]

Closes #301.

Hardens the webhook spool against the local symlink/poisoning attack (which bypassed the HTTP-route HMAC, since the real trust boundary was an unprotected /tmp file).

• Spool + deft seen-set defaults move out of world-writable, predictable /tmp into a per-user 0700 state dir (${XDG_RUNTIME_DIR}/augmentagent or ~/.local/state/augmentagent) — matching the convention the Rust crates already use.
• New appendHardened() creates the dir 0700 and opens with O_APPEND|O_CREAT|O_WRONLY|O_NOFOLLOW at mode 0600, so a pre-planted symlink throws ELOOP instead of redirecting writes.
• Wire format and the AUGMENTAGENT_WEBHOOK_SPOOL / AUGMENTAGENT_DEFT_SEEN env overrides are unchanged.

Only src/webhooks.ts changed. No Rust change needed — grep of all 36 crates found no consumer of the spool path/env (confirmed).

Verification: npm install + npx tsc --noEmit pass (exit 0).

🤖 swarm-authored, human-review-required (draft).

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cd04ebf5-ea45-40a8-8199-49b4a55068fd

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sec/301-webhook-spool

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}