From 02d2838424546737af3c1652972f3288a8b4c5c1 Mon Sep 17 00:00:00 2001
From: icarus <eurfelux@gmail.com>
Date: Thu, 18 Sep 2025 22:50:05 +0800
Subject: [PATCH] fix(agent): add response validation for ID mismatches

Add checks to ensure response IDs match expected values in agent API calls
---
 src/renderer/src/api/agent.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/renderer/src/api/agent.ts b/src/renderer/src/api/agent.ts
index 29b688e5be..96fdcb58ed 100644
--- a/src/renderer/src/api/agent.ts
+++ b/src/renderer/src/api/agent.ts
@@ -104,6 +104,9 @@ export class AgentApiClient {
     try {
       const response = await this.axios.get(url)
       const data = GetAgentResponseSchema.parse(response.data)
+      if (data.id !== id) {
+        throw new Error('Agent ID mismatch in response')
+      }
       return data
     } catch (error) {
       throw processError(error, 'Failed to get agent.')
@@ -125,6 +128,9 @@ export class AgentApiClient {
       const payload = form satisfies UpdateAgentRequest
       const response = await this.axios.patch(url, payload)
       const data = UpdateAgentResponseSchema.parse(response.data)
+      if (data.id !== form.id) {
+        throw new Error('Agent ID mismatch in response')
+      }
       return data
     } catch (error) {
       throw processError(error, 'Failed to updateAgent.')
@@ -162,6 +168,9 @@ export class AgentApiClient {
     try {
       const response = await this.axios.get(url)
       const data = GetAgentSessionResponseSchema.parse(response.data)
+      if (sessionId !== data.id) {
+        throw new Error('Session ID mismatch in response')
+      }
       return data
     } catch (error) {
       throw processError(error, 'Failed to get session.')