From 9b7aafa141e3c96f4c8d87da255513d31d33f02d Mon Sep 17 00:00:00 2001
From: Peter Steinberger <steipete@gmail.com>
Date: Tue, 17 Mar 2026 09:52:21 +0000
Subject: [PATCH] test: merge audit sandbox docker config cases

---
 src/security/audit.test.ts | 45 ++++++++++++++------------------------
 1 file changed, 17 insertions(+), 28 deletions(-)

diff --git a/src/security/audit.test.ts b/src/security/audit.test.ts
index 9bece264378..dfd60ebda69 100644
--- a/src/security/audit.test.ts
+++ b/src/security/audit.test.ts
@@ -1104,12 +1104,8 @@ description: test skill
     );
   });
 
-  it("checks sandbox docker mode-off findings with/without agent override", async () => {
-    const cases: Array<{
-      name: string;
-      cfg: OpenClawConfig;
-      expectedPresent: boolean;
-    }> = [
+  it("evaluates sandbox docker config findings", async () => {
+    const cases = [
       {
         name: "mode off with docker config only",
         cfg: {
@@ -1121,8 +1117,8 @@ description: test skill
               },
             },
           },
-        },
-        expectedPresent: true,
+        } as OpenClawConfig,
+        expectedFindings: [{ checkId: "sandbox.docker_config_mode_off" }],
       },
       {
         name: "agent enables sandbox mode",
@@ -1136,22 +1132,10 @@ description: test skill
             },
             list: [{ id: "ops", sandbox: { mode: "all" } }],
           },
-        },
-        expectedPresent: false,
+        } as OpenClawConfig,
+        expectedFindings: [],
+        expectedAbsent: ["sandbox.docker_config_mode_off"],
       },
-    ];
-    await Promise.all(
-      cases.map(async (testCase) => {
-        const res = await audit(testCase.cfg);
-        expect(hasFinding(res, "sandbox.docker_config_mode_off"), testCase.name).toBe(
-          testCase.expectedPresent,
-        );
-      }),
-    );
-  });
-
-  it("flags dangerous sandbox docker config", async () => {
-    const cases = [
       {
         name: "dangerous binds, host network, seccomp, and apparmor",
         cfg: {
@@ -1203,11 +1187,16 @@ description: test skill
     await Promise.all(
       cases.map(async (testCase) => {
         const res = await audit(testCase.cfg);
-        expect(res.findings, testCase.name).toEqual(
-          expect.arrayContaining(
-            testCase.expectedFindings.map((finding) => expect.objectContaining(finding)),
-          ),
-        );
+        if (testCase.expectedFindings.length > 0) {
+          expect(res.findings, testCase.name).toEqual(
+            expect.arrayContaining(
+              testCase.expectedFindings.map((finding) => expect.objectContaining(finding)),
+            ),
+          );
+        }
+        for (const checkId of testCase.expectedAbsent ?? []) {
+          expect(hasFinding(res, checkId), `${testCase.name}:${checkId}`).toBe(false);
+        }
       }),
     );
   });