fix: add input validation, date range checks, and security hardening

- validate-agents.js: reject invalid model names in agent frontmatter - package-manager.js: validate script/binary names against shell injection - session-manager.js: reject impossible month/day values in filenames - utils.js: support options.all for replaceInFile string patterns - strategic-compact/SKILL.md: fix hook matcher syntax and script reference - install.sh: warn when overwriting existing rule customizations - Add 24 new tests covering all validation and edge cases
2026-03-30 13:43:26 +08:00 · 2026-02-12 17:32:04 -08:00
parent 35aed05903
commit 926eba97c5
10 changed files with 312 additions and 10 deletions
--- a/scripts/ci/validate-agents.js
+++ b/scripts/ci/validate-agents.js
@@ -8,6 +8,7 @@ const path = require('path');

 const AGENTS_DIR = path.join(__dirname, '../../agents');
 const REQUIRED_FIELDS = ['model', 'tools'];
+const VALID_MODELS = ['haiku', 'sonnet', 'opus'];

 function extractFrontmatter(content) {
  // Strip BOM if present (UTF-8 BOM: \uFEFF)
@@ -62,6 +63,12 @@ function validateAgents() {
        hasErrors = true;
      }
    }
+
+    // Validate model is a known value
+    if (frontmatter.model && !VALID_MODELS.includes(frontmatter.model)) {
+      console.error(`ERROR: ${file} - Invalid model '${frontmatter.model}'. Must be one of: ${VALID_MODELS.join(', ')}`);
+      hasErrors = true;
+    }
  }

  if (hasErrors) {
--- a/scripts/lib/package-manager.js
+++ b/scripts/lib/package-manager.js
@@ -280,12 +280,24 @@ function setProjectPackageManager(pmName, projectDir = process.cwd()) {
  return config;
 }

+// Allowed characters in script/binary names: alphanumeric, dash, underscore, dot, slash, @
+// This prevents shell metacharacter injection while allowing scoped packages (e.g., @scope/pkg)
+const SAFE_NAME_REGEX = /^[@a-zA-Z0-9_.\/-]+$/;
+
 /**
 * Get the command to run a script
 * @param {string} script - Script name (e.g., "dev", "build", "test")
 * @param {object} options - { projectDir }
+ * @throws {Error} If script name contains unsafe characters
 */
 function getRunCommand(script, options = {}) {
+  if (!script || typeof script !== 'string') {
+    throw new Error('Script name must be a non-empty string');
+  }
+  if (!SAFE_NAME_REGEX.test(script)) {
+    throw new Error(`Script name contains unsafe characters: ${script}`);
+  }
+
  const pm = getPackageManager(options);

  switch (script) {
@@ -306,8 +318,16 @@ function getRunCommand(script, options = {}) {
 * Get the command to execute a package binary
 * @param {string} binary - Binary name (e.g., "prettier", "eslint")
 * @param {string} args - Arguments to pass
+ * @throws {Error} If binary name contains unsafe characters
 */
 function getExecCommand(binary, args = '', options = {}) {
+  if (!binary || typeof binary !== 'string') {
+    throw new Error('Binary name must be a non-empty string');
+  }
+  if (!SAFE_NAME_REGEX.test(binary)) {
+    throw new Error(`Binary name contains unsafe characters: ${binary}`);
+  }
+
  const pm = getPackageManager(options);
  return `${pm.config.execCmd} ${binary}${args ? ' ' + args : ''}`;
 }
--- a/scripts/lib/session-manager.js
+++ b/scripts/lib/session-manager.js
@@ -31,6 +31,11 @@ function parseSessionFilename(filename) {
  if (!match) return null;

  const dateStr = match[1];
+
+  // Validate date components are in valid ranges (not just format)
+  const [year, month, day] = dateStr.split('-').map(Number);
+  if (month < 1 || month > 12 || day < 1 || day > 31) return null;
+
  // match[2] is undefined for old format (no ID)
  const shortId = match[2] || 'no-id';

--- a/scripts/lib/utils.js
+++ b/scripts/lib/utils.js
@@ -388,13 +388,26 @@ function getGitModifiedFiles(patterns = []) {

 /**
 * Replace text in a file (cross-platform sed alternative)
+ * @param {string} filePath - Path to the file
+ * @param {string|RegExp} search - Pattern to search for. String patterns replace
+ *   the FIRST occurrence only; use a RegExp with the `g` flag for global replacement.
+ * @param {string} replace - Replacement string
+ * @param {object} options - Options
+ * @param {boolean} options.all - When true and search is a string, replaces ALL
+ *   occurrences (uses String.replaceAll). Ignored for RegExp patterns.
+ * @returns {boolean} true if file was written, false on error
 */
-function replaceInFile(filePath, search, replace) {
+function replaceInFile(filePath, search, replace, options = {}) {
  const content = readFile(filePath);
  if (content === null) return false;

  try {
-    const newContent = content.replace(search, replace);
+    let newContent;
+    if (options.all && typeof search === 'string') {
+      newContent = content.replaceAll(search, replace);
+    } else {
+      newContent = content.replace(search, replace);
+    }
    writeFile(filePath, newContent);
    return true;
  } catch (err) {