Skip to content

Sanitize investigation prompt before tmux injection in launch.rs #310

Description

@ooloth

Current state

The investigation path writes prompt.md and passes context into a tmux window via tmux new-window. In ui/tui/src/investigations/launch.rs, the prompt value is built from external GitHub API data (PR body, issue body, CI log content) and embedded directly into a shell-quoted tmux command string. API-sourced content containing a double-quote, $(), or other shell metacharacters can break shell quoting and allow unintended command execution when the investigation window opens.

(The dispatch.rs injection site described in the original issue was removed by ADR 019 — the task model is gone. The investigation launch site survives.)

Ideal state

  • The prompt content is written to a file (as supporting_data already is) and only the file path — a controlled value — appears in the shell command string.
  • No content sourced from GitHub API responses can alter the commands executed when the investigation window opens.

Starting points

  • ui/tui/src/investigations/launch.rs — the tmux command construction and prompt injection

Done when

No content in a GitHub PR body, issue body, or CI log can execute as shell syntax in the investigation tmux command.

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions