Skip to content

Comments

fix(security): prevent command injection and URL protocol bypass vulnerabilities#1028

Open
Aryanpatel2001 wants to merge 3 commits intogeneralaction:mainfrom
Aryanpatel2001:fix/url-protocol-validation
Open

fix(security): prevent command injection and URL protocol bypass vulnerabilities#1028
Aryanpatel2001 wants to merge 3 commits intogeneralaction:mainfrom
Aryanpatel2001:fix/url-protocol-validation

Conversation

@Aryanpatel2001
Copy link
Contributor

@Aryanpatel2001 Aryanpatel2001 commented Feb 21, 2026

Summary

This PR fixes three security vulnerabilities:

  • URL Protocol Bypass (appIpc.ts): app:openExternal accepted any URL protocol including file://, allowing local file access
  • Token Command Injection (GitHubService.ts): GitHub token passed via shell echo command, vulnerable to command injection
  • Repo Delete Injection (githubIpc.ts): Repository owner/name not escaped in shell command

Changes

  1. appIpc.ts - Add URL protocol whitelist (http/https only)
  2. GitHubService.ts - Use spawn() with stdin instead of shell echo
  3. githubIpc.ts - Use quoteShellArg() to escape repo owner/name

Testing

  • pnpm run type-check passes

@vercel
Copy link

vercel bot commented Feb 21, 2026

@Aryanpatel2001 is attempting to deploy a commit to the General Action Team on Vercel.

A member of the Team first needs to authorize it.

@greptile-apps
Copy link

greptile-apps bot commented Feb 21, 2026

Greptile Summary

Fixed three security vulnerabilities:

  • URL Protocol Bypass: Added whitelist to only allow http/https URLs in app:openExternal
  • GitHub Token Injection: Replaced shell echo with spawn() + stdin to prevent command injection during gh CLI authentication
  • Repository Delete Injection: Added quoteShellArg() escaping for repo owner/name in cleanup command

The PR correctly addresses the stated vulnerabilities with appropriate fixes. However, the security review exposed similar command injection vulnerabilities in SSH connection handling code (lines 276-320 in appIpc.ts) that remain unaddressed. These involve unescaped user input in SSH commands and URL schemes for VSCode, Cursor, iTerm2, Warp, and Ghostty integrations.

Confidence Score: 2/5

  • This PR has critical security vulnerabilities in SSH connection handling that must be fixed before merging
  • While the PR successfully fixes the three stated vulnerabilities with proper techniques (protocol whitelist, spawn with stdin, shell escaping), the security review discovered 6 additional command injection vulnerabilities in the same file that were not addressed. These occur in SSH connection handling for VSCode/Cursor/iTerm2/Warp/Ghostty integrations where user-controlled data flows into shell commands without proper escaping
  • src/main/ipc/appIpc.ts needs immediate attention - lines 276-320 contain unescaped SSH connection parameters that create command injection vectors

Important Files Changed
Filename Overview
src/main/ipc/appIpc.ts Added URL protocol whitelist to prevent file:// and other dangerous protocols from being opened via app:openExternal
src/main/services/GitHubService.ts Replaced shell echo with spawn() and stdin to prevent command injection when authenticating with GitHub token
src/main/ipc/githubIpc.ts Applied quoteShellArg() to escape repository owner/name before passing to shell command

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[User Input] --> B{app:openExternal}
    B --> C[URL Protocol Validation]
    C -->|http/https| D[shell.openExternal - SAFE]
    C -->|file://, etc| E[Reject - BLOCKED]
    
    F[GitHub Token] --> G{authenticateGHCLI}
    G --> H[spawn with stdin]
    H --> I[gh auth login - SAFE]
    
    J[Repo owner/name] --> K{gh repo delete}
    K --> L[quoteShellArg]
    L --> M[execAsync - SAFE]
    
    N[SSH Connection Data] --> O{app:openInEditor}
    O --> P[VSCode/Cursor URL]
    O --> Q[Terminal SSH Commands]
    P -.->|VULNERABLE| R[Unescaped host/target]
    Q -.->|VULNERABLE| S[Unescaped username/host/target]
Loading

Last reviewed commit: ee8fab5

greptile-apps[bot]
greptile-apps bot reviewed Feb 21, 2026
View reviewed changes
Copy link

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 files reviewed, 6 comments

Edit Code Review Agent Settings | Greptile

@greptile-apps
Copy link

greptile-apps bot commented Feb 21, 2026

Additional Comments (6)

src/main/ipc/appIpc.ts
these custom URL schemes (vscode:// and cursor://) bypass the protocol whitelist you just added - an attacker could potentially inject malicious data through connection.host or target to exploit the VS Code/Cursor remote SSH handlers

              const remoteUrl = `vscode://vscode-remote/ssh-remote+${encodeURIComponent(connection.host)}${encodeURIComponent(target)}`;

src/main/ipc/appIpc.ts
same issue - need to encode connection.host and target

              const remoteUrl = `cursor://vscode-remote/ssh-remote+${encodeURIComponent(connection.host)}${encodeURIComponent(target)}`;

src/main/ipc/appIpc.ts
SSH command injection - target, connection.username, and connection.host are not properly escaped. Use the quoteShellArg() function here too

              const sshCommand = `ssh ${quoteShellArg(connection.username)}@${quoteShellArg(connection.host)} -p ${connection.port} -t "cd ${quoteShellArg(target)} && exec \\$SHELL"`;

src/main/ipc/appIpc.ts
same SSH command injection vulnerability here - use quoteShellArg()

              const sshCommand = `ssh ${quoteShellArg(connection.username)}@${quoteShellArg(connection.host)} -p ${connection.port} -t "cd ${quoteShellArg(target)} && exec \\$SHELL"`;

src/main/ipc/appIpc.ts
SSH command injection here too

              const sshCommand = `ssh ${quoteShellArg(connection.username)}@${quoteShellArg(connection.host)} -p ${connection.port} -t "cd ${quoteShellArg(target)} && exec \\$SHELL"`;

src/main/ipc/appIpc.ts
same SSH command injection vulnerability

              const sshCommand = `ssh ${quoteShellArg(connection.username)}@${quoteShellArg(connection.host)} -p ${connection.port} -t "cd ${quoteShellArg(target)} && exec \\$SHELL"`;

@Aryanpatel2001
fix(security): add URL protocol validation to app:openExternal
4d55737 
   The app:openExternal IPC handler was accepting any URL protocol,
   allowing access to local files via file:// and other dangerous
   protocols. This adds validation to only allow http: and https:
   protocols, preventing local file disclosure and malicious protocol
@Aryanpatel2001
fix(security): prevent command injection in GitHub auth and repo oper…
834e64c 
…ations

   - GitHubService.ts: Replace shell echo with spawn() to pass token via stdin
     This prevents command injection if token contains shell metacharacters

   - githubIpc.ts: Use quoteShellArg() to escape owner/name in repo delete
     This prevents command injection via crafted repository names
@Aryanpatel2001
fix(security): prevent command injection in SSH terminal launch
2858f94 
   - Add quoteShellArg to escape SSH connection parameters
   - Escape username, host, port, target in Terminal/iTerm2/Warp/Ghostty
   - URL-encode host for VSCode/Cursor remote
@Aryanpatel2001 Aryanpatel2001 force-pushed the fix/url-protocol-validation branch from ee8fab5 to 2858f94 Compare February 22, 2026 17:27
@Aryanpatel2001 Aryanpatel2001 mentioned this pull request Feb 22, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aryanpatel2001