fix(rss): prevent path traversal via unvalidated feed_id in get_feed_file_path

[poshinchen]

Description

What

Fix CWE-22 path traversal vulnerability in the RSS tool's get_feed_file_path() method.

The feed_id parameter was concatenated directly into a file path via os.path.join(self.storage_path, f"{feed_id}.json") without validation, allowing traversal sequences like ../ to read, write, or delete .json files outside the intended storage directory.

Fix

• The fix resolves the constructed path with os.path.realpath() and verifies it remains within storage_path before returning. This covers all three affected operations (read via load_feed_data, write via save_feed_data, delete via unsubscribe's os.remove) since they all go through get_feed_file_path.

• Added parametrized tests for rejected traversal patterns and accepted valid IDs

Related Issues

N/A

Documentation PR

N/A

Type of Change

Bug fix
Breaking change
Documentation update
Other (please describe):

Testing

How have you tested the change? Verify that the changes do not break functionality or introduce warnings in consuming repositories: agents-docs, agents-tools, agents-cli

• I ran hatch run prepare

Checklist

• I have read the CONTRIBUTING document
• I have added any necessary tests that prove my fix is effective or my feature works
• I have updated the documentation accordingly
• I have added an appropriate example to the documentation to outline the feature
• My changes generate no new warnings
• Any dependent changes have been merged and published

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.