From 423b3d3091dfba70c4cbe970ee4a60bbd8e87885 Mon Sep 17 00:00:00 2001
From: elliotllliu <55885132+elliotllliu@users.noreply.github.com>
Date: Tue, 17 Mar 2026 18:09:56 +0000
Subject: [PATCH] fix(security): sanitize gstack-slug output against shell
 injection

The eval $(gstack-slug) pattern used across 14+ skill templates
passes git-derived values (remote URL, branch name) through eval
without stripping shell metacharacters like ;, $(), backticks, |.

Add a sanitize function that strips everything except [a-zA-Z0-9._-]
from both SLUG and BRANCH before output. This hardens all existing
callers without requiring changes to any template file.

Risk was low (GitHub/GitLab enforce safe naming) but defense-in-depth
matters for self-hosted git servers or exotic remote URLs.

Fixes #133
---
 bin/gstack-slug | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/bin/gstack-slug b/bin/gstack-slug
index 7336b7b..277daf8 100755
--- a/bin/gstack-slug
+++ b/bin/gstack-slug
@@ -3,7 +3,12 @@
 # Usage: eval $(gstack-slug)  → sets SLUG and BRANCH variables
 # Or:    gstack-slug           → prints SLUG=... and BRANCH=... lines
 set -euo pipefail
-SLUG=$(git remote get-url origin 2>/dev/null | sed 's|.*[:/]\([^/]*/[^/]*\)\.git$|\1|;s|.*[:/]\([^/]*/[^/]*\)$|\1|' | tr '/' '-')
-BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null | tr '/' '-')
+
+# Sanitize: strip everything except alphanumeric, dot, hyphen, underscore.
+# Prevents shell injection when the output is consumed via eval.
+sanitize() { tr -cd 'a-zA-Z0-9._-'; }
+
+SLUG=$(git remote get-url origin 2>/dev/null | sed 's|.*[:/]\([^/]*/[^/]*\)\.git$|\1|;s|.*[:/]\([^/]*/[^/]*\)$|\1|' | tr '/' '-' | sanitize)
+BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null | tr '/' '-' | sanitize)
 echo "SLUG=$SLUG"
 echo "BRANCH=$BRANCH"