fix(init): use opendir for listDir and validate symlinks during traversal

Replace the recursive readdirSync walk with fs.promises.opendir({ recursive, bufferSize: 1024 })
for cleaner iteration. Add symlink validation via safePath on each entry so symlinks pointing
outside the project directory are excluded from listings.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: betegon

src/lib/init/local-ops.ts

@@ -284,8 +284,10 @@ function safePath(cwd: string, relative: string): string {
  * Pre-compute directory listing before the first API call.
  * Uses the same parameters the server's discover-context step would request.
  */
-export function precomputeDirListing(directory: string): DirEntry[] {
-  const result = listDir({
+export async function precomputeDirListing(
+  directory: string
+): Promise<DirEntry[]> {
+  const result = await listDir({
     type: "local-op",
     operation: "list-dir",
     cwd: directory,
@@ -344,7 +346,10 @@ export async function handleLocalOp(
   }
 }
 
-function listDir(payload: ListDirPayload): LocalOpResult {
+/** Directory names that are listed at their level but never recursed into. */
+const SKIP_DIRS = new Set(["node_modules"]);
+
+async function listDir(payload: ListDirPayload): Promise<LocalOpResult> {
   const { cwd, params } = payload;
   const targetPath = safePath(cwd, params.path);
   const maxDepth = params.maxDepth ?? 3;
@@ -353,40 +358,48 @@ function listDir(payload: ListDirPayload): LocalOpResult {
 
   const entries: DirEntry[] = [];
 
-  // biome-ignore lint/complexity/noExcessiveCognitiveComplexity: walking the directory tree is a complex operation
-  function walk(dir: string, depth: number): void {
-    if (entries.length >= maxEntries || depth > maxDepth) {
-      return;
-    }
+  try {
+    const dir = await fs.promises.opendir(targetPath, {
+      recursive,
+      bufferSize: 1024,
+    });
 
-    let dirEntries: fs.Dirent[];
-    try {
-      dirEntries = fs.readdirSync(dir, { withFileTypes: true });
-    } catch {
-      return;
-    }
+    for await (const entry of dir) {
+      if (entries.length >= maxEntries) break;
+
+      const relFromTarget = path.relative(targetPath, entry.parentPath);
+      const depth =
+        relFromTarget === "" ? 0 : relFromTarget.split(path.sep).length;
 
-    for (const entry of dirEntries) {
-      if (entries.length >= maxEntries) {
-        return;
+      if (depth > maxDepth) continue;
+
+      // Skip entries nested inside hidden dirs or node_modules,
+      // but still list the skip-dirs themselves at their parent level.
+      if (relFromTarget !== "") {
+        const segments = relFromTarget.split(path.sep);
+        if (segments.some((s) => s.startsWith(".") || SKIP_DIRS.has(s))) {
+          continue;
+        }
       }
 
-      const relPath = path.relative(cwd, path.join(dir, entry.name));
-      const type = entry.isDirectory() ? "directory" : "file";
-      entries.push({ name: entry.name, path: relPath, type });
+      const relPath = path.relative(cwd, path.join(entry.parentPath, entry.name));
 
-      if (
-        recursive &&
-        entry.isDirectory() &&
-        !entry.name.startsWith(".") &&
-        entry.name !== "node_modules"
-      ) {
-        walk(path.join(dir, entry.name), depth + 1);
+      // If this entry is a symlink, verify it doesn't escape the project directory.
+      if (entry.isSymbolicLink()) {
+        try {
+          safePath(cwd, relPath);
+        } catch {
+          continue;
+        }
       }
+
+      const type = entry.isDirectory() ? "directory" : "file";
+      entries.push({ name: entry.name, path: relPath, type });
     }
+  } catch {
+    // Directory doesn't exist or can't be read
   }
 
-  walk(targetPath, 0);
   return { ok: true, data: { entries } };
 }
 

src/lib/init/wizard-runner.ts

@@ -623,7 +623,7 @@ export async function runWizard(initialOptions: WizardOptions): Promise<void> {
   let run: Awaited<ReturnType<typeof workflow.createRun>>;
   let result: WorkflowRunResult;
   try {
-    const dirListing = precomputeDirListing(directory);
+    const dirListing = await precomputeDirListing(directory);
     spin.message("Connecting to wizard...");
     run = await workflow.createRun();
     result = assertWorkflowResult(

test/lib/init/local-ops.test.ts

@@ -462,6 +462,26 @@ describe("handleLocalOp", () => {
       // Depth 2+ should not be reached
       expect(paths).not.toContain(join("a", "b", "c"));
     });
+
+    test("excludes symlinks that point outside project directory", async () => {
+      writeFileSync(join(testDir, "legit.ts"), "x");
+      symlinkSync("/tmp", join(testDir, "escape-link"));
+
+      const payload: ListDirPayload = {
+        type: "local-op",
+        operation: "list-dir",
+        cwd: testDir,
+        params: { path: "." },
+      };
+
+      const result = await handleLocalOp(payload, options);
+      const entries = (result.data as { entries: Array<{ name: string }> })
+        .entries;
+      const names = entries.map((e) => e.name);
+
+      expect(names).toContain("legit.ts");
+      expect(names).not.toContain("escape-link");
+    });
   });
 
   describe("read-files", () => {
@@ -906,11 +926,11 @@ describe("precomputeDirListing", () => {
     rmSync(testDir, { recursive: true, force: true });
   });
 
-  test("returns DirEntry[] directly", () => {
+  test("returns DirEntry[] directly", async () => {
     writeFileSync(join(testDir, "app.ts"), "x");
     mkdirSync(join(testDir, "src"));
 
-    const entries = precomputeDirListing(testDir);
+    const entries = await precomputeDirListing(testDir);
 
     expect(Array.isArray(entries)).toBe(true);
     expect(entries.length).toBeGreaterThanOrEqual(2);
@@ -926,16 +946,16 @@ describe("precomputeDirListing", () => {
     expect(dir?.type).toBe("directory");
   });
 
-  test("returns empty array for non-existent directory", () => {
-    const entries = precomputeDirListing(join(testDir, "nope"));
+  test("returns empty array for non-existent directory", async () => {
+    const entries = await precomputeDirListing(join(testDir, "nope"));
     expect(entries).toEqual([]);
   });
 
-  test("recursively lists nested entries", () => {
+  test("recursively lists nested entries", async () => {
     mkdirSync(join(testDir, "a"));
     writeFileSync(join(testDir, "a", "nested.ts"), "x");
 
-    const entries = precomputeDirListing(testDir);
+    const entries = await precomputeDirListing(testDir);
     const paths = entries.map((e) => e.path);
     expect(paths).toContain(join("a", "nested.ts"));
   });

test/lib/init/wizard-runner.test.ts

@@ -193,9 +193,10 @@ beforeEach(() => {
     ok: true,
     data: { results: [] },
   });
-  precomputeDirListingSpy = spyOn(ops, "precomputeDirListing").mockReturnValue(
-    []
-  );
+  precomputeDirListingSpy = spyOn(
+    ops,
+    "precomputeDirListing"
+  ).mockResolvedValue([]);
   handleInteractiveSpy = spyOn(inter, "handleInteractive").mockResolvedValue({
     action: "continue",
   });