fix(medium): Fix 10 MEDIUM severity findings from audit

1. Search performance (CodebaseIndexer.swift): Replaced .lowercased()
   + .contains() with .localizedCaseInsensitiveContains()
2. Occurrence counting (CodebaseIndexer.swift): Replaced array-splitting
   count with range-based loop using .range(of:options:range:)
3. O(n²) insert (ContextManager.swift): Changed insert(at:0) loop to
   append + reverse for O(n) message assembly
4. Memory limit (CodebaseIndexer.swift): Added 1MB cap on cached file
   content to prevent unbounded index memory growth
5. Python paths (MLXService.swift): Added multi-version Python lookup
   replacing hardcoded 3.9 path
6. Thread safety (MLXService.swift): Changed concurrent+barrier queues
   to serial queues for simpler, correct synchronization
7. Async logging (CommandValidator.swift): Moved file I/O to serial
   background queue, delegated to SecureLogger
8. Permission check (CommandValidator.swift): Added isReadableFile()
   check in validatePythonScript()
9. Regex validation (CommandValidator.swift): Converted Python function
   and system manipulation checks to regex with word boundaries
10. Debug cleanup: Removed remaining print() in logSecurityEvent()

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: kochj23

MLX Code/Services/CodebaseIndexer.swift

@@ -85,16 +85,20 @@ actor CodebaseIndexer {
                 }
 
                 do {
-                    let content = try String(contentsOf: fileURL, encoding: .utf8)
-                    let symbols = extractSymbols(from: content, language: ext)
-
                     let attributes = try fileManager.attributesOfItem(atPath: fileURL.path)
                     let size = attributes[.size] as? Int ?? 0
                     let modified = attributes[.modificationDate] as? Date ?? Date()
 
+                    // Only cache file content for files under 1 MB to limit memory usage
+                    let maxCachedContentSize = 1_048_576  // 1 MB
+                    let content = try String(contentsOf: fileURL, encoding: .utf8)
+                    let cachedContent = size <= maxCachedContentSize ? content : ""
+
+                    let symbols = extractSymbols(from: content, language: ext)
+
                     let indexed = IndexedFile(
                         path: fileURL.path,
-                        content: content,
+                        content: cachedContent,
                         language: ext,
                         lastModified: modified,
                         size: size,
@@ -119,27 +123,25 @@ actor CodebaseIndexer {
     ///   - limit: Maximum results to return
     /// - Returns: Matching files with relevance scores
     func search(_ query: String, limit: Int = 10) async -> [(file: IndexedFile, score: Double)] {
-        let lowercaseQuery = query.lowercased()
         var results: [(file: IndexedFile, score: Double)] = []
 
         for file in index.values {
             var score = 0.0
 
-            // Check file name
-            if file.path.lowercased().contains(lowercaseQuery) {
+            // Check file name using case-insensitive comparison (avoids per-file lowercasing)
+            if file.path.localizedCaseInsensitiveContains(query) {
                 score += 10.0
             }
 
-            // Check symbols
+            // Check symbols using case-insensitive comparison (avoids per-symbol lowercasing)
             for symbol in file.symbols {
-                if symbol.name.lowercased().contains(lowercaseQuery) {
+                if symbol.name.localizedCaseInsensitiveContains(query) {
                     score += 5.0
                 }
             }
 
-            // Check content
-            let contentLower = file.content.lowercased()
-            let occurrences = contentLower.components(separatedBy: lowercaseQuery).count - 1
+            // Count occurrences using range-based loop (avoids allocating split array)
+            let occurrences = countOccurrences(of: query, in: file.content)
             score += Double(occurrences) * 0.5
 
             if score > 0 {
@@ -153,6 +155,17 @@ actor CodebaseIndexer {
         return Array(results.prefix(limit))
     }
 
+    /// Counts case-insensitive occurrences of a substring without allocating an array
+    private func countOccurrences(of query: String, in content: String) -> Int {
+        var count = 0
+        var searchRange = content.startIndex..<content.endIndex
+        while let range = content.range(of: query, options: .caseInsensitive, range: searchRange) {
+            count += 1
+            searchRange = range.upperBound..<content.endIndex
+        }
+        return count
+    }
+
     /// Finds files similar to a given file
     /// - Parameter path: File path
     /// - Returns: Similar files

MLX Code/Services/ContextManager.swift

@@ -76,9 +76,11 @@ actor ContextManager {
             if recentTokens + msgTokens > budget.recentMessagesBudget {
                 break
             }
-            recentMessages.insert(message, at: 0)
+            recentMessages.append(message)
             recentTokens += msgTokens
         }
+        // Reverse once after collecting to restore chronological order (avoids O(n^2) inserts at index 0)
+        recentMessages.reverse()
 
         // 3. If older messages were dropped, create rule-based summary
         let droppedCount = nonSystemMessages.count - recentMessages.count

MLX Code/Services/MLXService.swift

@@ -515,7 +515,10 @@ actor MLXService {
 
         // Use actual Xcode Python binary (not the xcode-select shim at /usr/bin/python3)
         // The shim calls xcrun which is forbidden in App Sandbox
-        let pythonPath = "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.9/bin/python3.9"
+        guard let pythonPath = getXcodePythonPath() else {
+            await SecureLogger.shared.error("No Xcode Python binary found", category: "MLXService")
+            throw MLXServiceError.generationFailed("Python not found. Please install Xcode and Command Line Tools.")
+        }
         process.executableURL = URL(fileURLWithPath: pythonPath)
         process.arguments = [scriptPath]  // Daemon doesn't need --mode flag
         process.standardInput = inputPipe
@@ -783,6 +786,21 @@ actor MLXService {
         return "\(homeDir)/Library/Python/3.9/lib/python/site-packages"
     }
 
+    /// Discovers the Xcode-bundled Python binary by checking multiple versions
+    /// Falls back through 3.13, 3.12, 3.11, 3.10, 3.9 to find whichever is installed
+    /// - Returns: Path to the Python binary, or nil if none found
+    private func getXcodePythonPath() -> String? {
+        let basePath = "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions"
+        let pythonVersions = ["3.13", "3.12", "3.11", "3.10", "3.9"]
+        for version in pythonVersions {
+            let path = "\(basePath)/\(version)/bin/python\(version)"
+            if FileManager.default.fileExists(atPath: path) {
+                return path
+            }
+        }
+        return nil
+    }
+
     // MARK: - Private Methods
 
     /// Formats chat messages into a prompt string
@@ -985,14 +1003,12 @@ extension MLXService {
 
         // Use actual Xcode Python binary (not the xcode-select shim at /usr/bin/python3)
         // The shim calls xcrun which is forbidden in App Sandbox
-        let pythonPath = "/Applications/Xcode.app/Contents/Developer/Library/Frameworks/Python3.framework/Versions/3.9/bin/python3.9"
-        let pythonExists = FileManager.default.fileExists(atPath: pythonPath)
-        await SecureLogger.shared.info("Python exists at \(pythonPath): \(pythonExists)", category: "MLXService")
-
-        guard pythonExists else {
-            await SecureLogger.shared.error("Python binary not found at: \(pythonPath)", category: "MLXService")
-            throw MLXServiceError.generationFailed("Python 3.9 not found. Please install Xcode and Command Line Tools.")
+        // Checks multiple Python versions (3.13 down to 3.9) to find whichever Xcode ships
+        guard let pythonPath = getXcodePythonPath() else {
+            await SecureLogger.shared.error("No Xcode Python binary found across versions 3.9-3.13", category: "MLXService")
+            throw MLXServiceError.generationFailed("Python not found. Please install Xcode and Command Line Tools.")
         }
+        await SecureLogger.shared.info("Using Python at: \(pythonPath)", category: "MLXService")
 
         // Create process to download
         let process = Process()
@@ -1053,9 +1069,9 @@ extension MLXService {
             throw error
         }
 
-        // Capture all output in separate buffers (thread-safe with DispatchQueue)
-        let outputQueue = DispatchQueue(label: "com.mlxcode.output", attributes: .concurrent)
-        let errorQueue = DispatchQueue(label: "com.mlxcode.error", attributes: .concurrent)
+        // Capture all output in separate buffers (thread-safe with serial DispatchQueues)
+        let outputQueue = DispatchQueue(label: "com.mlxcode.output")
+        let errorQueue = DispatchQueue(label: "com.mlxcode.error")
         var allOutput = Data()
         var allErrors = Data()
 
@@ -1064,8 +1080,8 @@ extension MLXService {
         outputHandle.readabilityHandler = { handle in
             let data = handle.availableData
             if data.count > 0 {
-                // Store all output (thread-safe)
-                outputQueue.async(flags: .barrier) {
+                // Store all output (thread-safe via serial queue)
+                outputQueue.async {
                     allOutput.append(data)
                 }
 
@@ -1091,8 +1107,8 @@ extension MLXService {
         errorHandle.readabilityHandler = { handle in
             let data = handle.availableData
             if data.count > 0 {
-                // Store all errors (thread-safe)
-                errorQueue.async(flags: .barrier) {
+                // Store all errors (thread-safe via serial queue)
+                errorQueue.async {
                     allErrors.append(data)
                 }
 

MLX Code/Utilities/CommandValidator.swift

@@ -133,30 +133,40 @@ enum CommandValidator {
             }
         }
 
-        // 3. Block dangerous functions
-        let dangerousFunctions = [
-            "exec(",
-            "eval(",
-            "compile(",
-            "pickle.load(",
-            "pickle.loads(",
-            "torch.load(",
-            "open(",  // File access
-            "input(",  // User input
-            "raw_input("
+        // 3. Block dangerous functions using regex (consistent with import validation above)
+        // Each tuple: (regex pattern, human-readable description)
+        let dangerousFunctionPatterns: [(pattern: String, description: String)] = [
+            (#"\bexec\s*\("#, "exec()"),
+            (#"\beval\s*\("#, "eval()"),
+            (#"\bcompile\s*\("#, "compile()"),
+            (#"\bpickle\.loads?\s*\("#, "pickle.load(s)"),
+            (#"\btorch\.load\s*\("#, "torch.load()"),
+            (#"\bopen\s*\("#, "open()"),
+            (#"\binput\s*\("#, "input()"),
+            (#"\braw_input\s*\("#, "raw_input()")
         ]
 
-        for dangerous in dangerousFunctions {
-            if code.contains(dangerous) {
-                logSecurityEvent("BLOCKED dangerous Python function: \(dangerous)", level: .critical)
-                throw SecurityError.dangerousFunction(dangerous)
+        for (regexPattern, description) in dangerousFunctionPatterns {
+            if let regex = try? NSRegularExpression(pattern: regexPattern, options: []),
+               regex.firstMatch(in: uncommentedCode, range: NSRange(uncommentedCode.startIndex..., in: uncommentedCode)) != nil {
+                logSecurityEvent("BLOCKED dangerous Python function: \(description)", level: .critical)
+                throw SecurityError.dangerousFunction(description)
             }
         }
 
-        // 4. Block system manipulation
-        if code.contains("os.") || code.contains("sys.") || code.contains("subprocess.") {
-            logSecurityEvent("BLOCKED system manipulation in Python code", level: .critical)
-            throw SecurityError.systemManipulation
+        // 4. Block system manipulation using regex for consistency
+        let systemPatterns: [(pattern: String, description: String)] = [
+            (#"\bos\."#, "os module access"),
+            (#"\bsys\."#, "sys module access"),
+            (#"\bsubprocess\."#, "subprocess module access")
+        ]
+
+        for (regexPattern, description) in systemPatterns {
+            if let regex = try? NSRegularExpression(pattern: regexPattern, options: []),
+               regex.firstMatch(in: uncommentedCode, range: NSRange(uncommentedCode.startIndex..., in: uncommentedCode)) != nil {
+                logSecurityEvent("BLOCKED system manipulation: \(description)", level: .critical)
+                throw SecurityError.systemManipulation
+            }
         }
 
         // 5. Log for audit
@@ -184,6 +194,12 @@ enum CommandValidator {
             throw SecurityError.fileNotFound(expandedPath)
         }
 
+        // 2b. Verify file is readable (handles permission errors explicitly)
+        guard FileManager.default.isReadableFile(atPath: expandedPath) else {
+            logSecurityEvent("Permission denied reading script: \(expandedPath)", level: .error)
+            throw SecurityError.invalidPath("Permission denied: cannot read \(expandedPath)")
+        }
+
         // 3. Verify it's a Python file
         guard expandedPath.hasSuffix(".py") else {
             throw SecurityError.invalidFileType("Only .py files allowed")
@@ -260,24 +276,41 @@ enum CommandValidator {
 
     // MARK: - Logging
 
+    /// Serial queue for async file I/O to avoid blocking the calling thread
+    private static let logQueue = DispatchQueue(label: "com.mlxcode.commandvalidator.log")
+
     private static func logSecurityEvent(_ message: String, level: SecurityLogLevel) {
         let timestamp = ISO8601DateFormatter().string(from: Date())
         let logMessage = "[\(timestamp)] [CommandValidator] [\(level.rawValue)] \(message)"
 
-        print(logMessage)
+        // Delegate to SecureLogger for structured logging (non-blocking fire-and-forget)
+        Task {
+            switch level {
+            case .critical:
+                await SecureLogger.shared.critical(logMessage, category: "CommandValidator")
+            case .error:
+                await SecureLogger.shared.error(logMessage, category: "CommandValidator")
+            case .warning:
+                await SecureLogger.shared.warning(logMessage, category: "CommandValidator")
+            case .info:
+                await SecureLogger.shared.info(logMessage, category: "CommandValidator")
+            }
+        }
 
-        // Also log to security log file
+        // Also write to security log file asynchronously (avoids blocking the caller)
         let logPath = NSHomeDirectory() + "/Library/Logs/MLXCode/security.log"
         if let data = (logMessage + "\n").data(using: .utf8) {
-            if let fileHandle = FileHandle(forWritingAtPath: logPath) {
-                fileHandle.seekToEndOfFile()
-                fileHandle.write(data)
-                try? fileHandle.close()
-            } else {
-                // Create file if doesn't exist
-                let logDir = (logPath as NSString).deletingLastPathComponent
-                try? FileManager.default.createDirectory(atPath: logDir, withIntermediateDirectories: true)
-                try? data.write(to: URL(fileURLWithPath: logPath))
+            logQueue.async {
+                if let fileHandle = FileHandle(forWritingAtPath: logPath) {
+                    fileHandle.seekToEndOfFile()
+                    fileHandle.write(data)
+                    try? fileHandle.close()
+                } else {
+                    // Create file if doesn't exist
+                    let logDir = (logPath as NSString).deletingLastPathComponent
+                    try? FileManager.default.createDirectory(atPath: logDir, withIntermediateDirectories: true)
+                    try? data.write(to: URL(fileURLWithPath: logPath))
+                }
             }
         }
     }