Fix Module 25 command injection + lab integrity (#24–#27) #54

Merged
claude merged 1 commits from fix/p1-security-module-25 into main 2026-06-22 14:37:20 -04:00

1 Commits

Author SHA1 Message Date
claude c372e8452d fix(module-25): close command-injection + lab-integrity issues
- agent-job.yml: pass untrusted issue body via env (BODY), never interpolated
  into a run: shell line (fixes GHA expression-injection). Adds security note.
- lab/.gitignore: keep propose_pr's `git add -A` from sweeping __pycache__ and
  copied scaffolding into the review diff.
- agent_runner.py: simulated reject() now removes the agent's untracked files
  (git restore can't), and the Module 2 restore line only prints for the real
  tracked-edit path.
- README: clarify --simulate uses a deterministic stand-in, not the delete issue.

Closes #24
Closes #25
Closes #26
Closes #27

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01TfzV5QvtPDz8LJS3Pu5VLT
2026-06-22 14:37:09 -04:00