Expand description
Path and input sanitization for ai-contexters.
Follows the established pattern: traversal check → canonicalize → allowlist validation.
Prevents path traversal and command injection from user-supplied inputs (CLI arguments, project names, agent names).
Vibecrafted with AI Agents by VetCoders (c)2026 VetCoders
Functions§
- create_
file_ validated - Create or truncate a file only after validating the write path.
- filter_
self_ echo - Filter a vec of timeline entries, removing self-echo messages.
- is_
self_ echo - Returns true if a message is aicx operational self-echo that should be filtered from extraction to prevent feedback loops.
- normalize_
query - Normalize text for fuzzy matching: lowercase + strip Polish diacritics.
- open_
file_ validated - Open a file for reading only after validating the path.
- read_
dir_ validated - Read a directory only after validating it as an allowed directory path.
- read_
to_ string_ validated - Read a UTF-8 text file only after validating the path.
- safe_
agent_ name - Validate an agent name against the allowlist.
- safe_
project_ name - Sanitize a project name used in filesystem paths.
- validate_
dir_ path - Sanitize a directory path used for reading (e.g., chunks_dir, contexts_dir).
- validate_
read_ path - Sanitize and validate a path that must exist (for reading).
- validate_
write_ path - Sanitize and validate a path for writing (may not exist yet).