Expand description
Security Module - Command validation and blocklist
Provides security validation for exec: commands:
- Control character detection (blocks null bytes, escape sequences)
- Blocklist for dangerous command patterns
- Unicode NFKC normalization to prevent confusable bypass
- Full validation combining both checks
ยงUnicode Confusable Protection
Attackers may attempt to bypass the blocklist using Unicode confusables:
- Fullwidth characters:
rmvs๏ฝ๏ฝ(U+FF52, U+FF4D) - Math bold/italic:
sudovs๐๐๐ฑ๐ผ(U+1D600 range) - Combining characters:
rmwith zero-width joiners
NFKC (Compatibility Decomposition + Canonical Composition) normalizes these variants to their ASCII equivalents before blocklist checking.
See ADR-TBD for security design decisions.
Functionsยง
- check_
blocklist - Check command against blocklist
- check_
shell_ mode_ blocklist - Check command against shell-mode-specific blocklist.
- sensitive_
env_ vars - Returns the list of sensitive env var names that should be stripped from child processes to prevent API key leakage.
- strip_
sensitive_ env_ vars - Remove sensitive API key env vars from a Command before spawning.
- validate_
command_ string - Validate command string for control characters
- validate_
env_ vars - Validate environment variables for dangerous names.
- validate_
exec_ command - Full security validation for exec commands
- validate_
exec_ command_ with_ shell - Full security validation for exec commands with explicit shell mode flag.