anthropics/claude-code-action
1
0
Fork 0
mirror of https://github.com/anthropics/claude-code-action.git synced 2026-01-22 22:44:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
625ea1519c56d48296d4c5a88f1481cac91197f9
claude-code-action/test/github-file-ops-path-validation.test.ts
David Dworken 5da7ba548c feat: add path validation for commit_files MCP tool (#796) 
Add validatePathWithinRepo helper to ensure file paths resolve within the repository root directory. This hardens the commit_files tool by validating paths before file operations.

Changes:
- Add src/mcp/path-validation.ts with async path validation using realpath
- Update commit_files to validate all paths before reading files
- Prevent symlink-based path escapes by resolving real paths
- Add comprehensive test coverage including symlink attack scenarios

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>
2026-01-07 10:16:31 -08:00

8.1 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink