- Fix triple-quote injection in SSH keys (Scaleway, UpCloud), userdata
(BinaryLane), init scripts (Civo, Kamatera), and GraphQL queries
(RunPod) by passing data via stdin/json_escape instead of inline
string interpolation
- Add input validation for all cloud provider env vars (region, type,
plan, etc.) using validate_region_name/validate_resource_name to block
shell metacharacters before they reach Python string interpolation
- Validate Modal image name as Python identifier to prevent code injection
- Validate numeric env vars (RAM, GPU count, disk size) across all providers
Affects: 19 cloud provider lib/common.sh files
Agent: security-auditor
Co-authored-by: A <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement 5 Genesis Cloud agent deployment scripts:
- amazonq.sh: Amazon Q CLI with OpenRouter integration
- cline.sh: Cline with OpenRouter integration
- gptme.sh: gptme with model selection and OpenRouter integration
- opencode.sh: OpenCode with OpenRouter integration
- plandex.sh: Plandex with installation verification and OpenRouter integration
Also adds Genesis Cloud README.md and updates manifest.json
to mark all 5 entries as implemented.
Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Implement Genesis Cloud deployment scripts for NanoClaw, Goose, Codex CLI,
Open Interpreter, and Gemini CLI. Each script follows the standard pattern:
authenticate, provision instance, install agent, inject OpenRouter credentials,
and launch interactive session.
Co-authored-by: Sprite <noreply@sprite.dev>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
