vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-01 21:30:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
spawn/sh/e2e/lib/clouds
History
A 7cc21e4111
fix(security): quote timeout var and validate numeric in sprite.sh (#2120) 
Fixes unquoted ${timeout} in _sprite_exec_long that could allow
command injection if timeout contained shell metacharacters.
Adds numeric validation before use.

Fixes #2117

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-02 16:47:39 -05:00
..
aws.sh fix(security): apply base64 exec escaping to remaining 4 cloud drivers (#2067) 2026-03-01 11:50:33 -08:00
daytona.sh fix(security): apply base64 exec escaping to remaining 4 cloud drivers (#2067) 2026-03-01 11:50:33 -08:00
digitalocean.sh fix(security): escape cmd args in _exec_long to prevent shell injection (#2064) 2026-03-01 12:42:27 -05:00
gcp.sh fix(security): apply base64 exec escaping to remaining 4 cloud drivers (#2067) 2026-03-01 11:50:33 -08:00
hetzner.sh fix(security): apply base64 exec escaping to remaining 4 cloud drivers (#2067) 2026-03-01 11:50:33 -08:00
sprite.sh fix(security): quote timeout var and validate numeric in sprite.sh (#2120) 2026-03-02 16:47:39 -05:00