mirror of
https://github.com/OpenRouterTeam/spawn.git
synced 2026-05-12 22:40:24 +00:00
b9e326d649
* fix: use base64 encoding for GITHUB_TOKEN to prevent injection Aligns GITHUB_TOKEN handling with the existing base64 pattern used for OPENROUTER_API_KEY in orchestrate.ts, eliminating the single-quote escaping vulnerability. Fixes #2834 Agent: security-auditor Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: apply shellQuote to base64-encoded GITHUB_TOKEN Address security review feedback: wrap the base64-encoded token in shellQuote() for defense-in-depth, preventing any theoretical shell metacharacter escape from the interpolated value. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| cli | ||
| shared | ||