vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 08:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(cli): sanitize plugin command descriptors

Browse Source
This commit is contained in:
Gustavo Madeira Santana
2026-04-24 22:22:57 -04:00
parent 4da25d0125
commit 282c32db7c
7 changed files with 140 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/cli/program/command-descriptor-utils.test.ts
View File

@@ -71,4 +71,26 @@ describe("command-descriptor-utils", () => {
"delta",
]);
});
it("strips terminal escapes from rendered descriptor descriptions", () => {
const program = new Command();
addCommandDescriptorsToProgram(program, [
{
name: "safe-command",
description: "Open \u001B]8;;https://example.test\u0007link\u001B]8;;\u0007 now\u001B[2J",
},
]);
expect(program.commands[0]?.description()).toBe("Open link now");
});
it("rejects unsafe descriptor command names before rendering", () => {
const program = new Command();
expect(() =>
addCommandDescriptorsToProgram(program, [{ name: "bad\nname", description: "Bad" }]),
).toThrow('Invalid CLI command name: "bad\\nname"');
expect(program.commands).toEqual([]);
});
});