🛡️ Sentinel: [CRITICAL] Fix command injection in git utils

[kratos06]

🚨 Severity: CRITICAL
💡 Vulnerability: Command Injection in git search
🎯 Impact: Remote Code Execution via malicious search query
🔧 Fix: Replaced child_process.exec with execFile and array arguments
✅ Verification: Ran unit tests including new security regression test

---

PR created automatically by Jules for task 4273248060135101775 started by @kratos06

---

Summary by cubic

Fixes a critical command injection in git utils by replacing child_process.exec with execFile and array arguments. Prevents RCE from malicious search queries and adds a regression test.

• Bug Fixes
  • Switched to execFile with array args in checkGitInstalled, checkGitRepo, searchCommits, getCommitInfo, and getWorkingState.
  • Updated tests to mock/verify execFile usage and added git_security.spec to assert no argument splitting.
  • Added sentinel.md with root cause and prevention notes.

^{Written for commit eaf07c8. Summary will update on new commits.}

Summary by CodeRabbit

• Bug Fixes

  • Fixed a command injection vulnerability in search functionality that could allow arbitrary code execution through specially crafted input.

• Tests

  • Added security tests to prevent command injection vulnerabilities.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request addresses a command injection vulnerability in Git command execution by refactoring src/utils/git.ts to use child_process.execFile instead of child_process.exec. The changes include security documentation, refactored production code, updated existing tests, and a new security test to verify protection against command injection attacks.

Changes

Cohort / File(s)	Summary
Security Documentation .jules/sentinel.md	New markdown note documenting a command injection vulnerability in git command execution and recommending the use of execFile or spawn with argument arrays.
Production Code src/utils/git.ts	Refactored all git command invocations from exec to execFile, replacing single-string commands with command/arguments array pairs (e.g., "git rev-parse --git-dir" → ["git", "rev-parse", "--git-dir"]) across version checks, repository info, log searches, and status commands.
Test Suite src/utils/__tests__/git.spec.ts, src/utils/__tests__/git_security.spec.ts	Updated existing git tests to mock and verify execFile calls with proper argument arrays; added new security test validating that searchCommits correctly passes untrusted input as a single argument to prevent shell injection.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~30 minutes

Poem

🐰 A rabbit's code review cheer:
Exec no more, the path is clear,
execFile now guards our git commands tight,
No shell injection in the night! 🔐
Security hops from left to right,
A safer warren, shining bright! ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete against the template; it lacks several required sections including explicit issue link, test procedure details, and pre-submission checklist completion.	Add 'Closes: #<issue_number>' with the linked GitHub issue, detail the test procedure with reproduction steps, and mark the pre-submission checklist items that were completed.
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically identifies the critical command injection vulnerability fix in git utilities with appropriate emphasis on severity.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch sentinel-fix-git-injection-4273248060135101775

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.jules/sentinel.md:
- Line 1: Update the heading date in .jules/sentinel.md from "2024-05-22 -
Command Injection in Git Utils" to the correct PR creation date "2026-02-06 -
Command Injection in Git Utils" so the security note reflects the accurate
timestamp.

🧹 Nitpick comments (2)

src/utils/git.ts (1)

312-323: Consider guarding against argument injection on the hash parameter.

While execFile prevents shell injection, hash is passed directly as a positional argument to git show without validation or a -- separator. If a caller ever passes a value starting with -- (e.g., --output=/tmp/evil), git could interpret it as a flag rather than a revision.

Adding -- before hash in each git show invocation signals end-of-options to git:

Proposed fix

 const { stdout: info } = await execFileAsync(
   "git",
-  ["show", "--format=%H%n%h%n%s%n%an%n%ad%n%b", "--no-patch", hash],
+  ["show", "--format=%H%n%h%n%s%n%an%n%ad%n%b", "--no-patch", "--", hash],
   { cwd },
 )

-const { stdout: stats } = await execFileAsync("git", ["show", "--stat", "--format=", hash], { cwd })
+const { stdout: stats } = await execFileAsync("git", ["show", "--stat", "--format=", "--", hash], { cwd })

-const { stdout: diff } = await execFileAsync("git", ["show", "--format=", hash], { cwd })
+const { stdout: diff } = await execFileAsync("git", ["show", "--format=", "--", hash], { cwd })

src/utils/__tests__/git_security.spec.ts (1)

27-43: The promisify mock reimplements callback-to-promise plumbing — fragile but functional.

This mock manually wires the callback convention of execFile into a promise. It works because the production code does promisify(execFile), so the mock intercepts that. If the production code ever changes to use execFile from node:child_process/promises or a different promisification approach, this mock will silently stop working.

This is acceptable for now, but worth noting for future maintenance.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Incorrect date in the security note.

The heading says "2024-05-22" but this PR was created on 2026-02-06. This appears to be an error — consider updating to the correct date.

🤖 Prompt for AI Agents

In @.jules/sentinel.md at line 1, Update the heading date in .jules/sentinel.md
from "2024-05-22 - Command Injection in Git Utils" to the correct PR creation
date "2026-02-06 - Command Injection in Git Utils" so the security note reflects
the accurate timestamp.

[cubic-dev-ai]

1 issue found across 4 files

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name=".jules/sentinel.md">

<violation number="1" location=".jules/sentinel.md:1">
P3: The date in the security note heading is incorrect. The note says '2024-05-22' but this fix was created on 2026-02-06. Update the date to reflect when this vulnerability was actually discovered and fixed.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P3: The date in the security note heading is incorrect. The note says '2024-05-22' but this fix was created on 2026-02-06. Update the date to reflect when this vulnerability was actually discovered and fixed.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At .jules/sentinel.md, line 1:

<comment>The date in the security note heading is incorrect. The note says '2024-05-22' but this fix was created on 2026-02-06. Update the date to reflect when this vulnerability was actually discovered and fixed.</comment>

<file context>
@@ -0,0 +1,4 @@
+## 2024-05-22 - Command Injection in Git Utils
+**Vulnerability:** Found a critical Command Injection vulnerability in `src/utils/git.ts`. The `searchCommits` function used `child_process.exec` with user-supplied input interpolated directly into the command string (`git log ... --grep="${query}"`). This allowed arbitrary command execution via shell metacharacters.
+**Learning:** `child_process.exec` spawns a shell (/bin/sh or cmd.exe) which interprets the command string. Always assume inputs destined for `exec` are hostile. `execFile` or `spawn` should be preferred as they execute the binary directly and treat arguments as literal strings, bypassing the shell.
</file context>