Harden validation, sanitization, CLI input handling, and CI#5
Draft
slavazeph-coder wants to merge 2 commits into
Draft
Harden validation, sanitization, CLI input handling, and CI#5slavazeph-coder wants to merge 2 commits into
slavazeph-coder wants to merge 2 commits into
Conversation
- Validate all AppSpec collections (screens, components, flows, acceptance tests, assumptions, unknowns), enforce unique screen ids, finite confidence values, a valid generatedAt date, and an http(s) sourceUrl so malformed specs fail at validation instead of crashing exporters. - Strip control, zero-width, and bidirectional override characters from captured page content, keep spec fields single-line in exported markdown, and size code fences past embedded backtick runs so a captured page cannot inject structure into generated agent documents. - Bound and validate --width/--height, add a configurable --timeout, restrict --target with commander choices, and report unreadable or malformed AppSpec files with clear errors and a non-zero exit code. - Cap evidence file name slugs, guard exporter writes to stay inside the output directory, and use dirname when creating parent folders. - Depend on @reconstruct/appspec through the workspace instead of relative source paths, syntax-check every CLI module, and declare supported Node engines; set the root package type to module to silence the run.js loader warning. - Commit the pnpm lockfile and pin CI to --frozen-lockfile with least-privilege permissions, a typecheck step, a job timeout, and cancelled superseded PR runs. - Add tests for the stricter validation, the sanitizers, and the exporter, including markdown-injection regression cases. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01BX5FUWAvGrKvt2zStdVNxh
- Add an SVG banner and a real capture screenshot produced by the tool itself (dogfooded against a demo page). - Add three Mermaid diagrams: the capture/validate/export pipeline, the AppSpec schema anatomy, and the workspace dependency graph. - Document every command and option, the provenance status/confidence model, export targets, architecture rules, and the hardening measures. - Add CI, Node, license, and AppSpec-version badges and a contents index. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01BX5FUWAvGrKvt2zStdVNxh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Hardens the capture → AppSpec → export pipeline against malformed specs, hostile page content, and bad CLI input, and tightens the CI supply chain.
AppSpec validation (
@reconstruct/appspec)flows: [{}]previously crashed the exporter with aTypeError, now it fails validation with a precise message.generatedAt, and an http(s)app.sourceUrl(rejectsjavascript:and malformed URLs).Content sanitization (prompt-injection surface)
The exported documents are instructions for coding agents, so captured page content must not be able to inject structure into them:
text.jsmodule strips C0/C1 control characters, zero-width characters, and bidirectional override characters (trojan-source style) from everything that flows into the structured DOM evidence and the AppSpec. Raw HTML evidence stays verbatim.\n# Ignore previous instructionscannot create a heading inPRODUCT.md.DESIGN_SYSTEM.mdcode fence is sized past the longest embedded backtick run, so```inside spec values cannot close the fence.CLI robustness
--width/--heightare validated bounded integers (320–7680) instead of silently becomingNaNdeep inside Playwright; new--timeoutoption for navigation.--targetuses commanderchoices(); unreadable or malformed AppSpec files report a clear error naming the file, with exit code 1.dirnamewhen creating parents.@reconstruct/appspecviaworkspace:*instead of../../appspec/srcrelative imports; all CLI modules are syntax-checked by build/typecheck, not just the entry point."type": "module"(removes therun.jsloader warning) and Node>=20engines.CI
pnpm-lock.yamland switched topnpm install --frozen-lockfile(was--frozen-lockfile=falsewith no lockfile).permissions: contents: read, job timeout, cancellation of superseded PR runs, and apnpm typecheckstep.Testing
pnpm test): 14 appspec validation tests, 8 CLI tests including markdown-injection regression cases.PRODUCT.mdkeeps hostile content on a single line and invisible characters are stripped from the AppSpec and DOM evidence.ftp://URL, malformed JSON, tampered spec, missing file — all produce clear errors and exit 1.🤖 Generated with Claude Code
https://claude.ai/code/session_01BX5FUWAvGrKvt2zStdVNxh
Generated by Claude Code