Skip to content

docs(#253): add shell-safety heuristics to review correctness#279

Open
fullsend-ai-coder[bot] wants to merge 1 commit into
mainfrom
agent/253-shell-safety-heuristics
Open

docs(#253): add shell-safety heuristics to review correctness#279
fullsend-ai-coder[bot] wants to merge 1 commit into
mainfrom
agent/253-shell-safety-heuristics

Conversation

@fullsend-ai-coder

Copy link
Copy Markdown

Add echo-flag-injection and unquoted-heredoc-expansion heuristics to the correctness sub-agent and the code-review skill. Both rules are scoped to harness scripts (post-code.sh, post-fix.sh, post-review.sh) where user- or agent-controlled content flows through shell commands.

Echo flag injection: echo "${VAR}" interprets leading dashes as flags, silently corrupting output. Recommends printf. Unquoted heredoc: <<TOKEN allows shell expansion of $ and backticks in structured data, silently corrupting JSON/YAML. Recommends jq -n or quoted heredocs.

False-positive scoping: neither rule fires on hardcoded strings, quoted heredocs, or non-harness scripts.


Closes #253

Post-script verification

  • Branch is not main/master (agent/253-shell-safety-heuristics)
  • Secret scan passed (gitleaks — c776c248ac9a91f10998ca7107e974a6c9d76514..HEAD)
  • Pre-commit hooks passed (authoritative run on runner)
  • Tests ran inside sandbox

Add echo-flag-injection and unquoted-heredoc-expansion
heuristics to the correctness sub-agent and the code-review
skill. Both rules are scoped to harness scripts
(post-code.sh, post-fix.sh, post-review.sh) where user- or
agent-controlled content flows through shell commands.

Echo flag injection: echo "${VAR}" interprets leading
dashes as flags, silently corrupting output. Recommends
printf. Unquoted heredoc: <<TOKEN allows shell expansion of
$ and backticks in structured data, silently corrupting
JSON/YAML. Recommends jq -n or quoted heredocs.

False-positive scoping: neither rule fires on hardcoded
strings, quoted heredocs, or non-harness scripts.

Closes #253
@github-actions

Copy link
Copy Markdown

E2E tests did not run

E2E tests run automatically for org/repo members and collaborators on pull requests.

For other contributors, a maintainer must add the ok-to-test label after the latest push.

See E2E testing guide for details.

@fullsend-ai-review

fullsend-ai-review Bot commented Jul 10, 2026

Copy link
Copy Markdown

🤖 Finished Review · ❌ Failure · Started 1:15 PM UTC · Completed 1:15 PM UTC
Commit: c776c24 · View workflow run →

@guyoron1

Copy link
Copy Markdown
Owner

/fs-review

@fullsend-ai-review

fullsend-ai-review Bot commented Jul 10, 2026

Copy link
Copy Markdown

🤖 Finished Review · ✅ Success · Started 3:57 PM UTC · Completed 4:08 PM UTC
Commit: d8e3df7 · View workflow run →

@fullsend-ai-review

Copy link
Copy Markdown

Looks good to me


Labels: PR adds shell-safety heuristics to review agent skill documentation

@fullsend-ai-review fullsend-ai-review Bot added ready-for-merge All reviewers approved — ready to merge documentation Improvements or additions to documentation labels Jul 10, 2026
@guyoron1

Copy link
Copy Markdown
Owner

/fs-fix

@fullsend-ai-coder

fullsend-ai-coder Bot commented Jul 10, 2026

Copy link
Copy Markdown
Author

🤖 Finished Fix · ✅ Success · Started 5:38 PM UTC · Completed 5:42 PM UTC
Commit: d8e3df7 · View workflow run →

@fullsend-ai-coder

Copy link
Copy Markdown
Author

🔧 Fix agent — iteration 1 (human-triggered)

No changes made. The review agent approved the PR with no findings, and the human /fs-fix command provided no specific instruction. Nothing to fix.

Disagreed (1):

  1. no actionable feedback: The review agent approved the PR with 'Looks good to me' and no requested changes. The human /fs-fix command included no specific instruction (HUMAN_INSTRUCTION=none). There are no inline review comments and no review findings to address.

Tests: passed

Updated by fullsend fix agent

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Improvements or additions to documentation ready-for-merge All reviewers approved — ready to merge

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[RTK+Ponytail] Review agent shell-safety gap: echo-vs-printf and heredoc quoting not caught on security-sensitive scripts

1 participant