fix(tinybird): encode datasource/pipe names in URL paths to prevent traversal

A user-or-llm datasource/pipe name interpolated raw into the URL path (e.g.
'real_ds/../../other') is normalized by the WHATWG URL parser and can target a
different endpoint. Wrap the path segment with encodeURIComponent in the
truncate, delete, and query_pipe URLs. Events/append pass the name via
URLSearchParams, which already encodes, so they were unaffected.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

Author: waleedlatif1

apps/sim/tools/tinybird/delete_datasource_rows.ts

@@ -62,7 +62,7 @@ export const deleteDatasourceRowsTool: ToolConfig<
   request: {
     url: (params) => {
       const baseUrl = params.base_url.trim().replace(/\/+$/, '')
-      return `${baseUrl}/v0/datasources/${params.datasource.trim()}/delete`
+      return `${baseUrl}/v0/datasources/${encodeURIComponent(params.datasource.trim())}/delete`
     },
     method: 'POST',
     headers: (params) => ({

apps/sim/tools/tinybird/query_pipe.ts

@@ -87,7 +87,7 @@ export const queryPipeTool: ToolConfig<TinybirdQueryPipeParams, TinybirdQueryPip
   request: {
     url: (params) => {
       const baseUrl = params.base_url.trim().replace(/\/+$/, '')
-      const url = new URL(`${baseUrl}/v0/pipes/${params.pipe.trim()}.json`)
+      const url = new URL(`${baseUrl}/v0/pipes/${encodeURIComponent(params.pipe.trim())}.json`)
       if (params.q) {
         url.searchParams.set('q', params.q)
       }

apps/sim/tools/tinybird/truncate_datasource.ts

@@ -47,7 +47,7 @@ export const truncateDatasourceTool: ToolConfig<
   request: {
     url: (params) => {
       const baseUrl = params.base_url.trim().replace(/\/+$/, '')
-      return `${baseUrl}/v0/datasources/${params.datasource.trim()}/truncate`
+      return `${baseUrl}/v0/datasources/${encodeURIComponent(params.datasource.trim())}/truncate`
     },
     method: 'POST',
     headers: (params) => ({