fix: validate reviewAgentLogPath to prevent path injection

Add path validation in invokeDiffReviewLlm to ensure the log file path
stays within the expected review-agent directory. This prevents potential
path traversal attacks by validating that the resolved path starts with
the expected base directory (DATA_CACHE_DIR/review-agent).

Fixes CodeQL js/path-injection alerts #18 and #19.

Co-authored-by: Michael Sukkarieh <msukkari@users.noreply.github.com>

Author: cursoragent

packages/web/src/features/agents/review-agent/nodes/invokeDiffReviewLlm.ts

@@ -2,17 +2,31 @@ import OpenAI from "openai";
 import { sourcebot_file_diff_review, sourcebot_file_diff_review_schema } from "@/features/agents/review-agent/types";
 import { env } from "@sourcebot/shared";
 import fs from "fs";
+import path from "path";
 import { createLogger } from "@sourcebot/shared";
 
 const logger = createLogger('invoke-diff-review-llm');
 
+const REVIEW_AGENT_LOG_BASE = path.join(env.DATA_CACHE_DIR, 'review-agent');
+
+const validateReviewAgentLogPath = (logPath: string): void => {
+    const resolved = path.resolve(logPath);
+    if (!resolved.startsWith(REVIEW_AGENT_LOG_BASE + path.sep)) {
+        throw new Error('reviewAgentLogPath escapes log directory');
+    }
+};
+
 export const invokeDiffReviewLlm = async (reviewAgentLogPath: string | undefined, prompt: string): Promise<sourcebot_file_diff_review> => {
     logger.debug("Executing invoke_diff_review_llm");
 
     if (!env.OPENAI_API_KEY) {
         logger.error("OPENAI_API_KEY is not set, skipping review agent");
         throw new Error("OPENAI_API_KEY is not set, skipping review agent");
     }
+
+    if (reviewAgentLogPath) {
+        validateReviewAgentLogPath(reviewAgentLogPath);
+    }
 
     const openai = new OpenAI({
         apiKey: env.OPENAI_API_KEY,