Skip to content

Fix shell injection vulnerability in /resolve-review command#165

Merged
pontemonti merged 2 commits intousers/johanb/CodeReviewSkillfrom
copilot/sub-pr-135
Feb 6, 2026
Merged

Fix shell injection vulnerability in /resolve-review command#165
pontemonti merged 2 commits intousers/johanb/CodeReviewSkillfrom
copilot/sub-pr-135

Conversation

Copy link
Contributor

Copilot AI commented Feb 6, 2026
edited
Loading

The gh pr create command used unvalidated, unquoted branch name variables, allowing potential command injection via malicious branch names (e.g., bugfix; rm -rf /).

Changes:

  • Added case-based validation restricting branch names to [A-Za-z0-9._/-]
  • Quoted all branch name variable references in shell commands ("$VAR" vs <VAR>)
  • Added error handling that exits on validation failure

Example:

# Before (vulnerable)
gh pr create --base <ORIGINAL_PR_HEAD_BRANCH> --head <FIX_BRANCH_NAME> ...

# After (protected)
case "$ORIGINAL_PR_HEAD_BRANCH" in
  (*[!A-Za-z0-9._/-]*|'')
    echo "Error: ORIGINAL_PR_HEAD_BRANCH contains unsafe characters: $ORIGINAL_PR_HEAD_BRANCH" >&2
    exit 1
    ;;
esac

gh pr create --base "$ORIGINAL_PR_HEAD_BRANCH" --head "$FIX_BRANCH_NAME" ...

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI mentioned this pull request Feb 6, 2026
Open
@pontemonti
Add shell injection protection for branch names in resolve-review com…
8a4afbd 
…mand

Co-authored-by: pontemonti <7850950+pontemonti@users.noreply.github.com>
Copilot AI changed the title [WIP] Address feedback on pull request review commands implementation Fix shell injection vulnerability in /resolve-review command Feb 6, 2026
Copilot AI requested a review from pontemonti February 6, 2026 17:16
@pontemonti pontemonti marked this pull request as ready for review February 6, 2026 19:12
@pontemonti pontemonti requested a review from a team as a code owner February 6, 2026 19:12
@pontemonti pontemonti merged commit c483e9a into users/johanb/CodeReviewSkill Feb 6, 2026
1 check passed
@pontemonti pontemonti deleted the copilot/sub-pr-135 branch February 6, 2026 19:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pontemonti pontemonti pontemonti approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pontemonti pontemonti

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pontemonti