(result: string, url: string)
| 81 | |
| 82 | /** Wrap output from untrusted-content commands with trust boundary markers */ |
| 83 | export function wrapUntrustedContent(result: string, url: string): string { |
| 84 | // Sanitize URL: remove newlines to prevent marker injection via history.pushState |
| 85 | const safeUrl = url.replace(/[\n\r]/g, '').slice(0, 200); |
| 86 | // Escape marker strings in content to prevent boundary escape attacks |
| 87 | const safeResult = result.replace(/--- (BEGIN|END) UNTRUSTED EXTERNAL CONTENT/g, '--- $1 UNTRUSTED EXTERNAL C\u200BONTENT'); |
| 88 | return `--- BEGIN UNTRUSTED EXTERNAL CONTENT (source: ${safeUrl}) ---\n${safeResult}\n--- END UNTRUSTED EXTERNAL CONTENT ---`; |
| 89 | } |
| 90 | |
| 91 | export const COMMAND_DESCRIPTIONS: Record<string, { category: string; description: string; usage?: string }> = { |
| 92 | // Navigation |
no outgoing calls
no test coverage detected