tekelala fbb1923fad fix(security): patch path traversal, size bypass, and prompt injection in document processing ...

- Sanitize filenames in cache_document_from_bytes to prevent path traversal (strip directory components, null bytes, resolve check)
- Reject documents with None file_size instead of silently allowing download
- Cap text file injection at 100 KB to prevent oversized prompt payloads
- Sanitize display_name in run.py context notes to block prompt injection via filenames
- Add 35 unit tests covering document cache utilities and Telegram document handling

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-27 11:53:46 -05:00

5.5 KiB

Raw Blame History

View Raw