mirror of
https://github.com/crewAIInc/crewAI.git
synced 2026-07-02 21:58:11 +00:00
fix: tighten @org/name ref validation to prevent path traversal
Reject refs with multiple slashes (@org/a/b), dot segments (@../skill), or leading dots in org/name. Applied to both CLI install() and SDK parse_registry_ref() so the contract is enforced consistently.
This commit is contained in:
@@ -92,16 +92,24 @@ class SkillCommand(BaseCommand, PlusAPIMixin):
|
||||
raise SystemExit(1)
|
||||
|
||||
without_at = ref[1:]
|
||||
if "/" not in without_at:
|
||||
if without_at.count("/") != 1:
|
||||
console.print(
|
||||
"[red]Invalid skill reference. Use the format @org/name.[/red]"
|
||||
)
|
||||
raise SystemExit(1)
|
||||
|
||||
org, _, name = without_at.partition("/")
|
||||
if not org or not name:
|
||||
org, name = without_at.split("/", 1)
|
||||
if (
|
||||
not org
|
||||
or not name
|
||||
or org.startswith(".")
|
||||
or name.startswith(".")
|
||||
or len(Path(org).parts) != 1
|
||||
or len(Path(name).parts) != 1
|
||||
):
|
||||
console.print(
|
||||
"[red]Invalid skill reference: org and name must be non-empty.[/red]"
|
||||
"[red]Invalid skill reference: org and name must be single, "
|
||||
"non-empty path segments (no slashes, no '..').[/red]"
|
||||
)
|
||||
raise SystemExit(1)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user