From 00200a336a04d1f3e15244aebe1452b33cafe688 Mon Sep 17 00:00:00 2001 From: Garry Tan Date: Sun, 7 Jun 2026 23:03:48 -0700 Subject: [PATCH] fix(learnings): strip backticks from #1745 comment inside the bun -e block MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The #1745 trust-gate fix added an explanatory comment containing backticks (`=== false`) and the JS block is a double-quoted `bun -e "..."` bash string, so bash command-substituted the backtick contents on every cross-project search — polluting stderr with "command not found" and leaving a latent shell-injection / source-corruption surface in a security gate. Caught by the wave's own adversarial review (#1899 framing working as intended). Reworded the comments to avoid backticks and dollar-paren entirely; the gate logic is unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) --- bin/gstack-learnings-search | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/bin/gstack-learnings-search b/bin/gstack-learnings-search index 51c461f7c..d7038e821 100755 --- a/bin/gstack-learnings-search +++ b/bin/gstack-learnings-search @@ -93,9 +93,12 @@ for (const taggedLine of lines) { // Trust gate: cross-project learnings only loaded if trusted (user-stated). // This prevents prompt injection from one project's AI-generated learnings // silently influencing reviews in another project. - // #1745: this is an ALLOWLIST, not a denylist. `=== false` admitted any row - // where `trusted` is missing/undefined (legacy rows written before the field - // existed, hand-edited rows, rows from other tools). Require trusted === true. + // #1745: this is an ALLOWLIST, not a denylist. The old equals-false check + // admitted any row where trusted is missing/undefined (legacy rows written + // before the field existed, hand-edited rows, rows from other tools). + // Require trusted to be exactly true. NOTE: this whole block is a + // double-quoted bun -e string, so bash still does command substitution + // inside it. Keep backticks and dollar-paren out of these comments. if (isCrossProject && e.trusted !== true) continue; entries.push(e);