From 37e4cf575477b7e70e636ee9a24ffc582482d6e2 Mon Sep 17 00:00:00 2001
From: Garry Tan <garrytan@gmail.com>
Date: Sat, 4 Apr 2026 21:22:24 -0700
Subject: [PATCH] fix: TOCTOU race in setup symlink creation (C6)

Remove the existence check before mkdir -p (it's idempotent) and validate
the target isn't already a symlink before creating the link. Prevents a
local attacker from racing between the check and mkdir to redirect
SKILL.md writes. Closes C6 from security audit #783.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 setup | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/setup b/setup
index 9136bef0..9b287b08 100755
--- a/setup
+++ b/setup
@@ -296,11 +296,12 @@ link_claude_skill_dirs() {
         rm -f "$target"
       fi
       # Create real directory with symlinked SKILL.md (absolute path)
-      if [ ! -e "$target" ] || [ -d "$target" ]; then
-        mkdir -p "$target"
-        ln -snf "$gstack_dir/$dir_name/SKILL.md" "$target/SKILL.md"
-        linked+=("$link_name")
-      fi
+      # Use mkdir -p unconditionally (idempotent) to avoid TOCTOU race
+      mkdir -p "$target"
+      # Validate target isn't a symlink before creating the link
+      if [ -L "$target/SKILL.md" ]; then rm "$target/SKILL.md"; fi
+      ln -snf "$gstack_dir/$dir_name/SKILL.md" "$target/SKILL.md"
+      linked+=("$link_name")
     fi
   done
   if [ ${#linked[@]} -gt 0 ]; then