agileflow 2.89.1 → 2.89.3

package/tools/cli/lib/content-injector.js

@@ -33,6 +33,13 @@ const {
   countSkills,
   getCounts,
 } = require('../../../scripts/lib/counter');
+const {
+  sanitize,
+  sanitizeAgentData,
+  sanitizeCommandData,
+  validatePlaceholderValue,
+  detectInjectionAttempt,
+} = require('../../../lib/content-sanitizer');
 
 // =============================================================================
 // List Generation Functions
@@ -41,12 +48,14 @@ const {
 /**
  * Validate that a file path is within the expected directory.
  * Prevents reading files outside the expected scope.
+ * Security: Symlinks are NOT allowed to prevent escape attacks.
  * @param {string} filePath - File path to validate
  * @param {string} baseDir - Expected base directory
  * @returns {boolean} True if path is safe
  */
 function isPathSafe(filePath, baseDir) {
-  const result = validatePath(filePath, baseDir, { allowSymlinks: true });
+  // Security hardening (US-0104): Symlinks disabled to prevent escape attacks
+  const result = validatePath(filePath, baseDir, { allowSymlinks: false });
   return result.ok;
 }
 
@@ -76,19 +85,32 @@ function generateAgentList(agentsDir) {
       continue;
     }
 
-    agents.push({
+    // Sanitize agent data to prevent injection attacks
+    const rawAgent = {
       name: frontmatter.name || path.basename(file, '.md'),
       description: frontmatter.description || '',
       tools: normalizeTools(frontmatter.tools),
       model: frontmatter.model || 'haiku',
-    });
+    };
+
+    const sanitizedAgent = sanitizeAgentData(rawAgent);
+
+    // Skip if sanitization produced invalid data
+    if (!sanitizedAgent.name || sanitizedAgent.name === 'unknown') {
+      continue;
+    }
+
+    agents.push(sanitizedAgent);
   }
 
   agents.sort((a, b) => a.name.localeCompare(b.name));
 
-  let output = `**AVAILABLE AGENTS (${agents.length} total)**:\n\n`;
+  // Sanitize the count value
+  const safeCount = sanitize.count(agents.length);
+  let output = `**AVAILABLE AGENTS (${safeCount} total)**:\n\n`;
 
   agents.forEach((agent, index) => {
+    // All values are already sanitized by sanitizeAgentData
     output += `${index + 1}. **${agent.name}** (model: ${agent.model})\n`;
     output += `   - **Purpose**: ${agent.description}\n`;
     output += `   - **Tools**: ${agent.tools.join(', ')}\n`;
@@ -127,11 +149,19 @@ function generateCommandList(commandsDir) {
       continue;
     }
 
-    commands.push({
+    // Sanitize command data to prevent injection attacks
+    const rawCommand = {
       name: cmdName,
       description: frontmatter.description || '',
       argumentHint: frontmatter['argument-hint'] || '',
-    });
+    };
+
+    const sanitizedCommand = sanitizeCommandData(rawCommand);
+    if (!sanitizedCommand.name || sanitizedCommand.name === 'unknown') {
+      continue;
+    }
+
+    commands.push(sanitizedCommand);
   }
 
   // Scan subdirectories (e.g., session/)
@@ -163,20 +193,31 @@ function generateCommandList(commandsDir) {
           continue;
         }
 
-        commands.push({
+        // Sanitize command data
+        const rawCommand = {
           name: cmdName,
           description: frontmatter.description || '',
           argumentHint: frontmatter['argument-hint'] || '',
-        });
+        };
+
+        const sanitizedCommand = sanitizeCommandData(rawCommand);
+        if (!sanitizedCommand.name || sanitizedCommand.name === 'unknown') {
+          continue;
+        }
+
+        commands.push(sanitizedCommand);
       }
     }
   }
 
   commands.sort((a, b) => a.name.localeCompare(b.name));
 
-  let output = `Available commands (${commands.length} total):\n`;
+  // Sanitize the count value
+  const safeCount = sanitize.count(commands.length);
+  let output = `Available commands (${safeCount} total):\n`;
 
   commands.forEach(cmd => {
+    // All values are already sanitized by sanitizeCommandData
     const argHint = cmd.argumentHint ? ` ${cmd.argumentHint}` : '';
     output += `- \`/agileflow:${cmd.name}${argHint}\` - ${cmd.description}\n`;
   });
@@ -208,16 +249,28 @@ function injectContent(content, context = {}) {
     counts = getCounts(coreDir);
   }
 
+  // Validate and sanitize all placeholder values before injection
+  const safeCommandCount = validatePlaceholderValue('COMMAND_COUNT', counts.commands).sanitized;
+  const safeAgentCount = validatePlaceholderValue('AGENT_COUNT', counts.agents).sanitized;
+  const safeSkillCount = validatePlaceholderValue('SKILL_COUNT', counts.skills).sanitized;
+  const safeVersion = validatePlaceholderValue('VERSION', version).sanitized;
+  const safeDate = validatePlaceholderValue('INSTALL_DATE', new Date()).sanitized;
+  const safeAgileflowFolder = validatePlaceholderValue(
+    'agileflow_folder',
+    agileflowFolder
+  ).sanitized;
+
   // Replace count placeholders (both formats: {{X}} and <!-- {{X}} -->)
-  result = result.replace(/\{\{COMMAND_COUNT\}\}/g, String(counts.commands));
-  result = result.replace(/\{\{AGENT_COUNT\}\}/g, String(counts.agents));
-  result = result.replace(/\{\{SKILL_COUNT\}\}/g, String(counts.skills));
+  result = result.replace(/\{\{COMMAND_COUNT\}\}/g, String(safeCommandCount));
+  result = result.replace(/\{\{AGENT_COUNT\}\}/g, String(safeAgentCount));
+  result = result.replace(/\{\{SKILL_COUNT\}\}/g, String(safeSkillCount));
 
   // Replace metadata placeholders
-  result = result.replace(/\{\{VERSION\}\}/g, version);
-  result = result.replace(/\{\{INSTALL_DATE\}\}/g, new Date().toISOString().split('T')[0]);
+  result = result.replace(/\{\{VERSION\}\}/g, safeVersion);
+  result = result.replace(/\{\{INSTALL_DATE\}\}/g, safeDate);
 
   // Replace list placeholders (only if core directory available)
+  // List generation already includes sanitization via sanitizeAgentData/sanitizeCommandData
   if (coreDir && fs.existsSync(coreDir)) {
     if (result.includes('{{AGENT_LIST}}')) {
       const agentList = generateAgentList(path.join(coreDir, 'agents'));
@@ -232,8 +285,8 @@ function injectContent(content, context = {}) {
     }
   }
 
-  // Replace folder placeholders
-  result = result.replace(/\{agileflow_folder\}/g, agileflowFolder);
+  // Replace folder placeholders with sanitized values
+  result = result.replace(/\{agileflow_folder\}/g, safeAgileflowFolder);
   result = result.replace(/\{project-root\}/g, '{project-root}'); // Keep as-is for runtime
 
   return result;

package/tools/cli/lib/ide-errors.js

@@ -4,8 +4,15 @@
  * Provides specific error types for common IDE setup failures.
  * These errors carry context about what failed and why,
  * enabling better error handling and user feedback.
+ *
+ * Integration with error-codes.js:
+ * - All IDE errors now have errorCode, severity, category metadata
+ * - Use formatError() from error-codes.js for consistent display
+ * - isRecoverable() works with these errors
  */
 
+const { ErrorCodes, Severity, Category } = require('../../../lib/error-codes');
+
 /**
  * Base error class for IDE-related errors.
  * All IDE errors extend this class.
@@ -15,13 +22,22 @@ class IdeError extends Error {
    * @param {string} message - Error description
    * @param {string} ideName - Name of the IDE (e.g., 'Claude Code', 'Cursor')
    * @param {Object} [context={}] - Additional context about the error
+   * @param {string} [errorCode='EUNKNOWN'] - Error code from error-codes.js
    */
-  constructor(message, ideName, context = {}) {
+  constructor(message, ideName, context = {}, errorCode = 'EUNKNOWN') {
     super(message);
     this.name = this.constructor.name;
     this.ideName = ideName;
     this.context = context;
     Error.captureStackTrace(this, this.constructor);
+
+    // Attach error code metadata from unified error codes
+    const codeData = ErrorCodes[errorCode] || ErrorCodes.EUNKNOWN;
+    this.errorCode = codeData.code;
+    this.severity = codeData.severity;
+    this.category = codeData.category;
+    this.recoverable = codeData.recoverable;
+    this.autoFix = codeData.autoFix || null;
   }
 
   /**
@@ -31,6 +47,16 @@ class IdeError extends Error {
   getUserMessage() {
     return `${this.ideName}: ${this.message}`;
   }
+
+  /**
+   * Get suggested action to fix the error
+   * Override in subclasses for specific suggestions
+   * @returns {string}
+   */
+  getSuggestedAction() {
+    const codeData = ErrorCodes[this.errorCode] || ErrorCodes.EUNKNOWN;
+    return codeData.suggestedFix;
+  }
 }
 
 /**
@@ -44,10 +70,12 @@ class IdeConfigNotFoundError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, configPath, context = {}) {
-    super(`Configuration directory not found: ${configPath}`, ideName, {
-      configPath,
-      ...context,
-    });
+    super(
+      `Configuration directory not found: ${configPath}`,
+      ideName,
+      { configPath, ...context },
+      'ENODIR' // Use unified error code
+    );
     this.configPath = configPath;
   }
 
@@ -72,11 +100,23 @@ class CommandInstallationError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, commandName, reason, context = {}) {
-    super(`Failed to install command '${commandName}': ${reason}`, ideName, {
-      commandName,
-      reason,
-      ...context,
-    });
+    // Detect appropriate error code from reason
+    let errorCode = 'ESTATE';
+    if (reason.toLowerCase().includes('permission')) {
+      errorCode = 'EACCES';
+    } else if (
+      reason.toLowerCase().includes('not found') ||
+      reason.toLowerCase().includes('no such')
+    ) {
+      errorCode = 'ENOENT';
+    }
+
+    super(
+      `Failed to install command '${commandName}': ${reason}`,
+      ideName,
+      { commandName, reason, ...context },
+      errorCode
+    );
     this.commandName = commandName;
     this.reason = reason;
   }
@@ -108,11 +148,12 @@ class FilePermissionError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, filePath, operation, context = {}) {
-    super(`Permission denied: cannot ${operation} '${filePath}'`, ideName, {
-      filePath,
-      operation,
-      ...context,
-    });
+    super(
+      `Permission denied: cannot ${operation} '${filePath}'`,
+      ideName,
+      { filePath, operation, ...context },
+      'EACCES' // Use unified error code
+    );
     this.filePath = filePath;
     this.operation = operation;
   }
@@ -138,14 +179,23 @@ class ContentInjectionError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, templateFile, reason, context = {}) {
-    super(`Content injection failed for '${templateFile}': ${reason}`, ideName, {
-      templateFile,
-      reason,
-      ...context,
-    });
+    super(
+      `Content injection failed for '${templateFile}': ${reason}`,
+      ideName,
+      { templateFile, reason, ...context },
+      'ECONFIG' // Use unified error code - configuration/template issue
+    );
     this.templateFile = templateFile;
     this.reason = reason;
   }
+
+  /**
+   * Get suggested action to fix the error
+   * @returns {string}
+   */
+  getSuggestedAction() {
+    return `Check the template file '${this.templateFile}' for valid placeholders. Run "npx agileflow doctor --fix" to repair.`;
+  }
 }
 
 /**
@@ -160,14 +210,34 @@ class CleanupError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, targetPath, reason, context = {}) {
-    super(`Cleanup failed for '${targetPath}': ${reason}`, ideName, {
-      targetPath,
-      reason,
-      ...context,
-    });
+    // Detect appropriate error code from reason
+    let errorCode = 'ESTATE';
+    if (reason.toLowerCase().includes('lock') || reason.toLowerCase().includes('busy')) {
+      errorCode = 'ELOCK';
+    } else if (reason.toLowerCase().includes('permission')) {
+      errorCode = 'EACCES';
+    }
+
+    super(
+      `Cleanup failed for '${targetPath}': ${reason}`,
+      ideName,
+      { targetPath, reason, ...context },
+      errorCode
+    );
     this.targetPath = targetPath;
     this.reason = reason;
   }
+
+  /**
+   * Get suggested action to fix the error
+   * @returns {string}
+   */
+  getSuggestedAction() {
+    if (this.errorCode === 'ELOCK') {
+      return `Close any applications using files in '${this.targetPath}' and try again.`;
+    }
+    return `Check permissions on '${this.targetPath}' or remove it manually.`;
+  }
 }
 
 /**
@@ -181,12 +251,29 @@ class IdeDetectionError extends IdeError {
    * @param {Object} [context={}] - Additional context
    */
   constructor(ideName, reason, context = {}) {
-    super(`IDE detection failed: ${reason}`, ideName, {
-      reason,
-      ...context,
-    });
+    // Detect appropriate error code
+    let errorCode = 'ECONFLICT';
+    if (
+      reason.toLowerCase().includes('not found') ||
+      reason.toLowerCase().includes('not installed')
+    ) {
+      errorCode = 'ENOENT';
+    }
+
+    super(`IDE detection failed: ${reason}`, ideName, { reason, ...context }, errorCode);
     this.reason = reason;
   }
+
+  /**
+   * Get suggested action to fix the error
+   * @returns {string}
+   */
+  getSuggestedAction() {
+    if (this.errorCode === 'ENOENT') {
+      return `Install ${this.ideName} and run it at least once to initialize configuration.`;
+    }
+    return `Check IDE configuration and resolve any conflicts. Run "npx agileflow doctor" for details.`;
+  }
 }
 
 /**
@@ -220,6 +307,52 @@ function isIdeError(error) {
   return error instanceof IdeError;
 }
 
+/**
+ * Format an IDE error for display using unified error code format
+ * @param {IdeError} error - IDE error to format
+ * @param {Object} [options={}] - Format options
+ * @param {boolean} [options.includeStack=false] - Include stack trace
+ * @param {boolean} [options.includeSuggestion=true] - Include suggested action
+ * @returns {string} Formatted error string
+ */
+function formatIdeError(error, options = {}) {
+  const { includeStack = false, includeSuggestion = true } = options;
+
+  if (!error) return 'Unknown error';
+
+  const lines = [];
+
+  // Main error line with IDE name and error code
+  lines.push(`[${error.errorCode}] ${error.ideName}: ${error.message}`);
+
+  // Severity and category
+  lines.push(`  Severity: ${error.severity} | Category: ${error.category}`);
+
+  // Suggested action (IDE-specific takes precedence)
+  if (includeSuggestion) {
+    const suggestion = error.getSuggestedAction?.() || error.suggestedFix;
+    if (suggestion) {
+      lines.push(`  Fix: ${suggestion}`);
+    }
+  }
+
+  // Recoverable status
+  lines.push(`  Recoverable: ${error.recoverable ? 'Yes' : 'No'}`);
+
+  // Auto-fix availability
+  if (error.autoFix) {
+    lines.push(`  Auto-fix available: npx agileflow doctor --fix`);
+  }
+
+  // Stack trace
+  if (includeStack && error.stack) {
+    lines.push('');
+    lines.push(error.stack);
+  }
+
+  return lines.join('\n');
+}
+
 module.exports = {
   IdeError,
   IdeConfigNotFoundError,
@@ -230,4 +363,5 @@ module.exports = {
   IdeDetectionError,
   withPermissionHandling,
   isIdeError,
+  formatIdeError,
 };