antigravity-ai-kit 3.2.0 → 3.3.1

package/lib/io.js

@@ -68,7 +68,44 @@ function readJsonSafe(filePath, defaultValue = null) {
   }
 }
 
+/**
+ * Recursively copies a directory, skipping symbolic links for security.
+ *
+ * Symlinks are skipped because they could point outside the intended
+ * scope (e.g., outside .agent/), enabling path traversal attacks.
+ *
+ * @param {string} src - Source directory path
+ * @param {string} dest - Destination directory path
+ * @returns {void}
+ */
+function safeCopyDirSync(src, dest) {
+  if (!fs.existsSync(dest)) {
+    fs.mkdirSync(dest, { recursive: true });
+  }
+
+  const entries = fs.readdirSync(src, { withFileTypes: true });
+
+  for (const entry of entries) {
+    const srcPath = path.join(src, entry.name);
+    const destPath = path.join(dest, entry.name);
+
+    // Security: skip symlinks to prevent path traversal
+    const stat = fs.lstatSync(srcPath);
+    if (stat.isSymbolicLink()) {
+      log.debug('Skipping symlink for security', { path: srcPath });
+      continue;
+    }
+
+    if (entry.isDirectory()) {
+      safeCopyDirSync(srcPath, destPath);
+    } else {
+      fs.copyFileSync(srcPath, destPath);
+    }
+  }
+}
+
 module.exports = {
   writeJsonAtomic,
   readJsonSafe,
+  safeCopyDirSync,
 };

package/lib/plugin-system.js

@@ -16,7 +16,7 @@ const fs = require('fs');
 const path = require('path');
 
 const { AGENT_DIR, ENGINE_DIR, PLUGINS_DIR, HOOKS_DIR } = require('./constants');
-const { writeJsonAtomic } = require('./io');
+const { writeJsonAtomic, safeCopyDirSync } = require('./io');
 const { createLogger } = require('./logger');
 const log = createLogger('plugin-system');
 const PLUGINS_REGISTRY = 'plugins-registry.json';
@@ -289,7 +289,7 @@ function installPlugin(pluginPath, projectRoot) {
   for (const skillDir of (manifest.skills || [])) {
     const src = path.join(pluginPath, 'skills', skillDir);
     const dest = path.join(projectRoot, AGENT_DIR, 'skills', skillDir);
-    copyDirSync(src, dest);
+    safeCopyDirSync(src, dest);
     installed.skills++;
   }
 
@@ -593,31 +593,7 @@ function copyFileSync(src, dest) {
   fs.copyFileSync(src, dest);
 }
 
-/**
- * Recursively copies a directory.
- *
- * @param {string} src - Source directory
- * @param {string} dest - Destination directory
- * @returns {void}
- */
-function copyDirSync(src, dest) {
-  if (!fs.existsSync(dest)) {
-    fs.mkdirSync(dest, { recursive: true });
-  }
-
-  const entries = fs.readdirSync(src, { withFileTypes: true });
 
-  for (const entry of entries) {
-    const srcPath = path.join(src, entry.name);
-    const destPath = path.join(dest, entry.name);
-
-    if (entry.isDirectory()) {
-      copyDirSync(srcPath, destPath);
-    } else {
-      fs.copyFileSync(srcPath, destPath);
-    }
-  }
-}
 
 module.exports = {
   validatePlugin,

package/lib/security-scanner.js

@@ -262,6 +262,12 @@ function collectAllFiles(dirPath) {
   for (const entry of entries) {
     const fullPath = path.join(dirPath, entry.name);
 
+    // Security: skip symlinks to prevent path traversal
+    const stat = fs.lstatSync(fullPath);
+    if (stat.isSymbolicLink()) {
+      continue;
+    }
+
     if (entry.isDirectory() && entry.name !== 'node_modules' && entry.name !== '.git') {
       files.push(...collectAllFiles(fullPath));
     } else if (entry.isFile()) {

package/lib/updater.js

@@ -27,6 +27,7 @@ const PRESERVED_FILES = new Set([
 /** Directories whose contents should never be overwritten */
 const PRESERVED_DIRS = new Set([
   'decisions',
+  'contexts',
 ]);
 
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "antigravity-ai-kit",
-  "version": "3.2.0",
+  "version": "3.3.1",
   "description": "🚀 Trust-Grade AI development framework with a 29-module runtime engine — 19 Agents, 32 Skills, 31 Commands, 14 Workflows, 327 Tests. Workflow enforcement, task governance, agent reputation, self-healing, and skill marketplace.",
   "main": "bin/ag-kit.js",
   "bin": {