Skip to content

scan recipe for security when saving recipe #5747

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

scan recipe for security when saving recipe #5747

wants to merge 1 commit into from

Conversation

@lifeizhou-ap
Copy link
Contributor

@lifeizhou-ap lifeizhou-ap commented Nov 14, 2025

Summary

Scan recipe for security when saving recipe

Type of Change

  • Feature
  • Bug fix
  • Refactor / Code quality
  • Performance improvement
  • Documentation
  • Tests
  • Security fix
  • Build / Release
  • Other (specify below)

Testing

Manual testing

Copilot AI review requested due to automatic review settings November 14, 2025 20:38
Copilot finished reviewing on behalf of lifeizhou-ap November 14, 2025 20:40
Copilot AI reviewed Nov 14, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds security validation to the save_recipe endpoint to detect and block recipes containing invisible Unicode tag characters (U+E0000-U+E007F) that could be used for steganographic attacks. The validation rejects such recipes before they are saved to disk.

  • Adds a security check using check_for_security_warnings() before saving recipes
  • Returns a clear error message when malicious Unicode tag characters are detected
Comments suppressed due to low confidence (1)

crates/goose-server/src/routes/recipe.rs:339

  • The OpenAPI documentation specifies status 204 (No Content) for success, but the endpoint actually returns status 200 with a JSON body (SaveRecipeResponse). Either update the documentation to status 200 or change the implementation to return 204 with no body.
        (status = 204, description = "Recipe saved to file successfully", body = SaveRecipeResponse),

DOsinga
DOsinga approved these changes Nov 14, 2025
View reviewed changes
crates/goose-server/src/routes/recipe.rs
let has_security_warnings = request.recipe.check_for_security_warnings();
if has_security_warnings {
return Err(ErrorResponse {
message: "This recipe contains hidden characters that will be ignored for your safety, as they could be used for malicious purposes.".to_string(),
Copy link
Collaborator

@DOsinga DOsinga Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

isn't it more the case that we are refusing the save this recipe? so say something like, this contains hidden characters, please remove before trying to save?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@DOsinga DOsinga DOsinga approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lifeizhou-ap @DOsinga