share-artifact
Security fix — command injection in the upload path. The slug and local path
were inlined into shell source, so a quote or $(...)/; in the free-text image
description could break out of quoting and run before the runtime sanitizer ever
executed. Free-text inputs (description and path) are now captured via
single-quoted heredocs — the real safety boundary — and only then sanitized into
the slug.
Hardened in the same pass:
- empty / all-punctuation descriptions fall back to a stable slug instead of a bare trailing dash;
- a failed counter query now aborts instead of silently resetting to
001(which could overwrite an existing asset); - only a real
https://URL is ever surfaced — a failed upload no longer pastes the literalnull; - corrected the credential-disclosure guidance (
cld configmasks only the secret; the key and cloud name are still sensitive).
Docs. The README privacy model now states the signed URL doesn't expire and
stays live wherever the transcript lands (logs, backups, sync) — prune sensitive
shares at end of conversation.
git-history-rewrite is unchanged; its version moves to 0.1.2 only to keep the
marketplace lockstep.
Full Changelog: v0.1.1...v0.1.2