Escape env var values before writing shell exports
Both update_in_file and append_to_file interpolate the raw secret into export …="{value}" without any escaping. Secrets fetched from Vault can legitimately contain double quotes, backslashes, or shell metacharacters; when such a value is written unescaped, sourcing the shell config will either fail with a syntax error or execute unintended shell expansions. Consider shell-quoting or otherwise sanitizing new_value before writing it (the same pattern also appears in append_to_file).
Useful? React with 👍 / 👎.
Originally posted by @chatgpt-codex-connector[bot] in #3 (comment)
Both
update_in_fileandappend_to_fileinterpolate the raw secret intoexport …="{value}"without any escaping. Secrets fetched from Vault can legitimately contain double quotes, backslashes, or shell metacharacters; when such a value is written unescaped, sourcing the shell config will either fail with a syntax error or execute unintended shell expansions. Consider shell-quoting or otherwise sanitizingnew_valuebefore writing it (the same pattern also appears inappend_to_file).Useful? React with 👍 / 👎.
Originally posted by @chatgpt-codex-connector[bot] in #3 (comment)