Skip to content

Sanitize terminal output (escape injection + prompt injection) #9

Open
Open
Sanitize terminal output (escape injection + prompt injection)#9
Labels
bugSomething isn't workingenhancementNew feature or request
@longevityboris

Description

@longevityboris
longevityboris
opened on Mar 27, 2026

Problem

inbox read prints raw text/HTML directly to the terminal. Attacker-controlled email content can:

  • Inject terminal escape sequences (clear screen, move cursor, execute commands in some terminals)
  • Inject prompt injection payloads that an AI agent reading the output would follow

Proposal

  1. Strip/escape ANSI escape codes from text bodies before printing
  2. Strip HTML tags for human-readable output (or use a text renderer like html2text)
  3. Add --raw flag for unfiltered output when needed
  4. In JSON mode, content is safely escaped by serde — no change needed there

Priority: MEDIUM — security issue for agent inboxes

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingenhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions