Security: github_get_file allows path traversal via '..' in path parameter

[labtgbot]

Severity: 🔴 CRITICAL

Description

The github_get_file tool in lib/repo-ops.js passes the path parameter directly into the URL path without sanitizing directory traversal sequences. While encodeURIComponent is used, GitHub's API itself resolves .. segments, allowing traversal to parent directories within the repo.

Current Code

const data = await client.get(
  `/repos/${encodeURIComponent(params.owner)}/${encodeURIComponent(params.repo)}/contents/${params.path}`,
  queryParams
);

Risk

A malicious or mistaken user could supply paths like ../.github/workflows/deploy.yml or similar sequences. While GitHub API limits traversal to within the repo, this could:

• Expose sensitive files outside the intended scope (e.g., .env files at repo root when user intended a subdirectory)
• Bypass path-based access controls if the plugin is extended with path restrictions in the future

Recommended Fix

Normalize and validate the path before sending to the API:

// Reject paths that attempt directory traversal
if (params.path.includes('..') || params.path.startsWith('/')) {
  return { success: false, error: "Path must not contain '..' or start with '/'." };
}

File

• plugins/github-dev-assistant/lib/repo-ops.js (github_get_file tool, ~line 190)
• Consider applying the same check to github_update_file, github_delete_file, and github_download_file