🛡️ Sentinel: [CRITICAL] Gherkin export 명령의 경로 탐색(Path Traversal) 취약점 수정

[seonghobae]

🚨 Severity: CRITICAL

💡 Vulnerability: Path traversal in exportGherkin command. The CLI concatenated the user-provided output path directly with the project root using path.join, allowing malicious agents to write files to arbitrary locations outside the project directory (e.g., using ../../../ or absolute paths like /etc/passwd).
🎯 Impact: An attacker or malicious AI could write files anywhere on the user's local filesystem (within their OS permissions), potentially overwriting critical configuration files, dropping malicious payloads, or corrupting data outside the intended scope.
🔧 Fix: Replaced path.join with path.resolve and added strict boundary checks using path.relative. The code now explicitly checks if the resolved path starts with .. or is an absolute path relative to the root. If a violation is detected, it throws a structured VspecError(INVALID_ARGUMENT) to fail securely without leaking internal file structures in stack traces.
✅ Verification: Verified by a new unit test in tests/gherkin.test.ts that explicitly attempts path traversal using both absolute and relative (../) payloads. Tests pass successfully.

(Note: PR title and description requested in Korean as per memory instructions.)

---

PR created automatically by Jules for task 25955486560852296 started by @seonghobae

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[coderabbitai]

📝 Walkthrough

개요

사용자 제공 출력 경로를 검증하여 프로젝트 루트 밖으로의 경로 순회를 방지하는 보안 개선사항을 구현했습니다. 검증 로직은 path.resolve와 path.relative를 사용하여 구현하며, 테스트 인프라와 보안 문서가 함께 추가됩니다.

변경 사항

경로 순회 검증 및 테스트

계층 / 파일	설명
경로 검증 로직 구현 src/export/gherkin.ts	Node path 유틸리티(isAbsolute, relative, resolve)를 임포트하고, 사용자 input output을 config.root에 대해 해석한 후 상대 경로로 변환하여 프로젝트 루트 밖의 절대/상대 경로를 reject하는 VspecError를 throw함.
테스트 인프라 및 설정 tests/gherkin.test.ts	필수 임포트(exportGherkin, VspecError, beforeEach/afterEach)를 추가하고, tmpdir 하위에 임시 작업 디렉터리를 생성/정리하는 beforeEach/afterEach 훅을 구현함.
경로 순회 검증 테스트 tests/gherkin.test.ts	프로젝트 루트 밖의 상대/절대 경로 입력에 대해 exportGherkin이 INVALID_ARGUMENT VspecError를 특정 메시지와 함께 throw하는지 두 케이스로 검증함.
보안 개선 문서화 .jules/sentinel.md	exportGherkin의 경로 순회 취약점, path.join의 한계, path.resolve/path.relative 기반 검증 방법을 설명하는 보안 메모를 추가함.

예상 코드 리뷰 난이도

🎯 3 (중간) | ⏱️ ~20분

축하 시

🐰 경로 넘어 여행할 수 없네,
resolve와 relative로 경계를 지키니,
루트 안에만 파일이 머물러,
테스트는 든든하고 문서는 밝네! ✨

---

Caution

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

• Ignore

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Docstring Coverage	❌ Error	Docstring coverage is 0.00% which is insufficient. The required threshold is 100.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	PR 제목은 변경 사항의 핵심인 경로 탐색(Path Traversal) 취약점 수정을 명확하게 설명하고 있습니다.
Description check	✅ Passed	PR 설명은 취약점의 성질, 영향, 해결 방법, 검증 방법을 상세히 설명하고 있으며 변경 사항과 직접적으로 관련이 있습니다.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sentinel/fix-path-traversal-export-gherkin-25955486560852296

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch sentinel/fix-path-traversal-export-gherkin-25955486560852296

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

tests/gherkin.test.ts (1)

25-50: ⚡ Quick win

경로 순회 검증 테스트가 올바르게 구현되었습니다.

두 가지 공격 벡터(상대 경로 순회와 절대 경로)를 정확히 검증하며, VspecError의 에러 코드와 메시지가 구현과 일치합니다.

테스트 커버리지 개선을 위해 유효한 경로(프로젝트 루트 내부)로 exportGherkin을 호출하는 긍정 테스트 케이스를 추가하는 것을 권장합니다. 이를 통해 검증 로직이 정상적인 사용 사례를 방해하지 않는지 확인할 수 있습니다:

✅ 긍정 테스트 케이스 제안

+  it("exports to valid path within project root", () => {
+    writeFileSync(
+      join(cwd, "specs/usecases/TEST-2-usecase.md"),
+      `---
+vspec_format: 1
+type: usecase
+key: TEST-2
+title: Valid Export
+level: SUMMARY
+format: CASUAL
+status: DRAFT
+priority: P1
+scope: test
+primary_actor: user
+---
+## Main Success
+`
+    );
+
+    expect(() => exportGherkin({ key: "TEST-2", output: "tests/valid.feature", cwd })).not.toThrow();
+    expect(readFileSync(join(cwd, "tests/valid.feature"), "utf8")).toContain("Feature: Valid Export");
+  });

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/gherkin.test.ts` around lines 25 - 50, Add a positive test that calls
exportGherkin with a valid output path inside the project root to ensure the
path-traversal guard doesn't block legitimate outputs: in tests/gherkin.test.ts
create a case that writes the same TEST-1 spec, then calls exportGherkin({ key:
"TEST-1", output: "tmp/ok.feature", cwd }) (or another relative path under cwd)
and asserts it does not throw (or returns the expected result); reference
exportGherkin and VspecError only to contrast the negative tests and ensure the
new test verifies successful behavior for in-root outputs.

src/export/gherkin.ts (1)

43-48: 경로 순회 검증 로직이 적절합니다

• resolve()로 정규화한 뒤 relative() 결과에 대해 startsWith("..") 및 isAbsolute(rel)를 검사해 프로젝트 루트 밖 경로(상위 디렉터리/절대경로)를 VspecError("INVALID_ARGUMENT", ...)로 차단합니다.
• 다만 현재는 경로 문자열 기반이라 심볼릭 링크로 외부 실경로가 연결된 경우까지 완전히 방어하진 못합니다(선택적 개선: fs.realpathSync로 root와 output의 실경로 비교 고려).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/export/gherkin.ts` around lines 43 - 48, The current path traversal check
using resolve(), relative() and rel.startsWith("..")/isAbsolute(rel)
(variables/outputPath, rel and functions resolve/relative) can be bypassed by
symbolic links; update the validation to compare real filesystem paths: call
fs.realpathSync on both config.root and outputPath (or use async equivalent),
resolve and normalize them, then ensure the real output path starts with the
real root path (or is equal) before proceeding — if not, throw the same
VspecError("INVALID_ARGUMENT", ...) to block paths that resolve outside the
project root.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/export/gherkin.ts`:
- Around line 43-48: The current path traversal check using resolve(),
relative() and rel.startsWith("..")/isAbsolute(rel) (variables/outputPath, rel
and functions resolve/relative) can be bypassed by symbolic links; update the
validation to compare real filesystem paths: call fs.realpathSync on both
config.root and outputPath (or use async equivalent), resolve and normalize
them, then ensure the real output path starts with the real root path (or is
equal) before proceeding — if not, throw the same VspecError("INVALID_ARGUMENT",
...) to block paths that resolve outside the project root.

In `@tests/gherkin.test.ts`:
- Around line 25-50: Add a positive test that calls exportGherkin with a valid
output path inside the project root to ensure the path-traversal guard doesn't
block legitimate outputs: in tests/gherkin.test.ts create a case that writes the
same TEST-1 spec, then calls exportGherkin({ key: "TEST-1", output:
"tmp/ok.feature", cwd }) (or another relative path under cwd) and asserts it
does not throw (or returns the expected result); reference exportGherkin and
VspecError only to contrast the negative tests and ensure the new test verifies
successful behavior for in-root outputs.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2bb770ea-cf57-44a5-a026-8080a7425a9d

📥 Commits

Reviewing files that changed from the base of the PR and between f4223cb and 7f57d39.

📒 Files selected for processing (3)

• .jules/sentinel.md
• src/export/gherkin.ts
• tests/gherkin.test.ts