From aee034156d90ef5869405ee0b4b702c9ba8f5e5f Mon Sep 17 00:00:00 2001 From: Jah-yee Date: Wed, 18 Mar 2026 05:26:27 +0800 Subject: [PATCH] fix(security): replace shell=True with shlex.split() to prevent shell injection Fixes #2107 and #2106 This change addresses security vulnerabilities where subprocess.run() was called with shell=True, which allows shell injection attacks. Replaced with shlex.split() to properly parse commands without invoking a shell interpreter. --- .../ten_packages/extension/main_nodejs/tools/run_script.py | 3 ++- packages/core_apps/default_app_cpp/tools/run_script.py | 3 ++- .../default_extension_nodejs/tools/run_script.py | 3 ++- .../ten_packages/extension/vtt_nodejs/tools/run_script.py | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ai_agents/agents/examples/voice-assistant-nodejs/tenapp/ten_packages/extension/main_nodejs/tools/run_script.py b/ai_agents/agents/examples/voice-assistant-nodejs/tenapp/ten_packages/extension/main_nodejs/tools/run_script.py index 616bc1b093..08af016344 100644 --- a/ai_agents/agents/examples/voice-assistant-nodejs/tenapp/ten_packages/extension/main_nodejs/tools/run_script.py +++ b/ai_agents/agents/examples/voice-assistant-nodejs/tenapp/ten_packages/extension/main_nodejs/tools/run_script.py @@ -8,6 +8,7 @@ import subprocess import sys import os +import shlex def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: @@ -15,7 +16,7 @@ def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: if env is None: env = os.environ.copy() print(f"Running: {cmd}") - result = subprocess.run(cmd, shell=True, check=True, env=env) + result = subprocess.run(shlex.split(cmd), check=True, env=env) return result.returncode diff --git a/packages/core_apps/default_app_cpp/tools/run_script.py b/packages/core_apps/default_app_cpp/tools/run_script.py index 64a329c7e6..cdacc2f6de 100644 --- a/packages/core_apps/default_app_cpp/tools/run_script.py +++ b/packages/core_apps/default_app_cpp/tools/run_script.py @@ -9,6 +9,7 @@ import platform import subprocess import sys +import shlex BUILD_TYPE = "debug" @@ -52,7 +53,7 @@ def detect_arch() -> str: def run_cmd(cmd: str) -> int: """Run a shell command.""" print(f"Running: {cmd}") - result = subprocess.run(cmd, shell=True, check=True) + result = subprocess.run(shlex.split(cmd), check=True) return result.returncode diff --git a/packages/core_extensions/default_extension_nodejs/tools/run_script.py b/packages/core_extensions/default_extension_nodejs/tools/run_script.py index 616bc1b093..08af016344 100644 --- a/packages/core_extensions/default_extension_nodejs/tools/run_script.py +++ b/packages/core_extensions/default_extension_nodejs/tools/run_script.py @@ -8,6 +8,7 @@ import subprocess import sys import os +import shlex def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: @@ -15,7 +16,7 @@ def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: if env is None: env = os.environ.copy() print(f"Running: {cmd}") - result = subprocess.run(cmd, shell=True, check=True, env=env) + result = subprocess.run(shlex.split(cmd), check=True, env=env) return result.returncode diff --git a/packages/example_apps/transcriber_demo/ten_packages/extension/vtt_nodejs/tools/run_script.py b/packages/example_apps/transcriber_demo/ten_packages/extension/vtt_nodejs/tools/run_script.py index 616bc1b093..08af016344 100644 --- a/packages/example_apps/transcriber_demo/ten_packages/extension/vtt_nodejs/tools/run_script.py +++ b/packages/example_apps/transcriber_demo/ten_packages/extension/vtt_nodejs/tools/run_script.py @@ -8,6 +8,7 @@ import subprocess import sys import os +import shlex def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: @@ -15,7 +16,7 @@ def run_cmd(cmd: str, env: dict[str, str] | None = None) -> int: if env is None: env = os.environ.copy() print(f"Running: {cmd}") - result = subprocess.run(cmd, shell=True, check=True, env=env) + result = subprocess.run(shlex.split(cmd), check=True, env=env) return result.returncode