🛡️ Sentinel: [CRITICAL] Fix command injection in docker logs API

[bobdivx]

🚨 Severity: CRITICAL
💡 Vulnerability: Node.js API route docker-logs.ts used execSync with concatenated user input (containerId and tail) to execute shell commands like docker logs. This allowed arbitrary shell command execution if user input contained shell metacharacters.
🎯 Impact: Complete system compromise via arbitrary command execution as the user running the Node.js process.
🔧 Fix: Replaced execSync with execFileAsync (promisified execFile) to bypass the shell interpreter. Passed arguments as a strict array, ensuring user input is treated as arguments. Added -- separator to signify the end of command options and prevent flag injection. Added regex validation for containerId and sanitized HTTP 500 error messages.
✅ Verification: Ran pnpm check and pnpm test (all tests passed) to ensure no regressions were introduced. Added learning entry to .jules/sentinel.md.

---

PR created automatically by Jules for task 12339320468183441182 started by @bobdivx

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
forge	Ready	Preview, Comment	Jun 10, 2026 5:19pm

[gemini-code-assist]

Code Review

This pull request addresses a critical command injection vulnerability in the Docker logs API route by switching from execSync to execFileAsync, validating the containerId and tail parameters, and sanitizing error responses. Additionally, a sentinel file was added to document the vulnerability and prevention steps. The review feedback points out that the current implementation of log capturing might discard stderr logs if stdout is not empty, and suggests combining both streams to ensure all logs are captured.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

When docker logs executes successfully, it can output to both stdout and stderr (since containers often write to both streams). The current implementation uses an if-else block which completely discards stderr logs if stdout is not empty.

To ensure all logs are captured and returned, you should combine both streams.

        const combined = [stdout, stderr].filter(s => s && s.trim()).join('\n').trim();
        if (combined) {
            logs = combined.split('\n');
        }