< and > were in DANGEROUS_CHARS on the assumption they could trigger
shell redirection. However, shell redirection only applies at the
command level — inside double-quoted strings (which is how all values
are passed via formatParam) they are completely inert.
Removing them from DANGEROUS_CHARS and sanitizePath preserves:
- Mermaid diagram connectors: ->>, -->, <|, >>, etc.
- HTML tags in note content
- Any other angle-bracket syntax
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Backticks were being stripped entirely by the sanitizer, destroying
Markdown code fences (```) in note content.
The real injection risk is backtick command substitution inside
double-quoted shell strings (e.g. content=`rm -rf /`). The fix is to
escape backticks as \` in formatParam — exactly as we already do for
double quotes — so the shell never interprets them while the content
is preserved intact.
Changes:
- sanitizer.ts: remove ` from DANGEROUS_CHARS and the backtick command
substitution pattern from COMMAND_INJECTION_PATTERNS (now handled at
the quoting layer, not the stripping layer)
- cli-helpers.ts: escape backticks as \` in formatParam alongside the
existing double-quote escaping
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Fixes#2 - Files with & in their names (e.g., 'Research & Development.md')
were being incorrectly sanitized, causing search and file-not-found errors.
Changes:
- Removed & from DANGEROUS_CHARS regex
- Single & is safe in quoted arguments passed to CLI
- Dangerous && patterns still blocked by COMMAND_INJECTION_PATTERNS
- Also allows (), [], {} which are safe in quoted args
Version: 1.1.2
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
