fix(security): sanitize filenames before LLM prompt interpolation
Untrusted filenames from uploaded documents were interpolated directly into LLM system prompts without sanitization, enabling prompt injection via crafted PDF/DOCX filenames. Add sanitizeLlmInput() to strip control characters, collapse newlines, truncate, and NFC-normalize all user-supplied values before they enter the prompt. Addresses upstream PR #158. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
| Repository | Dshamir/AI-Legal |
|---|---|
| Author | Dshamir <dshamir@blucap.ca> |
| Authored | |
| Parents | 0ef9d600 |
| Stats | 4 files changed , +2792 , -2988 |
| Part of | Upstream-PR security and infra hardening |
Capture this commit into my fork
Download a Markdown prompt that tells Claude how to port this
exact commit into your working tree. Run it via
claude -p < capture-commit-af4ed2db.md
from inside the repo you want the change in.