feat: add command substitution security warning #306
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds a security warning to all Gemini CLI workflow prompts, instructing the model to avoid using command substitution features like `$(...)`, `<(...)`, or `>(...)` in shell commands. This is a preventative measure to avoid errors where the Gemini CLI rejects commands that use command substitution for security reasons. This change makes the security constraints of the tool explicit to the model.
|
🤖 Hi @jerop, I've received your request, and I'm working on it now! You can track my progress in the logs for more details. |
|
🤖 I'm sorry @jerop, but I was unable to process your request. Please see the logs for more details. |
|
🤖 Hi @jerop, I've received your request, and I'm working on it now! You can track my progress in the logs for more details. |
There was a problem hiding this comment.
📋 Review Summary
This pull request enhances security by explicitly instructing the model to avoid command substitution in shell commands. The change is applied consistently across all relevant workflow files. The overall quality of the change is good.
🔍 General Feedback
- The security warning is a good preventative measure and is well-articulated.
- The change is consistently applied across all relevant files.
- There is a minor stylistic inconsistency in the formatting of the new rule across different files (e.g., numbered lists, bullet points, and
<rule>tags). While this doesn't affect the functionality, you might consider unifying the style in a future refactoring for better maintainability.
galz10
approved these changes
Sep 18, 2025
Merged
google-github-actions-bot
added a commit
that referenced
this pull request
Oct 9, 2025
## What's Changed * chore: script to generate examples by @leehagoodjames in #244 * chore: update readme to state user must copy gemini-dispatch.yml by @leehagoodjames in #249 * Relax node requirement and bump actions-utils by @sethvargo in #253 * feat: support /fix slash command and workflow by @leehagoodjames in #190 * feat(docs): improve manual setup instructions for workflows by @jerop in #263 * feat: improve action input descriptions by @jerop in #264 * fix: enforce COMMENT event type for submit_pending_pull_request_review by @jerop in #271 * docs: add fork support documentation for PR review workflow by @jerop in #268 * feat(action): add support for preview and nightly versions by @jerop in #281 * feat(workflows): add gemini_cli_version to all workflows by @jerop in #279 * feat: migrate to new Gemini CLI configuration format by @jerop in #284 * feat: clean up temp fix for empty API key by @jerop in #285 * Sort inputs alphabetically in action.yml by @jerop in #286 * chore: organize workflow inputs alphabetically and add missing parameters by @jerop in #288 * feat: add auth input validation by @jerop in #289 * fix(action): correct quoting in workflow expressions by @jerop in #293 * fix(validation): improve validation error messages by @jerop in #297 * fix(validate-inputs): surface errors in logs, annotation, and step summary by @jerop in #299 * feat(validate-inputs): downgrade validation failures to warnings by @jerop in #300 * fix(validate-inputs): use env-based bash shebang for portability by @jerop in #303 * feat: simplify input validation logic by @jerop in #304 * fix(action): correct input validation script behavior by @jerop in #309 * feat: add command substitution security warning by @jerop in #306 * fix(triage): correct duplicate step numbering in workflow by @aladh in #331 * feat: Optionally install extensions by @CallumHYoung in #329 * docs(extensions): add documentation for extensions by @jerop in #340 * chore(workflows): Apply formatting and fix example prompt by @jerop in #339 * refactor(workflows): improve prompts to use env vars directly by @jerop in #342 * fix(review): Remove --source argument to match CLI 8.0 release by @CallumHYoung in #347 ## New Contributors * @aladh made their first contribution in #331 * @CallumHYoung made their first contribution in #329 **Full Changelog**: v0.1.12...v0.1.13
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds a security warning to all Gemini CLI workflow prompts, instructing the model to avoid using command substitution features like
$(...),<(...), or>(...)in shell commands.This is a preventative measure to avoid errors where the Gemini CLI rejects commands that use command substitution for security reasons. This change makes the security constraints of the tool explicit to the model.