fix: improved minor sanitizations

Author: alfonsograziano

src/dockerUtils.ts

@@ -3,7 +3,7 @@ import util from 'util';
 import { logger } from './logger.ts';
 import { getConfig } from './config.ts';
 import { textContent } from './types.ts';
-import { sanitizeShellCommand } from './utils.ts';
+import { sanitizeContainerId, sanitizeShellCommand } from './utils.ts';
 
 const execFilePromise = util.promisify(execFile);
 
@@ -19,7 +19,7 @@ export async function forceStopContainer(containerId: string): Promise<void> {
   );
   try {
     // Sanitize containerId
-    const safeId = sanitizeShellCommand(containerId);
+    const safeId = sanitizeContainerId(containerId);
     if (!safeId) throw new Error('Invalid containerId');
     // Force stop the container (ignores errors if already stopped)
     await execFilePromise('docker', ['stop', safeId]);

src/tools/exec.ts

@@ -5,6 +5,7 @@ import {
   DOCKER_NOT_RUNNING_ERROR,
   isDockerRunning,
   sanitizeContainerId,
+  sanitizeShellCommand,
 } from '../utils.ts';
 
 export const argSchema = {
@@ -19,7 +20,6 @@ export default async function execInSandbox({
   container_id: string;
   commands: string[];
 }): Promise<McpResponse> {
-  console.log('execInSandbox', container_id);
   const validId = sanitizeContainerId(container_id);
   if (!validId) {
     return {
@@ -35,8 +35,13 @@ export default async function execInSandbox({
 
   const output: string[] = [];
   for (const cmd of commands) {
+    const sanitizedCmd = sanitizeShellCommand(cmd);
+    if (!sanitizedCmd)
+      throw new Error(
+        'Cannot run command as it contains dangerous metacharacters'
+      );
     output.push(
-      execFileSync('docker', ['exec', validId, '/bin/sh', '-c', cmd], {
+      execFileSync('docker', ['exec', validId, '/bin/sh', '-c', sanitizedCmd], {
         encoding: 'utf8',
       })
     );