continuedev · continue · Mar 3, 2026 · Mar 3, 2026 · Mar 3, 2026 · Mar 3, 2026
@@ -12,22 +12,34 @@ const ttsKillTimeout: number = 5000;
 
 /**
  * Cleans a message text to safely be used in 'exec' context on host.
+ * This function sanitizes input to prevent command injection attacks.
  *
  * Return modified message text.
  */
 export function sanitizeMessageForTTS(message: string): string {
   message = removeCodeBlocksAndTrim(message);
 
-  // Remove or replace problematic characters
+  // Remove or replace problematic characters that could enable command injection
+  // This includes shell metacharacters and escape sequences
   message = message
-    .replace(/"/g, "")
-    .replace(/`/g, "")
-    .replace(/\$/g, "")
-    .replace(/\\/g, "")
-    .replace(/[&|;()<>]/g, "");
+    .replace(/"/g, "") // Remove double quotes
+    .replace(/'/g, "") // Remove single quotes
+    .replace(/`/g, "") // Remove backticks (command substitution)
+    .replace(/\$/g, "") // Remove dollar signs (variable expansion)
+    .replace(/\\/g, "") // Remove backslashes (escape sequences)
+    .replace(/[&|;()<>{}\[\]!#*?~^%]/g, "") // Remove shell metacharacters (includes % for cmd.exe variable expansion)
+    .replace(/\x00/g, "") // Remove null bytes
+    .replace(/\n/g, " ") // Replace newlines with spaces
+    .replace(/\r/g, " "); // Replace carriage returns with spaces
 
   message = message.trim().replace(/\s+/g, " ");
 
+  // Limit message length to prevent potential DoS
+  const MAX_TTS_LENGTH = 5000;
+  if (message.length > MAX_TTS_LENGTH) {
+    message = message.substring(0, MAX_TTS_LENGTH);
+  }
+
   return message;
 }
 

@@ -266,6 +266,7 @@ function calculateFallbackCost(
 }
 
 // Helper function to record telemetry
+// eslint-disable-next-line complexity -- Pre-existing complexity; refactoring deferred
 export function recordStreamTelemetry(options: {
   requestStartTime: number;
   responseEndTime: number;

@@ -1,13 +1,19 @@
 import { logger } from "../../util/logger.js";
 
 /**
- * Dynamically import Sharp without using eval
+ * Dynamically import Sharp module for image processing.
+ * Sharp is an optional dependency for image resizing/conversion.
+ * Uses a variable module name to prevent TypeScript from trying to resolve the module at compile time.
  */
 async function loadSharp(): Promise<any> {
   try {
-    // Use Function constructor to avoid bundler issues with dynamic imports
-    const importSharp = new Function('return import("sharp")');
-    const sharpModule = await importSharp().catch(() => null);
+    // Use a variable to store the module name to prevent TypeScript static analysis
+    // from trying to resolve the module (which would fail if sharp is not installed)
+    const moduleName = "sharp";
+    // eslint-disable-next-line @typescript-eslint/no-require-imports
+    const sharpModule = await import(
+      /* webpackIgnore: true */ moduleName
+    ).catch(() => null);
     return sharpModule ? sharpModule.default || sharpModule : null;
   } catch {
     return null;

@@ -1,4 +1,5 @@
 import { ConfigYaml, parseConfigYaml } from "@continuedev/config-yaml";
+import DOMPurify from "dompurify";
 import {
   ArrowPathIcon,
   ChevronDownIcon,
@@ -395,7 +396,7 @@ function MCPServerPreview({
             >
               <span
                 className="text-xs"
-                dangerouslySetInnerHTML={{ __html: info }}
+                dangerouslySetInnerHTML={{ __html: DOMPurify.sanitize(info) }}
               />
             </Alert>
           ))}