anomalyco
Tools Fail to Unescape XML Entities (e.g., "&&" Becomes Invalid Shell Syntax)
Description
Disclosure: 1st draft AI generated.
Tool fail to properly unescape XML entities in command arguments, leading to execution errors, or file content corruption. This occurs when commands include chained operators like "&&", which must be escaped as "&&" in the XML function call format to make it valid XML. However, the tool passes the escaped string directly to the shell without unescaping, causing syntax errors.
Also happens with Edit and Write tools where \n replaces newlines and a whole file becomes one line of text.
Environment:
- Platform: Linux.
- Tools: Bash, Write, Edit tools in opencode.
Impact:
- Prevents reliable use of chained Bash commands, breaking workflows like script execution or multi-step operations.
Suggested Fix:
- In the Tool handlers, add unescaping logic (e.g., replace "&" with "&", "\n" with new line, etc.) before executing the command string in the shell. Reference standard XML entity handling in tool parsers.
Additional Context:
- This aligns with the safety instructions' XML-inspired format, but the parsing layer appears to miss unescaping.
- Reproducible in sessions with function calls: Bash, Write, Edit.
Related: https://github.com/sst/opencode/issues/3868#issuecomment-3522364197
OpenCode version
1.0.77
Steps to reproduce
- Invoke the Bash tool with a command like:
cd /path && ls(escaped for XML validity). - The tool executes it as "cd /path && ls" in the shell.
- Result: Error like "/bin/sh: 1: Syntax error: "&" unexpected".
Expected Behavior:
- The app should unescape the argument (e.g., "&&" -> "&&") before passing to the shell, allowing valid execution (e.g., "cd /path && ls").
Actual Behavior:
- Escaped string is passed literally, causing shell syntax errors for any command with "&" (e.g., chaining with "&&").
Screenshot and/or share link
No response
Operating System
Linux
Terminal
Alacritty & Zellij
