fix: harden pre-commit hook against option injection

CHANGELOG.md

@@ -19,6 +19,7 @@ Docs: https://docs.openclaw.ai
 - Control UI: prevent stored XSS via assistant name/avatar by removing inline script injection, serving bootstrap config as JSON, and enforcing `script-src 'self'`. Thanks @Adam55A-code.
 - Web UI/Agents: hide `BOOTSTRAP.md` in the Agents Files list after onboarding is completed, avoiding confusing missing-file warnings for completed workspaces. (#17491) Thanks @gumadeiras.
 - Telegram: omit `message_thread_id` for DM sends/draft previews and keep forum-topic handling (`id=1` general omitted, non-general kept), preventing DM failures with `400 Bad Request: message thread not found`. (#10942) Thanks @garnetlyx.
+- Dev tooling: harden git `pre-commit` hook against option injection from malicious filenames (for example `--force`), preventing accidental staging of ignored files. Thanks @mrthankyou.
 - Subagents/Models: preserve `agents.defaults.model.fallbacks` when subagent sessions carry a model override, so subagent runs fail over to configured fallback models instead of retrying only the overridden primary model.
 - Config/Gateway: make sensitive-key whitelist suffix matching case-insensitive while preserving `passwordFile` path exemptions, preventing accidental redaction of non-secret config values like `maxTokens` and IRC password-file paths. (#16042) Thanks @akramcodez.
 - Group chats: always inject group chat context (name, participants, reply guidance) into the system prompt on every turn, not just the first. Prevents the model from losing awareness of which group it's in and incorrectly using the message tool to send to the same group. (#14447) Thanks @tyler6204.

git-hooks/pre-commit

@@ -1,9 +1,33 @@
-#!/bin/sh
-FILES=$(git diff --cached --name-only --diff-filter=ACMR | sed 's| |\\ |g')
-[ -z "$FILES" ] && exit 0
+#!/usr/bin/env bash
 
-echo "$FILES" | xargs pnpm lint --fix
-echo "$FILES" | xargs pnpm format --no-error-on-unmatched-pattern
-echo "$FILES" | xargs git add
+set -euo pipefail
 
-exit 0
+# Security: avoid option-injection from malicious file names (e.g. "--force").
+# Robustness: NUL-delimited file list handles spaces/newlines safely.
+mapfile -d '' -t files < <(git diff --cached --name-only --diff-filter=ACMR -z)
+
+if [ "${#files[@]}" -eq 0 ]; then
+  exit 0
+fi
+
+lint_files=()
+format_files=()
+for file in "${files[@]}"; do
+  case "$file" in
+    *.ts | *.tsx | *.js | *.jsx | *.mjs | *.cjs) lint_files+=("$file") ;;
+  esac
+
+  case "$file" in
+    *.ts | *.tsx | *.js | *.jsx | *.mjs | *.cjs | *.json | *.md | *.mdx) format_files+=("$file") ;;
+  esac
+done
+
+if [ "${#lint_files[@]}" -gt 0 ]; then
+  pnpm lint --fix -- "${lint_files[@]}"
+fi
+
+if [ "${#format_files[@]}" -gt 0 ]; then
+  pnpm format -- "${format_files[@]}"
+fi
+
+git add -- "${files[@]}"

test/git-hooks-pre-commit.test.ts

@@ -0,0 +1,23 @@
+import { readFileSync } from "node:fs";
+import path from "node:path";
+import { describe, expect, it } from "vitest";
+
+describe("git-hooks/pre-commit", () => {
+  it("avoids option injection and unsafe whitespace parsing", () => {
+    const scriptPath = path.join(process.cwd(), "git-hooks", "pre-commit");
+    const script = readFileSync(scriptPath, "utf8");
+
+    // NUL-delimited list: supports spaces/newlines in filenames.
+    expect(script).toMatch(/--name-only/);
+    expect(script).toMatch(/--diff-filter=ACMR/);
+    expect(script).toMatch(/\s-z\b/);
+    expect(script).toMatch(/mapfile -d '' -t files/);
+
+    // Option-injection hardening: always pass paths after "--".
+    expect(script).toMatch(/\ngit add -- /);
+
+    // The original bug used whitespace + xargs, and passed unsafe flags.
+    expect(script).not.toMatch(/xargs\s+git add/);
+    expect(script).not.toMatch(/--no-error-on-unmatched-pattern/);
+  });
+});

vitest.config.ts

@@ -33,7 +33,12 @@ export default defineConfig({
     unstubGlobals: true,
     pool: "forks",
     maxWorkers: isCI ? ciWorkers : localWorkers,
-    include: ["src/**/*.test.ts", "extensions/**/*.test.ts", "test/format-error.test.ts"],
+    include: [
+      "src/**/*.test.ts",
+      "extensions/**/*.test.ts",
+      "test/format-error.test.ts",
+      "test/git-hooks-pre-commit.test.ts",
+    ],
     setupFiles: ["test/setup.ts"],
     exclude: [
       "dist/**",