From 326a1dacb93a4b76dfea3880dfc4f5a488c392bc Mon Sep 17 00:00:00 2001
From: Hunter Bown <hmbown@gmail.com>
Date: Fri, 8 May 2026 19:34:01 -0500
Subject: [PATCH] Potential fix for pull request finding 'CodeQL / Uncontrolled
 data used in path expression'

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 crates/tui/src/runtime_api.rs | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/crates/tui/src/runtime_api.rs b/crates/tui/src/runtime_api.rs
index 998cafe8..8662032b 100644
--- a/crates/tui/src/runtime_api.rs
+++ b/crates/tui/src/runtime_api.rs
@@ -1658,18 +1658,30 @@ fn run_git(workspace: &std::path::Path, args: &[&str]) -> Option<String> {
 }
 
 fn resolve_skills_dir(config: &Config, workspace: &std::path::Path) -> PathBuf {
-    let workspace = fs::canonicalize(workspace).unwrap_or_else(|_| workspace.to_path_buf());
+    let configured_skills_dir = config.skills_dir();
+    let trusted_root = fs::canonicalize(&configured_skills_dir).unwrap_or(configured_skills_dir.clone());
+
+    let workspace = match fs::canonicalize(workspace) {
+        Ok(path) => path,
+        Err(_) => return configured_skills_dir,
+    };
+
+    if !workspace.starts_with(&trusted_root) {
+        return configured_skills_dir;
+    }
+
     for candidate in [
         workspace.join(".agents").join("skills"),
         workspace.join("skills"),
     ] {
         if let Ok(candidate) = fs::canonicalize(candidate)
+            && candidate.starts_with(&trusted_root)
             && candidate.is_dir()
         {
             return candidate;
         }
     }
-    config.skills_dir()
+    configured_skills_dir
 }
 
 fn load_mcp_config_or_default(path: &std::path::Path) -> Result<McpConfig, ApiError> {