OpenRouterTeam · la14-1 · Mar 28, 2026 · Mar 28, 2026
diff --git a/sh/e2e/lib/clouds/digitalocean.sh b/sh/e2e/lib/clouds/digitalocean.sh
@@ -174,7 +174,7 @@ _digitalocean_exec() {
   # Base64-encode the command to prevent shell injection when passed as an
   # SSH argument. The encoded string contains only [A-Za-z0-9+/=] characters,
   # making it safe to embed in single quotes. Stdin is preserved for callers
-  # that pipe data into cloud_exec.
+  # that pipe data into cloud_exec (e.g. verify.sh pipes data via stdin).
   local encoded_cmd
   encoded_cmd=$(printf '%s' "${cmd}" | base64 | tr -d '\n')
 
@@ -186,6 +186,10 @@ _digitalocean_exec() {
     return 1
   fi
 
+  # Pass the validated base64 payload inside single quotes in the SSH command.
+  # This is safe because base64 output ([A-Za-z0-9+/=]) cannot contain single
+  # quotes or any shell metacharacters. Stdin is NOT used here — callers may
+  # pipe their own data into cloud_exec (see verify.sh:245).
   ssh -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/dev/null \
       -o ConnectTimeout=10 -o LogLevel=ERROR -o BatchMode=yes \
       "root@${ip}" "printf '%s' '${encoded_cmd}' | base64 -d | bash"