Add boxlite to run Python + deps

[Bl3f]

No description provided.

[cubic-dev-ai]

8 issues found across 18 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="apps/backend/src/trpc/project.routes.ts">

<violation number="1" location="apps/backend/src/trpc/project.routes.ts:295">
P2: The new `sandboxes` experimental setting is not tracked in the PostHog event for `ProjectAgentSettingsUpdated`, unlike the analogous `pythonSandboxing` setting. Consider adding `sandboxes_enabled: merged.experimental?.sandboxes` to the PostHog capture call in `updateAgentSettings`.</violation>
</file>

<file name="apps/backend/src/agents/tools/execute-sandboxed-code.ts">

<violation number="1" location="apps/backend/src/agents/tools/execute-sandboxed-code.ts:85">
P1: Path traversal vulnerability: `filename` from agent input is used unsanitized in `path.join(tmpDir, filename)` and `fs.writeFileSync`. A filename like `../../etc/foo` would write files outside the temp directory on the host filesystem. Sanitize by stripping directory components (e.g., `path.basename(filename)`).</violation>
</file>

<file name="apps/frontend/src/components/ui/settings-toggle-row.tsx">

<violation number="1" location="apps/frontend/src/components/ui/settings-toggle-row.tsx:6">
P2: `description` is rendered inside a `<p>` tag (line 24), but the type now allows arbitrary `React.ReactNode`. If a caller passes block-level elements (e.g., `<div>`, `<p>`), this produces invalid nested HTML and React hydration errors. Consider changing the wrapper from `<p>` to `<div>` or `<span>`, or narrowing the type to `string | React.ReactElement<HTMLSpanElement>`.</violation>
</file>

<file name="apps/frontend/src/styles.css">

<violation number="1" location="apps/frontend/src/styles.css:52">
P1: Bug: CSS variable name accidentally truncated — `--color-accent-foreground` was changed to `--color-accent-`. This breaks the Tailwind theme token for `accent-foreground`, meaning any utility class referencing this color (e.g., `text-accent-foreground`) will no longer resolve correctly.</violation>
</file>

<file name="apps/frontend/src/components/tool-calls/execute-sandboxed-code.tsx">

<violation number="1" location="apps/frontend/src/components/tool-calls/execute-sandboxed-code.tsx:72">
P2: Rendering bug: `(packages?.length || dataFiles?.length) && (...)` can render a literal `0` when both arrays are empty. Use boolean coercion: `(!!packages?.length || !!dataFiles?.length)`.</violation>

<violation number="2" location="apps/frontend/src/components/tool-calls/execute-sandboxed-code.tsx:74">
P2: Rendering bug: `packages?.length && (...)` will render a literal `0` in the DOM when `packages` is an empty array. Use a boolean coercion (`!!packages?.length`) or a ternary to avoid this.</violation>

<violation number="3" location="apps/frontend/src/components/tool-calls/execute-sandboxed-code.tsx:80">
P2: Same rendering bug: `dataFiles?.length && (...)` will render a literal `0` when `dataFiles` is an empty array. Use `!!dataFiles?.length` or a ternary.</violation>
</file>

<file name="apps/frontend/src/components/settings/experimental.tsx">

<violation number="1" location="apps/frontend/src/components/settings/experimental.tsx:80">
P2: Missing `rel='noopener noreferrer'` on `target='_blank'` link. The existing codebase pattern (e.g., `slack-config-section.tsx`) consistently includes this attribute on external links for security hardening.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P1: Path traversal vulnerability: filename from agent input is used unsanitized in path.join(tmpDir, filename) and fs.writeFileSync. A filename like ../../etc/foo would write files outside the temp directory on the host filesystem. Sanitize by stripping directory components (e.g., path.basename(filename)).

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At apps/backend/src/agents/tools/execute-sandboxed-code.ts, line 85:

<comment>Path traversal vulnerability: `filename` from agent input is used unsanitized in `path.join(tmpDir, filename)` and `fs.writeFileSync`. A filename like `../../etc/foo` would write files outside the temp directory on the host filesystem. Sanitize by stripping directory components (e.g., `path.basename(filename)`).</comment>

<file context>
@@ -0,0 +1,129 @@
+				}
+
+				const csvContent = queryResultToCsv(result);
+				const hostPath = path.join(tmpDir, filename);
+				fs.writeFileSync(hostPath, csvContent, 'utf-8');
+				await box.copyIn(hostPath, `${WORKING_DIR}/${filename}`);
</file context>

[cubic-dev-ai]

P2: The new sandboxes experimental setting is not tracked in the PostHog event for ProjectAgentSettingsUpdated, unlike the analogous pythonSandboxing setting. Consider adding sandboxes_enabled: merged.experimental?.sandboxes to the PostHog capture call in updateAgentSettings.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At apps/backend/src/trpc/project.routes.ts, line 295:

<comment>The new `sandboxes` experimental setting is not tracked in the PostHog event for `ProjectAgentSettingsUpdated`, unlike the analogous `pythonSandboxing` setting. Consider adding `sandboxes_enabled: merged.experimental?.sandboxes` to the PostHog capture call in `updateAgentSettings`.</comment>

<file context>
@@ -291,6 +292,7 @@ export const projectRoutes = {
 				experimental: z
 					.object({
 						pythonSandboxing: z.boolean().optional(),
+						sandboxes: z.boolean().optional(),
 					})
 					.optional(),
</file context>