🛡️ Sentinel: [CRITICAL] Fix Path Traversal (Zip Slip) in Skills Import

.jules/sentinel.md

@@ -0,0 +1,4 @@
+## 2025-05-23 - Prevent Zip Slip Vulnerability in Skills Import
+**Vulnerability:** Path traversal (Zip Slip) vulnerability found in `helpers/skills_import.py` when using `z.extractall()` without validating archive members.
+**Learning:** `zipfile.ZipFile.extractall()` does not inherently prevent path traversal using relative paths (`../`), allowing maliciously crafted ZIP files to overwrite files outside the intended extraction directory.
+**Prevention:** Always validate every member of `z.namelist()` to ensure its resolved absolute path falls within the intended target directory before extracting.

helpers/skills_import.py

@@ -94,6 +94,11 @@ def _unzip_to_temp_dir(zip_path: Path) -> Path:
     target.mkdir(parents=True, exist_ok=True)
 
     with zipfile.ZipFile(zip_path, "r") as z:
+        target_resolved = target.resolve()
+        for member in z.namelist():
+            member_path = (target / member).resolve()
+            if not member_path.is_relative_to(target_resolved):
+                raise ValueError(f"Unsafe path in archive: {member}")
         z.extractall(target)
 
     # If zip contains a single top-level folder, treat that as the root