fix(sdk,core): unblock CI on PR #3173

ericallam · ericallam · commit 64699af6f251 · 2026-04-30T21:18:58.000+01:00
- typesVersions: add `ai/skills-runtime` mapping (was missing → check-exports
  failed with NoResolution on `@trigger.dev/sdk/ai/skills-runtime`).
- chat.store JSON Patch: reject `__proto__`, `constructor`, `prototype`
  segments at parseJsonPointer. Closes the two CodeQL prototype-pollution
  alerts on chat-client.ts:108 / :120 — a malicious patch like
  `{ op: "replace", path: "/__proto__/x", value: 1 }` would otherwise
  walk into Object.prototype via `parent[lastToken] = value`. Throws a
  clear error on the whole patch instead.
diff --git a/packages/core/src/v3/chat-client.ts b/packages/core/src/v3/chat-client.ts
@@ -49,15 +49,27 @@ export type ChatStoreChunk = ChatStoreSnapshotChunk | ChatStoreDeltaChunk;
 // JSON Pointer paths. Used by `chat.store.patch()` on the agent and
 // the matching client-side `applyStorePatch` on the transport.
 
+// Reject these segments at the parser to prevent prototype pollution: a
+// malicious patch like `{ op: "replace", path: "/__proto__/polluted", value: 1 }`
+// would otherwise mutate Object.prototype. Patches with these keys aren't
+// legitimate for chat.store, so reject the whole patch with a clear error.
+const FORBIDDEN_POINTER_SEGMENTS = new Set(["__proto__", "constructor", "prototype"]);
+
 function parseJsonPointer(path: string): string[] {
   if (path === "") return [];
   if (!path.startsWith("/")) {
     throw new Error(`Invalid JSON Pointer (must start with "/"): ${path}`);
   }
-  return path
+  const tokens = path
     .slice(1)
     .split("/")
     .map((segment) => segment.replace(/~1/g, "/").replace(/~0/g, "~"));
+  for (const token of tokens) {
+    if (FORBIDDEN_POINTER_SEGMENTS.has(token)) {
+      throw new Error(`Invalid JSON Pointer segment "${token}" in path "${path}"`);
+    }
+  }
+  return tokens;
 }
 
 function cloneValue<T>(value: T): T {
diff --git a/packages/trigger-sdk/package.json b/packages/trigger-sdk/package.json
@@ -42,6 +42,9 @@
       "ai": [
         "dist/commonjs/v3/ai.d.ts"
       ],
+      "ai/skills-runtime": [
+        "dist/commonjs/v3/agentSkillsRuntime.d.ts"
+      ],
       "ai/test": [
         "dist/commonjs/v3/test/index.d.ts"
       ],
