🛡️ Sentinel: Fix Windows cmd.exe environment variable injection

[adolago]

🚨 Severity: MEDIUM
💡 Vulnerability: Windows cmd.exe environment variable expansion in command arguments.
🎯 Impact: An attacker controlling a variable used in a command module argument could inject environment variables (e.g., %SECRET%) which would be expanded by cmd.exe, potentially leaking sensitive information.
🔧 Fix:

1. Implemented cmd_arg_escape in src/utils/mod.rs which escapes % as %"", breaking the variable token and preventing expansion in cmd.exe.
2. Updated CommandModule (src/modules/command.rs) to use cmd_arg_escape for argv elements when executing on Windows/cmd.
3. Updated validate_command_args (src/modules/mod.rs) to treat % as a dangerous character, rejecting it in raw command strings to enforce safer usage patterns.
   ✅ Verification: Added tests/security_windows_command_injection.rs verifying that % is rejected by validation and properly escaped in arguments. Confirmed existing security tests pass.

---

PR created automatically by Jules for task 6690147054926803037 started by @dolagoartur

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9252578fcf

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Preserve literal percent signs in cmd argument escaping

The new cmd_arg_escape mapping '%'=>"%\"\"" still leaves a %...% token in the final command (for example %USERNAME% becomes "%""USERNAME%"""), so cmd.exe can still treat it as environment-variable expansion and rewrite the argument instead of passing a literal %...%. In CommandModule::get_command_string this affects every argv element for shell_type="cmd", so legitimate Windows arguments containing % are now corrupted at execution time.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Scope percent-sign blocking to Windows cmd contexts

Adding % to dangerous_patterns makes validate_command_args reject all raw commands containing %, even on non-Windows shells where % is commonly valid (for example date +%F or printf '%s\n'). Because CommandModule::validate_params runs this validation before shell-type handling, this introduces a cross-platform behavior regression from a Windows-specific security fix.

Useful? React with 👍 / 👎.