From d2a0fd875a5e14dfa092dc11c9e361ceed05bfb0 Mon Sep 17 00:00:00 2001
From: Gauvino <contact@uruk.dev>
Date: Mon, 1 Jun 2026 20:32:39 +0200
Subject: [PATCH] fix(detect-duplicate): sanitize reposted issue titles

Security audit: the bot echoes other issues' titles back into a comment, so a
maliciously-named issue could ping (@everyone) or inject markdown/HTML. Break
@-mentions with a zero-width space and strip markdown/HTML control chars before
posting.
---
 scripts/detect-duplicate-issue.mjs | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/scripts/detect-duplicate-issue.mjs b/scripts/detect-duplicate-issue.mjs
index c951bcb7b..6d42e8573 100644
--- a/scripts/detect-duplicate-issue.mjs
+++ b/scripts/detect-duplicate-issue.mjs
@@ -111,10 +111,20 @@ if (!matches.length) {
   process.exit(0);
 }
 
+// Neutralise other issues' titles before echoing them back: break @mentions and
+// strip markdown/HTML control chars so a maliciously-named issue can't ping people
+// or inject formatting into our comment. GitHub linkifies "#123" on its own.
+const safeTitle = (t) =>
+  (t || "")
+    .replace(/@/g, "@​")
+    .replace(/[`<>|*_~[\]]/g, " ")
+    .replace(/\s+/g, " ")
+    .trim()
+    .slice(0, 140);
 const list = matches
   .map(
     (m) =>
-      `- #${m.number} — ${m.title} _(≈ ${Math.round(m.s * 100)}% similar)_`,
+      `- #${m.number} — ${safeTitle(m.title)} (≈ ${Math.round(m.s * 100)}% similar)`,
   )
   .join("\n");
 const comment = [