From 597dff5a4398867b58b2e4282bd96d05c65a2c50 Mon Sep 17 00:00:00 2001
From: Natalie <natalie@lilithuwu.com>
Date: Tue, 2 Jun 2026 16:30:06 -0700
Subject: [PATCH] =?UTF-8?q?fix(@scripts):=20=F0=9F=90=9B=20secure=20remote?=
 =?UTF-8?q?=20command=20handling=20by=20base64=20encoding=20user=20input?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
---
 bin/remote-run | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/bin/remote-run b/bin/remote-run
index 9e82264..6d70a7d 100755
--- a/bin/remote-run
+++ b/bin/remote-run
@@ -22,9 +22,13 @@ shift
 
 session="claude-$(whoami)-$$-$(date +%s)"
 
-# Single-quote-escape the user command for safe embedding in remote bootstrap.
+# Base64-encode the user command so it embeds safely no matter what quotes,
+# pipes, semicolons, or newlines it contains. The remote side decodes it to a
+# script file and runs THAT — user content never lands in a shell-quoted
+# context where a stray " could break parsing (the old sed-escape only handled
+# ' and broke on any embedded ", splitting the command at the next | or ;).
 user_cmd=$*
-quoted_cmd=$(printf %s "$user_cmd" | sed "s/'/'\\\\''/g")
+cmd_b64=$(printf %s "$user_cmd" | base64 | tr -d '\n')
 
 # Remote bootstrap — runs the user command in its own bash subshell so that
 # any `exit` or `set -e` inside it does NOT short-circuit our exit-capture.
@@ -32,8 +36,10 @@ remote_cmd=$(cat <<REMOTE
 session='${session}'
 log="/tmp/\${session}.log"
 exitf="/tmp/\${session}.exit"
+cmdf="/tmp/\${session}.cmd"
+printf %s '${cmd_b64}' | base64 -d > "\$cmdf"
 : > "\$log"
-tmux new-session -d -s "\$session" "bash -c '${quoted_cmd}' > \$log 2>&1; echo \\\$? > \$exitf; tmux wait-for -S done-\$session" 2>/tmp/\${session}.tmuxerr
+tmux new-session -d -s "\$session" "bash \$cmdf > \$log 2>&1; echo \\\$? > \$exitf; tmux wait-for -S done-\$session" 2>/tmp/\${session}.tmuxerr
 if [ \$? -ne 0 ]; then
     echo "tmux failed to start session:" >&2
     cat /tmp/\${session}.tmuxerr >&2
@@ -49,7 +55,7 @@ kill \$tail_pid 2>/dev/null || true
 wait \$tail_pid 2>/dev/null || true
 code=\$(cat "\$exitf" 2>/dev/null || echo 1)
 tmux kill-session -t "\$session" 2>/dev/null || true
-rm -f "\$log" "\$exitf"
+rm -f "\$log" "\$exitf" "\$cmdf"
 exit \$code
 REMOTE
 )