Input Validation¶
ZapTrace processes user-provided design files, prompts, paths, and agent/tool parameters. These inputs must be treated as untrusted.
Rules¶
- Parse YAML with safe loaders only.
- Validate parsed designs with typed schemas/models before use.
- Normalize and bound file paths before writing generated artifacts.
- Do not pass untrusted input to shell commands.
- Treat branch names, tags, PR titles, and workflow inputs as untrusted CI metadata.
- Use explicit allowlists for workflow inputs where possible.
- Make skip/fail/pass states explicit for external tools.
High-risk areas¶
- YAML parser and project schema ingestion.
- KiCad/Gerber/BOM/export file naming and output roots.
- MCP/API tool parameters.
- Plugin manifests and runtime capabilities.
- Release and CI workflows.
Review checklist¶
For input-facing changes, answer:
- What is the trust boundary?
- What validation rejects malformed input?
- Could this write outside the intended directory?
- Could this run shell commands or interpret code?
- Is the failure mode explicit and test-covered?