Security checklist specific to c-lord — subprocess injection, env leaks, input validation
This project runs arbitrary Claude Code sessions triggered by Discord messages. Security is the #1 priority.
runner.py, _run_helper.py, or any Cog| Threat | Vector | Mitigation |
|---|---|---|
| Command injection | User message passed to CLI args | create_subprocess_exec (no shell), -- separator |
| Flag injection | Prompt starting with - |
-- separator before prompt |
| Session hijack | Fake session ID | Strict regex validation ^[a-f0-9\-]+$ |
| Skill injection | Malicious skill name | Strict regex validation ^[\w-]+$ |
| Secret exfiltration | Claude Bash tool reads env | Strip secrets from subprocess env |
| Nesting attack | Claude spawns another c-lord | Strip CLAUDECODE from env |
| Token theft | Bot token in logs/errors | Never log tokens, strip from env |
asyncio.create_subprocess_exec (NEVER shell=True)-- separator is always placed before user-provided prompt textre.match(r"^[a-f0-9\-]+$", session_id)re.match(r"^[\w-]+$", name)_STRIPPED_ENV_KEYS includes all secret environment variablesDISCORD_BOT_TOKEN is stripped from subprocess envCLAUDECODE is stripped (prevents nesting detection bypass)logger.info/debug/warning/error calls).env file is in .gitignoreuv.lock# Search for dangerous patterns
grep -rn "shell=True" c_lord/
grep -rn "subprocess\.call" c_lord/
grep -rn "subprocess\.run" c_lord/
# Check that secrets are stripped
grep -n "_STRIPPED_ENV_KEYS" c_lord/claude/runner.py
# Verify .env is gitignored
grep "\.env" .gitignore