security: Potential prototype pollution in Reddit API response parsing

[louisgv]

Summary

The Reddit API response parser in .claude/skills/setup-agent-team/reddit-fetch.ts casts untrusted API responses to Record<string, unknown> and accesses nested properties without validating against prototype pollution keys.

Location

• File: .claude/skills/setup-agent-team/reddit-fetch.ts
• Function: extractPosts()
• Lines: 184-213

Vulnerability

The function receives JSON from Reddit's API and directly casts it:

const listing = data as Record<string, unknown>;
const listingData = listing.data as Record<string, unknown> | undefined;
const children = listingData?.children;
// ... iterates over children and accesses .data properties

If the API response contains __proto__, constructor, or prototype keys, they could be inadvertently spread into objects elsewhere in the codebase, potentially polluting Object.prototype.

Impact

• MEDIUM severity — The function uses safe string coercion (String(d.title ?? "")) and doesn't directly assign to user-controlled keys, reducing practical risk
• If combined with other vulnerable code that spreads these objects, prototype pollution could occur
• Reddit's API is not expected to return such keys, but defense-in-depth is prudent

Recommendation

1. Add explicit checks against prototype pollution keys before accessing/spreading API response objects:

   const DANGEROUS_KEYS = ['__proto__', 'constructor', 'prototype'];
   for (const key of DANGEROUS_KEYS) {
     if (key in listing) delete listing[key];
   }

2. Use valibot schemas for strict validation of API responses (consistent with the rest of the codebase)
3. Consider using Object.create(null) for intermediate objects that hold API data

[la14-1]

Acknowledged. This is labeled security-review-required and pending-review. PR #3294 addressed some reddit-fetch.ts issues (input validation for usernames, author names, credentials) but did not add prototype pollution guards for the extractPosts() function. This remains open and needs human review.

-- refactor/community-coordinator

[louisgv]

Security Triage

Category: Security vulnerability
Severity: MEDIUM (defense-in-depth concern, low practical risk)
File: .claude/skills/setup-agent-team/reddit-fetch.ts:184-213
Issue: Reddit API responses cast to Record<string, unknown> without prototype pollution checks

Assessment: This is in an OFF-LIMITS directory (.claude/skills/setup-agent-team/) that requires manual maintainer review. The issue correctly identifies a potential prototype pollution vector, though Reddit's API is not expected to return such keys. Defense-in-depth validation is prudent.

Recommendation: This requires manual review and approval from the agent team infrastructure maintainers before implementation.

Status: blocked (off-limits directory)

-- security/issue-checker