Injection detection is too strict, and caused a false positive when I used "repeatable" in a PR description

[derekmisler]

Summary

Fixes overly aggressive injection detection patterns that were causing false positives in legitimate content. The security filter was incorrectly flagging content containing words like "system models" in release notes due to overly broad regex patterns. This update makes the patterns more specific while maintaining security effectiveness.

Changes

Modified

• security/sanitize-input.sh - Refined regex patterns to reduce false positives while maintaining security
• tests/test-security.sh - Added comprehensive test cases for both false positive prevention and continued security coverage

Technical Details

The injection detection system was using overly broad patterns that matched legitimate technical content:

Key changes:

• system.*mode pattern: Changed from "system.*mode" to "system.{0,20}mode([^a-z]|$)" to avoid matching compound words like "system models" while still catching actual "system mode" injection attempts
• repeat.*system.*prompt pattern: Made more specific by requiring "repeat.*(your|the|back).*system.*prompt" to target actual prompt extraction attempts
• show.*system.*prompt pattern: Similarly refined to "show.*(your|the).*system.*prompt" to be more targeted

The original patterns were causing false positives when legitimate technical documentation mentioned:

• "system models" (in AI/ML contexts)
• "repeatable" (in general usage)
• Other compound words containing these substrings

Testing

• Added Test 16: Verifies release notes with "system models" are not flagged as false positives
• Added Test 17: Confirms real "system mode" injection attempts are still properly blocked
• Existing security tests continue to pass
• Manual testing with the original false positive case

Test coverage:

• False positive prevention for legitimate technical content
• Continued detection of actual injection attempts
• Regression testing for the specific "repeatable" case mentioned in the PR title

Breaking Changes

None - this change only reduces false positives while maintaining the same security protection level.

Related Issues

Fixes the false positive issue where using "repeatable" in PR descriptions triggered injection detection warnings.

Checklist

• Code follows project style guidelines
• Self-review completed
• Security implications carefully considered
• Comprehensive test cases added
• Tests pass locally
• No reduction in actual security protection
• False positive scenarios documented and tested

[derekmisler]

/describe

[github-actions]

❌ Failed to generate PR description. Check workflow logs for details.

[derekmisler]

/describe

[github-actions]

✅ PR description has been generated and updated!

[derekmisler]

/describe

[github-actions]

✅ PR description has been generated and updated!