The shipped .github/commands/ TOML templates still use !{echo $VAR} shell-execution syntax. PR #511 migrated examples/workflows/ to @{file} but missed these shipped templates.
Impact: Any public issue author can trigger bash pathname expansion and prompt injection on every repo using run-gemini-cli.
Fix: Submitted PR with migration to @{.gemini/context/VAR.txt}.
Ref: GHSA-62f2-6rx8-v262
The shipped
.github/commands/TOML templates still use!{echo $VAR}shell-execution syntax. PR #511 migratedexamples/workflows/to@{file}but missed these shipped templates.Impact: Any public issue author can trigger bash pathname expansion and prompt injection on every repo using run-gemini-cli.
Fix: Submitted PR with migration to
@{.gemini/context/VAR.txt}.Ref: GHSA-62f2-6rx8-v262