Fixed policy ai editor scroll

[Itsnotaka]

No description provided.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
app	Ready	Preview	Comment	Dec 4, 2025 3:43pm
portal	Ready	Preview	Comment	Dec 4, 2025 3:43pm

[comp-ai-code-review]

🔒 Comp AI - Security Review

🟡 Risk Level: MEDIUM

OSV: xlsx@0.18.5 has two HIGH CVEs (Prototype Pollution, ReDoS); ai@5.0.0 has a LOW CVE (fixed in 5.0.52). Code: unsanitized policyId/messages and unvalidated AI input present in changed files.

---

📦 Dependency Vulnerabilities

🟠 NPM Packages (HIGH)

Risk Score: 8/10 | Summary: 2 high, 1 low CVEs found

Package	Version	CVE	Severity	CVSS	Summary	Fixed In
xlsx	0.18.5	GHSA-4r6h-8v6p-xvw6	HIGH	N/A	Prototype Pollution in sheetJS	No fix yet
xlsx	0.18.5	GHSA-5pgg-2g8v-p4x9	HIGH	N/A	SheetJS Regular Expression Denial of Service (ReDoS)	No fix yet
ai	5.0.0	GHSA-rwvc-j5jr-mgvh	LOW	N/A	Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files	5.0.52

---

🛡️ Code Security Analysis

View 3 file(s) with issues

🟡 apps/app/src/app/(app)/[orgId]/policies/[policyId]/editor/components/PolicyDetails.tsx (MEDIUM Risk)

#	Issue	Risk Level
1	policyId used directly in API path without validation	MEDIUM
2	No size/length limits on proposed policy content	MEDIUM

Recommendations:

1. Validate policyId on both client and server (ensure it matches expected format, e.g., UUID or database id), and enforce authorization checks server-side before any policy operations.
2. Enforce size/length limits for proposed policy content on the client and, critically, on the server (e.g., max characters and max request body size). Reject or truncate oversized inputs and return informative errors.
3. Ensure server-side validation of incoming TipTap JSON / markdown conversion output for structure and allowed node/mark types before persisting.
4. Apply authentication/authorization checks in updatePolicy API implementation and the chat transport endpoint. Do not rely solely on client-side controls.
5. Rate-limit endpoints that accept AI-proposed content to mitigate abuse and large payload submission.
6. Log and monitor large/failed attempts so abnormal usage patterns can be detected and mitigated.

🟡 apps/app/src/app/(app)/[orgId]/policies/[policyId]/editor/components/ai/policy-ai-assistant.tsx (MEDIUM Risk)

#	Issue	Risk Level
1	Unvalidated user input passed to sendMessage	MEDIUM

Recommendations:

1. Treat this as untrusted input end-to-end. Add server-side validation and sanitization for the text payload that sendMessage ultimately delivers to backend services.
2. On the client, perform basic validation (e.g., length limits, allowed characters or patterns) to provide early feedback, but do NOT rely on it for security.
3. Ensure any backend that consumes this text does not interpolate it directly into SQL, shell commands, eval(), templates, or HTML without proper escaping or parameterization. Use parameterized queries for databases and avoid exec()/system() calls with user data.
4. Escape or encode text on output (or sanitize HTML with a vetted library such as DOMPurify) instead of using dangerouslySetInnerHTML. Prefer rendering as plain text or using a safe markdown renderer that sanitizes input.
5. Apply rate limiting, input size caps, and authentication/authorization checks to mitigate abuse and injection attempts.
6. Audit the implementation of sendMessage in the parent code: verify how it transmits data (e.g., WebSocket/fetch) and how the server handles it; ensure server enforces schema validation (e.g., JSON schema) and rejects unexpected/oversized payloads.

🟡 apps/app/src/app/api/policies/[policyId]/chat/route.ts (MEDIUM Risk)

#	Issue	Risk Level
1	Unsanitized policyId used directly in DB query	MEDIUM
2	Unvalidated 'messages' JSON used directly in model calls	MEDIUM
3	Missing input validation for HTTP params and JSON body	MEDIUM
4	Potential runtime crash reading session.session.activeOrganizationId	MEDIUM

Recommendations:

1. Validate and sanitize policyId before using in DB queries. e.g., enforce an expected format (UUID regex) or convert/parse to the expected type and return 400 on invalid values.
2. Add runtime schema validation for the request body (messages) using zod/Joi/etc. Enforce message shape, allowed types, per-message length limits, and a maximum number of messages. Reject or truncate messages that exceed limits.
3. Protect against large requests and abuse: enforce content-length / body size limits at the API/middleware level, limit total characters/tokens passed to the model, and add per-user rate limiting and throttling for this endpoint.
4. Defensively read session fields: check session?.session exists (e.g., const organizationId = session?.session?.activeOrganizationId) and handle missing session properties with a clear error response instead of assuming nested fields exist.
5. Confirm the DB client (db) uses parameterized queries (e.g., an ORM like Prisma). Avoid constructing raw SQL with user input; if raw queries are needed, ensure proper parameterization/escaping.
6. Mitigate prompt injection from stored policy content: treat policy content as data (not executable instructions). Consider sanitizing or wrapping policy content (e.g., explicit delimiter + instruction to ignore embedded model directives) and limit the policy content length passed to the model.
7. Add robust error handling and observability (structured logs, metrics) so unexpected runtime exceptions (including ones from missing nested session fields) are visible and triaged quickly.
8. Consider server-side validation for the tools used (getPolicyTools()) and ensure tools themselves validate inputs. Also set model/request timeouts and explicit token limits (and enforce maxDuration) to reduce resource exhaustion risk.

---

💡 Recommendations

View 3 recommendation(s)

1. Upgrade vulnerable packages: update ai to >= 5.0.52 (resolves GHSA-rwvc-j5jr-mgvh) and upgrade xlsx to a patched release addressing GHSA-4r6h-8v6p-xvw6 and GHSA-5pgg-2g8v-p4x9; re-scan to confirm fixes.
2. In apps/app/src/app/api/policies/[policyId]/chat/route.ts validate and sanitize policyId before using it in DB queries (e.g., enforce UUID/ID format) and use parameterized ORM methods; add runtime schema validation for the request body (messages) with explicit per-message shape and length limits and return 400 on invalid input.
3. In apps/app/src/app/(app)/[orgId]/policies/[policyId]/editor/components/ai/policy-ai-assistant.tsx and related handlers, validate and sanitize AI input end-to-end (max length, allowed characters/patterns); ensure backend does not interpolate raw text into commands/queries/templates and avoid rendering untrusted HTML (do not use dangerouslySetInnerHTML without sanitization).

---

Powered by Comp AI - AI that handles compliance for you. Reviewed Dec 4, 2025

[claudfuen]

🎉 This PR is included in version 1.67.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀