Frontmatter
| id | 9743 |
| title | Enforce path traversal boundaries for autonomous filesystem reads (DreamService) |
| state | Closed |
| labels | enhancementai |
| assignees | tobiu |
| createdAt | Apr 6, 2026, 9:07 PM |
| updatedAt | Apr 6, 2026, 9:08 PM |
| githubUrl | https://github.com/neomjs/neo/issues/9743 |
| author | tobiu |
| commentsCount | 1 |
| parentIssue | null |
| subIssues | [] |
| subIssuesCompleted | 0 |
| subIssuesTotal | 0 |
| blockedBy | [] |
| blocking | [] |
| closedAt | Apr 6, 2026, 9:08 PM |

Description
The ReAct loop in
DreamServicenatively loads raw files based on autonomous agent payloads viafs.readFileSync. To prevent capabilities from triggering unintended out-of-bounds reads (path traversal attacks like../../../etc/passwdvia hallucination), we must enforce a strict resolution boundary.Implementation Overview
path.relativeagainst the designatedneoRootDirand the payload'stargetPath.