mirror of
https://github.com/kuaifan/dootask.git
synced 2026-01-26 12:38:13 +00:00
75073d4320
Security fixes: - Add escapeUserInput() to prevent Prompt injection via user input - Validate msgId belongs to dialogId in updateMessageStatus() - Add type parameter whitelist validation in ai-apply/ai-dismiss - Add event record validation in task__ai_dismiss Robustness fixes: - Use atomic update for markProcessing to prevent concurrent processing - Add subtask count limit check before creation (max 50) - Disable similar task feature until vector search is implemented - Fix Promise anti-pattern in frontend actions Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering>