From c1869244a5394a8332185cb633107768a060dfc8 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 6 Apr 2026 07:22:05 +0000
Subject: [PATCH] Refactor `toolExists` to use direct process execution

Removed string interpolation vulnerability by passing user-controlled arguments to `Process` securely rather than injecting them into a shell wrapper.

Co-authored-by: acebytes <2820910+acebytes@users.noreply.github.com>
---
 .jules/sentinel.md                          |  4 ++++
 Sources/Cacheout/Models/CacheCategory.swift | 14 ++++++++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 .jules/sentinel.md

diff --git a/.jules/sentinel.md b/.jules/sentinel.md
new file mode 100644
index 0000000..1d357b7
--- /dev/null
+++ b/.jules/sentinel.md
@@ -0,0 +1,4 @@
+## 2024-04-06 - Avoid string interpolation in shell wrappers
+**Vulnerability:** Using string interpolation (`\(variable)`) in shell commands (e.g., `/bin/bash -c`).
+**Learning:** Even if the input is currently static or tightly controlled, interpolating strings into shell wrappers creates a fragile pattern susceptible to severe command injection if the input ever becomes dynamic or user-controlled.
+**Prevention:** Use direct binary execution via `Process` and pass dynamic inputs securely as elements in the `process.arguments` array.
diff --git a/Sources/Cacheout/Models/CacheCategory.swift b/Sources/Cacheout/Models/CacheCategory.swift
index 7b3d942..fa2a37f 100644
--- a/Sources/Cacheout/Models/CacheCategory.swift
+++ b/Sources/Cacheout/Models/CacheCategory.swift
@@ -186,8 +186,18 @@ struct CacheCategory: Identifiable, Hashable {
     }
 
     private func toolExists(_ tool: String) -> Bool {
-        let result = shell("/usr/bin/which \(tool)")
-        return result != nil && !result!.isEmpty
+        let process = Process()
+        process.executableURL = URL(fileURLWithPath: "/usr/bin/which")
+        process.arguments = [tool]
+        process.standardOutput = FileHandle.nullDevice
+        process.standardError = FileHandle.nullDevice
+        do {
+            try process.run()
+            process.waitUntilExit()
+            return process.terminationStatus == 0
+        } catch {
+            return false
+        }
     }
 
     private func runProbe(_ command: String) -> String? {