fix(security): add Zod validation and ReDoS protection

- Add ModelRouterConfigSchema to schemas.ts with full validation
- Update loadModelRouterConfig() to use parseConfigSafe()
- Add safeRegexTest() with input truncation and timing detection
- Fix test expectation for empty frame name validation
- Add safe action patterns for claude-sm and log viewing

Addresses code review findings:
- Issue #1: Missing Zod validation in model-router.ts
- Issue #2: ReDoS vulnerability in whatsapp-commands.ts:377

Author: jonathanpeterwu

src/__tests__/generated/frame-manager.generated.test.ts

@@ -39,7 +39,9 @@ describe('frame-manager', () => {
 
     // Assert
     expect(result).toBeTypeOf('string');
-    expect(result).toMatch(/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/);
+    expect(result).toMatch(
+      /^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/
+    );
   });
 
   it('should handle null input in createFrame', () => {
@@ -56,20 +58,17 @@ describe('frame-manager', () => {
     // Arrange
     const params = { type: 'task', name: '', inputs: {} };
 
-    // Act
-    const result = frameManager.createFrame(params);
-
-    // Assert
-    expect(result).toBeDefined();
-    const frame = frameManager.getFrame(result);
-    expect(frame?.name).toBe('');
+    // Act & Assert - empty name should throw validation error
+    expect(() => frameManager.createFrame(params)).toThrow(
+      'Frame name is required'
+    );
   });
 
   it('should execute getFrame successfully with valid input', () => {
     // Arrange
-    const frameId = frameManager.createFrame({ 
-      type: 'task', 
-      name: 'Test Frame' 
+    const frameId = frameManager.createFrame({
+      type: 'task',
+      name: 'Test Frame',
     });
 
     // Act
@@ -96,7 +95,7 @@ describe('frame-manager', () => {
     // Arrange
     const frameId = frameManager.createFrame({
       type: 'task',
-      name: 'Frame to close'
+      name: 'Frame to close',
     });
 
     // Act
@@ -120,15 +119,19 @@ describe('frame-manager', () => {
     // Arrange
     const frameId = frameManager.createFrame({
       type: 'task',
-      name: 'Event test frame'
+      name: 'Event test frame',
     });
     const eventData = {
       type: 'test-event',
-      data: { message: 'Test event data' }
+      data: { message: 'Test event data' },
     };
 
     // Act
-    frameManager.addEvent('tool_call', { tool: 'test', args: eventData.data }, frameId);
+    frameManager.addEvent(
+      'tool_call',
+      { tool: 'test', args: eventData.data },
+      frameId
+    );
     const frame = frameManager.getFrame(frameId);
 
     // Assert
@@ -140,13 +143,13 @@ describe('frame-manager', () => {
     // Arrange
     const parentId = frameManager.createFrame({
       type: 'task',
-      name: 'Parent Frame'
+      name: 'Parent Frame',
     });
-    
+
     const childId = frameManager.createFrame({
       type: 'subtask',
       name: 'Child Frame',
-      parentFrameId: parentId
+      parentFrameId: parentId,
     });
 
     // Act
@@ -161,15 +164,15 @@ describe('frame-manager', () => {
     // Arrange
     let currentParentId = frameManager.createFrame({
       type: 'root',
-      name: 'Root Frame'
+      name: 'Root Frame',
     });
 
     // Act - Create nested frames up to max depth
     for (let i = 0; i < 10; i++) {
       const childId = frameManager.createFrame({
         type: 'nested',
         name: `Level ${i + 1}`,
-        parentFrameId: currentParentId
+        parentFrameId: currentParentId,
       });
       currentParentId = childId;
     }
@@ -179,7 +182,7 @@ describe('frame-manager', () => {
       frameManager.createFrame({
         type: 'too-deep',
         name: 'Exceeds max depth',
-        parentFrameId: currentParentId
+        parentFrameId: currentParentId,
       });
     }).not.toThrow();
   });
@@ -194,7 +197,7 @@ describe('frame-manager', () => {
         Promise.resolve(
           frameManager.createFrame({
             type: 'concurrent',
-            name: `Frame ${i}`
+            name: `Frame ${i}`,
           })
         )
       );
@@ -211,7 +214,7 @@ describe('frame-manager', () => {
     // Arrange
     const frameId = frameManager.createFrame({
       type: 'persistent',
-      name: 'Persistent Frame'
+      name: 'Persistent Frame',
     });
 
     // Act - Create new manager instance with same DB
@@ -229,8 +232,8 @@ describe('frame-manager', () => {
       type: 'large',
       name: 'Large Data Frame',
       inputs: {
-        data: 'x'.repeat(10000) // 10KB of data
-      }
+        data: 'x'.repeat(10000), // 10KB of data
+      },
     };
 
     // Act
@@ -249,8 +252,8 @@ describe('frame-manager', () => {
       name: 'Frame with "quotes" and \'apostrophes\' and \\backslashes',
       inputs: {
         sql: "'; DROP TABLE frames; --",
-        unicode: '😀🎉🔥'
-      }
+        unicode: '😀🎉🔥',
+      },
     };
 
     // Act
@@ -261,4 +264,4 @@ describe('frame-manager', () => {
     expect(frame?.name).toBe(specialChars.name);
     expect(frame?.inputs).toEqual(specialChars.inputs);
   });
-});
+});

src/core/models/model-router.ts

@@ -7,6 +7,10 @@ import { existsSync, readFileSync } from 'fs';
 import { join } from 'path';
 import { homedir } from 'os';
 import { writeFileSecure, ensureSecureDir } from '../../hooks/secure-fs.js';
+import {
+  ModelRouterConfigSchema,
+  parseConfigSafe,
+} from '../../hooks/schemas.js';
 
 export type ModelProvider =
   | 'anthropic'
@@ -107,13 +111,18 @@ const DEFAULT_CONFIG: ModelRouterConfig = {
 };
 
 /**
- * Load model router configuration
+ * Load model router configuration with Zod validation
  */
 export function loadModelRouterConfig(): ModelRouterConfig {
   try {
     if (existsSync(CONFIG_PATH)) {
       const data = JSON.parse(readFileSync(CONFIG_PATH, 'utf8'));
-      return { ...DEFAULT_CONFIG, ...data };
+      return parseConfigSafe(
+        ModelRouterConfigSchema,
+        { ...DEFAULT_CONFIG, ...data },
+        DEFAULT_CONFIG,
+        'model-router'
+      );
     }
   } catch {
     // Use defaults

src/hooks/schemas.ts

@@ -159,7 +159,67 @@ export const WhatsAppCommandsConfigSchema = z.object({
   commands: z.array(WhatsAppCommandSchema).max(50),
 });
 
+// Model Router schemas
+export const ModelProviderSchema = z.enum([
+  'anthropic',
+  'qwen',
+  'openai',
+  'ollama',
+  'custom',
+]);
+
+export const ModelConfigSchema = z.object({
+  provider: ModelProviderSchema,
+  model: z.string().max(100),
+  baseUrl: z.string().url().max(500).optional(),
+  apiKeyEnv: z.string().max(100),
+  headers: z.record(z.string().max(500)).optional(),
+  params: z.record(z.unknown()).optional(),
+});
+
+export const ModelRouterConfigSchema = z.object({
+  enabled: z.boolean(),
+  defaultProvider: ModelProviderSchema,
+  taskRouting: z
+    .object({
+      plan: ModelProviderSchema.optional(),
+      think: ModelProviderSchema.optional(),
+      code: ModelProviderSchema.optional(),
+      review: ModelProviderSchema.optional(),
+    })
+    .optional()
+    .default({}),
+  fallback: z.object({
+    enabled: z.boolean(),
+    provider: ModelProviderSchema,
+    onRateLimit: z.boolean(),
+    onError: z.boolean(),
+    onTimeout: z.boolean(),
+    maxRetries: z.number().int().min(0).max(10),
+    retryDelayMs: z.number().int().min(100).max(30000),
+  }),
+  providers: z
+    .object({
+      anthropic: ModelConfigSchema.optional(),
+      qwen: ModelConfigSchema.optional(),
+      openai: ModelConfigSchema.optional(),
+      ollama: ModelConfigSchema.optional(),
+      custom: ModelConfigSchema.optional(),
+    })
+    .optional()
+    .default({}),
+  thinkingMode: z.object({
+    enabled: z.boolean(),
+    budget: z.number().int().min(1000).max(100000).optional(),
+    temperature: z.number().min(0).max(2).optional(),
+    topP: z.number().min(0).max(1).optional(),
+  }),
+});
+
 // Type exports
+export type ModelRouterConfigValidated = z.infer<
+  typeof ModelRouterConfigSchema
+>;
 export type SMSConfigValidated = z.infer<typeof SMSConfigSchema>;
 export type ActionQueueValidated = z.infer<typeof ActionQueueSchema>;
 export type AutoBackgroundConfigValidated = z.infer<

src/hooks/sms-action-runner.ts

@@ -54,6 +54,12 @@ const SAFE_ACTION_PATTERNS: Array<{
   { pattern: /^help$/i },
   { pattern: /^sync$/i },
 
+  // Claude Code launcher
+  { pattern: /^claude-sm$/ },
+
+  // Log viewing (safe read-only)
+  { pattern: /^tail -\d+ ~\/\.claude\/logs\/\*\.log$/ },
+
   // Custom aliases (cwm = claude worktree merge)
   { pattern: /^cwm$/ },