Exploit for safe-chain-rce-poc

## https://sploitus.com/exploit?id=FAF1F608-0F4F-5E3C-913B-395440FA6B31
# safe-chain RCE PoC — Newline Injection in `safeSpawn.js`

**CVE/Report:** AIKIDO-27N49NUE  
**Severity:** High — Remote Code Execution  
**Affected:** `@aikidosec/safe-chain` — `packages/safe-chain/src/utils/safeSpawn.js`

## Vulnerability

`hasShellMetaChars()` in `safeSpawn.js` uses a regex allowlist that **does not include `\n`, `\r`, `%`, or `^`**.

On Windows, safe-chain uses `spawn(fullCommand, { shell: true })` — meaning a newline in a package name splits the shell command and executes arbitrary code.

```js
// Vulnerable regex (line 25 of safeSpawn.js)
const shellMetaChars = /[ "&'|;<>()$`\\!*?[\]{}~#]/;
//                      ↑ missing: \n \r % ^
```

## Live PoC

See the **Actions** tab for live CI output running the real `aikido-npm` and `aikido-pip` binaries on a `windows-latest` GitHub Actions runner — no patching, no mocking, real `os.platform() === "win32"`.

## Fix

```js
// Add \n \r % ^ to the regex:
const shellMetaChars = /[ "&'|;<>()$`\\!*?[\]{}~#%^\n\r]/;

// Also escape % inside double quotes (cmd.exe expands even inside quotes):
return arg.replace(/(["`$\\%])/g, "\\$1");
```