From 10799dc71c85c036115a3ed8b4fd4ab5ae091442 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 14:53:25 +0000
Subject: [PATCH 1/2] Initial plan


From 3bc5d88f1878a68e8fa35a56f5ce9524d1bef150 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 14:54:39 +0000
Subject: [PATCH 2/2] Add agent name allowlist validation in docker build
 workflow

Co-authored-by: pmalarme <686568+pmalarme@users.noreply.github.com>
---
 .github/workflows/python-docker-build.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/python-docker-build.yml b/.github/workflows/python-docker-build.yml
index dd9b5b9..8210313 100644
--- a/.github/workflows/python-docker-build.yml
+++ b/.github/workflows/python-docker-build.yml
@@ -46,6 +46,10 @@ jobs:
             | cut -d/ -f2 \
             | sort -u \
             | while read -r agent; do
+                if [[ ! "$agent" =~ ^[a-z0-9][a-z0-9_-]*$ ]]; then
+                  echo "::warning::Skipping agent with invalid name: '$agent'" >&2
+                  continue
+                fi
                 if [[ -f "agents/$agent/Dockerfile" ]]; then
                   echo "$agent"
                 fi