fix: Unauthenticated commit API can create product markdown files

[jonathanchang31]

Summary

Fixes path traversal in POST /api/pipeline/extract-products-from-source/commit.
The commit API previously accepted client-controlled category, vendor, productLine, slug, and sourcePath values without enough validation. A crafted request could create product markdown files outside PRODUCT_MCP_DATA_DIR.
This patch adds shared path-safety validation so product skeleton writes and source-path resolution stay inside the configured data root.

Related Issue

Fixed: #22

Change Type

• Security fix
• Bug fix
• Input validation hardening
• Regression tests
• New feature
• UI change
• Documentation only
• Refactor only

Real Behavior Proof

Before Fix

A crafted request could create a file outside PRODUCT_MCP_DATA_DIR:

curl -sS -i -X POST http://localhost:3210/api/pipeline/extract-products-from-source/commit \
  -H 'Content-Type: application/json' \
  --data '{"sourcePath":"../../README.md","slugs":["evil"],"proposed":[{"slug":"evil","model_number":"Evil","marketing_name":"Traversal Proof","confidence":1}],"category":"../../../../../../../tmp/pde-owned","vendor":"attacker","productLine":"line"}'

Observed before fix:

HTTP/1.1 200 OK
Created path: /tmp/pde-owned/attacker/line/evil/evil.md

After Fix

The same request is rejected:

HTTP/1.1 400 Bad Request
{"error":"category must be a safe path segment"}

The escaped file is not created:

Before: missing
After: missing

Validation Performed

npm run migrate:status

Result:

applied: 2
✓ 0001_init
✓ 0002_durable_jobs
up to date.

npm test

Result:

Test Files  6 passed (6)
Tests       43 passed (43)

npm run build

Result:

✓ Compiled successfully
✓ Generating static pages (26/26)

npm run dev

Result:

Local: http://localhost:3210
✓ Ready

Runtime route checks:

GET /              200 OK
GET /products/r770 200 OK

Exploit regression check:

POST /api/pipeline/extract-products-from-source/commit 400 Bad Request
/tmp/pde-owned was not created

Security Impact

This closes an arbitrary file creation primitive where a caller could write product markdown files outside the configured data directory.

The fix prevents:

• directory traversal through override metadata
• out-of-root product skeleton writes
• out-of-root sourcePath resolution
• unsafe product slug path construction

Checklist

• Reproduced the original issue locally
• Added shared path validation helpers
• Guarded final product skeleton write path
• Guarded source sidecar path resolution
• Added regression tests for traversal payloads
• Confirmed normal product skeleton creation still works
• Ran unit tests successfully
• Ran production build successfully
• Started the app locally
• Verified main app route works
• Verified product page works
• Re-ran exploit request and confirmed it is blocked
• Confirmed no escaped file is created

[jonathanchang31]

@aglover1221 Could you plz review my PR? Thanks! && I Love Product-data-extractor.