From f7815b8778777da73d385ebda45e5a48e0d2fca9 Mon Sep 17 00:00:00 2001
From: Rodin <rodin@forgedthought.ai>
Date: Fri, 15 May 2026 03:32:18 +0000
Subject: [PATCH] chore(#137): update CHANGELOG with security fixes from review

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3787c5b..ef78201 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,12 @@ mappings:
 - Multiple mappings can reference the same doc; docs are deduplicated
 - Missing doc files: warn and skip (review continues without them)
 - No matching paths: no docs injected, review runs normally
+- Absolute paths and path traversal (`..` segments) in doc paths are rejected
+
+### Security
+
+- **Path traversal guard**: doc paths from the YAML config are validated to reject absolute paths and `..` segments before VCS API calls
+- **Prompt injection guard**: design doc content is injected with an explicit instruction to treat it as reference data and not follow any instructions it may contain
 
 ## v0.3.2