The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Mar 23, 2026 6:08pm

@cursor review

PR Summary

High Risk
High risk because it introduces server-side execution of user-provided PPTXGenJS code via a new subprocess VM and expands file-serving behavior (auto-compiling .pptx sources unless raw=1), plus a new remote-download tool that fetches external URLs into workspace storage.

Overview
Adds first-class PPTX generation/preview: workspace .pptx files can now represent PptxGenJS source (text/x-pptxgenjs) that is compiled on demand in api/files/serve (ZIP-magic check + raw=1 escape hatch) or via a new POST /api/workspaces/[id]/pptx/preview endpoint for streaming previews. The compilation runs in a new sandboxed Node subprocess (pptx-vm + pptx-worker.cjs) with IPC-brokered workspace file reads.

Updates the workspace FileViewer to render PPTX previews client-side by fetching binary content and converting slides to images with pptxviewjs (with small caching and debounced re-rendering for streaming updates), and adjusts query keys/hooks to support text/raw/binary modes.

Extends Copilot server tools: workspace_file gains a patch operation (search/replace edits with ambiguity checks) and .pptx writes/updates now persist as text/x-pptxgenjs; adds a new SSRF-hardened download_to_workspace_file tool and tightens tool permission enforcement/UX (propagate tool params, hide tool_search_tool_regex, improve display titles, and treat { success: false } tool outputs as failures).

^{Written by Cursor Bugbot for commit 5712ac4. Configure here.}

Greptile Summary

This PR adds a patch operation to the workspace file tool (search/replace edits without full rewrites), full PPTX capability via a sandboxed pptx-worker.cjs subprocess, a download_to_workspace_file tool for fetching remote URLs into workspace storage, and a PptxPreview component that renders compiled presentations slide-by-slide using pptxviewjs. It also wires pptxgenjs/worker into next.config.ts and trigger.config.ts for standalone and Trigger.dev builds, and improves copilot tool-call display labels for read and _respond tools.

Most security concerns raised in earlier review rounds have been resolved:

• RCE via new Function() → replaced with subprocess + vm.createContext null-prototype sandbox + stripped env
• SSRF via redirect-following → handled by secureFetchWithValidation
• Memory exhaustion → 50 MB cap enforced by secureFetchWithValidation
• workspaceId always empty in serve route → fixed via parseWorkspaceFileKey
• Streaming preview spawning unbounded subprocesses → fixed with 500ms debounce + AbortController
• pptx-worker.cjs missing from standalone output → fixed in next.config.ts

Remaining items:

• Stale slides bug in PptxPreview: when the file is updated or a different file is selected, old slides remain visible without any loading indicator until the first slide of the new render is ready, because the spinner condition is loading && slides.length === 0. A setSlides([]) reset before starting the render loop would fix this.
• Sequential patch semantics undocumented: edits are applied to progressively-modified content, so a later edit's search string can match inside an earlier edit's replace text; this should at minimum be documented as intended behavior.
• No compilation cache for compilePptxIfNeeded: every file serve spawns a fresh subprocess; with refetchOnWindowFocus: 'always' this adds latency on each tab switch.

Confidence Score: 4/5

• Safe to merge after a one-line fix for stale-slides display; no security or data-integrity blockers remain.
• The security-sensitive concerns from prior rounds (RCE, SSRF, memory exhaustion, subprocess env leakage) have all been addressed. The remaining open issue is a UX bug — stale slide images shown without a loading indicator when a file changes — which is clearly fixable with a single setSlides([]) call. The sequential-patch semantics issue is acknowledged but low-risk at AI usage volumes. No data loss, auth bypass, or production-reliability risk remains.
• apps/sim/app/workspace/[workspaceId]/files/components/file-viewer/file-viewer.tsx (stale-slides display bug in PptxPreview)

Important Files Changed

Sequence Diagram

sequenceDiagram
    participant UI as PptxPreview (Browser)
    participant Serve as /api/files/serve
    participant Preview as /api/workspaces/[id]/pptx/preview
    participant VM as pptx-vm.ts
    participant Worker as pptx-worker.cjs (subprocess)
    participant Storage as Workspace Storage

    Note over UI: Non-streaming path
    UI->>Serve: GET /api/files/serve/[key]?context=workspace
    Serve->>Storage: Download file buffer
    Storage-->>Serve: PptxGenJS source (text/x-pptxgenjs)
    Serve->>VM: compilePptxIfNeeded(buffer, filename, workspaceId)
    VM->>Worker: spawn node pptx-worker.cjs (env=PATH only)
    Worker-->>VM: IPC ready
    VM->>Worker: IPC { type: generate, code }
    opt getFileBase64 call
        Worker->>VM: IPC { type: getFile, fileReqId, fileId }
        VM->>Storage: getWorkspaceFile + downloadWorkspaceFile
        Storage-->>VM: file buffer
        VM->>Worker: IPC { type: fileResult, data: base64 }
    end
    Worker-->>VM: IPC { type: result, data: base64 }
    VM-->>Serve: compiled PPTX Buffer
    Serve-->>UI: binary PPTX (application/vnd.openxmlformats...)
    UI->>UI: renderPptxSlides → setSlides([...images])

    Note over UI: Streaming path (debounced 500ms)
    UI->>Preview: POST /api/workspaces/[id]/pptx/preview { code }
    Preview->>VM: generatePptxFromCode(code, workspaceId, req.signal)
    VM->>Worker: spawn + generate (same IPC flow)
    Worker-->>VM: result
    VM-->>Preview: Buffer
    Preview-->>UI: binary PPTX
    UI->>UI: renderPptxSlides → setSlides([...images])

_{Reviews (7): Last reviewed commit: "Add cache-busting timestamp to binary fi..." | Re-trigger Greptile}

@greptile

@cursor review

@greptile

@cursor review

@greptile

@cursor review

@greptile

@cursor review