From 2192a32d03135f512583a3b16dc891b286735f18 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Sat, 21 Mar 2026 22:19:58 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Fix=20Denial=20of=20Service=20vu?=
 =?UTF-8?q?lnerability=20in=20is=5Fempty?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: aguzererler <6199053+aguzererler@users.noreply.github.com>
---
 cli/main.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/cli/main.py b/cli/main.py
index f6c57782..de7dbe0d 100644
--- a/cli/main.py
+++ b/cli/main.py
@@ -826,8 +826,6 @@ def extract_content_string(content):
     """Extract string content from various message formats.
     Returns None if no meaningful text content is found.
     """
-    import ast
-
     def is_empty(val):
         """Check if value is empty using Python's truthiness."""
         if val is None or val == '':
@@ -836,10 +834,11 @@ def extract_content_string(content):
             s = val.strip()
             if not s:
                 return True
-            try:
-                return not bool(ast.literal_eval(s))
-            except (ValueError, SyntaxError):
-                return False  # Can't parse = real text
+            # Check for common string representations of "empty" values
+            # to avoid using unsafe ast.literal_eval
+            if s.lower() in ("[]", "{}", "()", "none", "false", "0", "0.0", '""', "''"):
+                return True
+            return False
         return not bool(val)
 
     if is_empty(content):