Merge commit from fork

* Block dangerous flags in find_file function

Added a set of dangerous flags to prevent RCE and file manipulation in the find_file function.

* Fix typo in error message for dangerous flags

Author: FailButWin

src/cai/tools/reconnaissance/filesystem.py

@@ -5,6 +5,14 @@
 from cai.tools.common import run_command  # pylint: disable=E0401
 from cai.sdk.agents import function_tool
 
+# Dangerous flags that enable RCE, file writes, or file deletion
+DANGEROUS_FIND_FLAGS = {
+    "-exec", "-execdir", "-ok", "-okdir",
+    "-delete",
+    "-fprintf", "-fprint", "-fls", "-fprint0",
+    "-print0",
+}
+
 @function_tool
 def list_dir(path: str, args: str = "", ctf=None) -> str:
     """
@@ -61,5 +69,10 @@ def find_file(file_path: str, args: str = "", ctf=None) -> str:
     """
     Find a file in the filesystem.
     """
+    # Block dangerous flags that enable RCE, file writes, or deletion
+    for flag in DANGEROUS_FIND_FLAGS:
+        if flag in args:
+            return f"Error: DANGEROUS flag '{flag}' is not allowed"
+    
     command = f'find {file_path} {args}'
     return run_command(command, ctf=ctf)