From 3ebc7d7c1ae6e310c8f9ec98de62c9c924af56c5 Mon Sep 17 00:00:00 2001
From: Arnav Raj <121608861+deadsmash07@users.noreply.github.com>
Date: Fri, 27 Feb 2026 05:27:19 +0530
Subject: [PATCH] fix(core): whitelist TERM and COLORTERM in environment
 sanitization

Terminal editors (vim, emacs) and interactive commands (top) fail when
these variables are redacted. They are safe to pass through as they
only describe terminal capabilities.

Fixes #20444
---
 .../services/environmentSanitization.test.ts  | 22 +++++++++++++++++++
 .../src/services/environmentSanitization.ts   |  4 ++++
 2 files changed, 26 insertions(+)

diff --git a/packages/core/src/services/environmentSanitization.test.ts b/packages/core/src/services/environmentSanitization.test.ts
index cc26d7547d..6d035ac0d3 100644
--- a/packages/core/src/services/environmentSanitization.test.ts
+++ b/packages/core/src/services/environmentSanitization.test.ts
@@ -32,6 +32,28 @@ describe('sanitizeEnvironment', () => {
     expect(sanitized).toEqual(env);
   });
 
+  it('should allow TERM and COLORTERM environment variables', () => {
+    const env = {
+      TERM: 'xterm-256color',
+      COLORTERM: 'truecolor',
+    };
+    const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
+    expect(sanitized).toEqual(env);
+  });
+
+  it('should preserve TERM and COLORTERM even in strict sanitization mode', () => {
+    const env = {
+      GITHUB_SHA: 'abc123',
+      TERM: 'xterm-256color',
+      COLORTERM: 'truecolor',
+      SOME_OTHER_VAR: 'value',
+    };
+    const sanitized = sanitizeEnvironment(env, EMPTY_OPTIONS);
+    expect(sanitized['TERM']).toBe('xterm-256color');
+    expect(sanitized['COLORTERM']).toBe('truecolor');
+    expect(sanitized['SOME_OTHER_VAR']).toBeUndefined();
+  });
+
   it('should allow variables prefixed with GEMINI_CLI_', () => {
     const env = {
       GEMINI_CLI_FOO: 'bar',
diff --git a/packages/core/src/services/environmentSanitization.ts b/packages/core/src/services/environmentSanitization.ts
index dc9c92484d..dba3662513 100644
--- a/packages/core/src/services/environmentSanitization.ts
+++ b/packages/core/src/services/environmentSanitization.ts
@@ -71,6 +71,10 @@ export const ALWAYS_ALLOWED_ENVIRONMENT_VARIABLES: ReadonlySet<string> =
     'TMPDIR',
     'USER',
     'LOGNAME',
+    // Terminal capability variables (needed by editors like vim/emacs and
+    // interactive commands like top)
+    'TERM',
+    'COLORTERM',
     // GitHub Action-related variables
     'ADDITIONAL_CONTEXT',
     'AVAILABLE_LABELS',