From 998e94a32fb657e3faa7bc33374a5270bf7a45f4 Mon Sep 17 00:00:00 2001
From: Christian Gunderman <gundermanc@google.com>
Date: Fri, 15 May 2026 13:12:23 -0700
Subject: [PATCH] fix(core): restore strict sanitization config and allow list
 precedence

---
 packages/core/src/services/environmentSanitization.test.ts | 4 ++--
 packages/core/src/services/environmentSanitization.ts      | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/packages/core/src/services/environmentSanitization.test.ts b/packages/core/src/services/environmentSanitization.test.ts
index da0d14e5dd..dcf665f88e 100644
--- a/packages/core/src/services/environmentSanitization.test.ts
+++ b/packages/core/src/services/environmentSanitization.test.ts
@@ -370,7 +370,7 @@ describe('getSecureSanitizationConfig', () => {
     );
   });
 
-  it('should not filter out variables from allowed list that match NEVER_ALLOWED_NAME_PATTERNS', () => {
+  it('should filter out variables from allowed list that match NEVER_ALLOWED_NAME_PATTERNS', () => {
     const requestedConfig = {
       allowedEnvironmentVariables: ['SAFE_VAR', 'MY_SECRET_TOKEN'],
     };
@@ -378,7 +378,7 @@ describe('getSecureSanitizationConfig', () => {
     const config = getSecureSanitizationConfig(requestedConfig);
 
     expect(config.allowedEnvironmentVariables).toContain('SAFE_VAR');
-    expect(config.allowedEnvironmentVariables).toContain('MY_SECRET_TOKEN');
+    expect(config.allowedEnvironmentVariables).not.toContain('MY_SECRET_TOKEN');
   });
 
   it('should deduplicate variables in allowed and blocked lists', () => {
diff --git a/packages/core/src/services/environmentSanitization.ts b/packages/core/src/services/environmentSanitization.ts
index 0bd8bdbfa3..1889e2b2cf 100644
--- a/packages/core/src/services/environmentSanitization.ts
+++ b/packages/core/src/services/environmentSanitization.ts
@@ -213,6 +213,12 @@ export function getSecureSanitizationConfig(
     if (NEVER_ALLOWED_ENVIRONMENT_VARIABLES.has(upperKey)) {
       return false;
     }
+    // Never allow variables that match sensitive name patterns
+    for (const pattern of NEVER_ALLOWED_NAME_PATTERNS) {
+      if (pattern.test(upperKey)) {
+        return false;
+      }
+    }
     return true;
   });