From 94bc62ad46b6b484f6bebe38df94814400ab73e3 Mon Sep 17 00:00:00 2001
From: 0xRain <tianrun.yang@hotmail.com>
Date: Thu, 12 Feb 2026 21:45:22 +0800
Subject: [PATCH] fix(media): strip MEDIA: lines with local paths instead of
 leaking as text (#14399)

When internal tools (e.g. TTS) emit MEDIA:/tmp/... with absolute paths,
isValidMedia() correctly rejects them for security. However, the rejected
MEDIA: line was kept as visible text in the output, leaking the path to
the user.

Now strip MEDIA: lines that look like local paths even when the path
is invalid, so they never appear as user-visible text.

Closes #14365

Co-authored-by: Echo Ito <echoito@MacBook-Air.local>
---
 src/media/parse.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/media/parse.ts b/src/media/parse.ts
index 693940a0aef..b1125097530 100644
--- a/src/media/parse.ts
+++ b/src/media/parse.ts
@@ -191,6 +191,10 @@ export function splitMediaFromOutput(raw: string): {
         if (invalidParts.length > 0) {
           pieces.push(invalidParts.join(" "));
         }
+      } else if (looksLikeLocalPath) {
+        // Strip MEDIA: lines with local paths even when invalid (e.g. absolute paths
+        // from internal tools like TTS). They should never leak as visible text.
+        foundMediaToken = true;
       } else {
         // If no valid media was found in this match, keep the original token text.
         pieces.push(match[0]);