Merge branch 'dev' into feat/text-encode-block

## Summary

Fixes a reflected cross-site scripting (XSS) vulnerability in the OAuth
callback route.

**Security Issue:**
https://github.com/Significant-Gravitas/AutoGPT/security/code-scanning/202

### Vulnerability

The OAuth callback route at
`frontend/src/app/(platform)/auth/integrations/oauth_callback/route.ts`
was writing user-controlled data directly into an HTML response without
proper sanitization. This allowed potential attackers to inject
malicious scripts via OAuth callback parameters.

### Fix

Added a `safeJsonStringify()` function that escapes characters that
could break out of the script context:
- `<` → `\u003c`
- `>` → `\u003e`  
- `&` → `\u0026`

This prevents any user-provided values from being interpreted as
HTML/script content when embedded in the response.

### References

- [OWASP XSS Prevention Cheat
Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html)
- [CWE-79: Improper Neutralization of Input During Web Page
Generation](https://cwe.mitre.org/data/definitions/79.html)

## Checklist 📋

#### For code changes:
- [x] I have clearly listed my changes in the PR description
- [x] I have made a test plan
- [x] I have tested my changes according to the test plan:
  - [x] Verified the OAuth callback still functions correctly
- [x] Confirmed special characters in OAuth responses are properly
escaped

autogpt_platform/backend/backend/api/features/chat/tools/customize_agent.py

@@ -3,8 +3,6 @@
 import logging
 from typing import Any
 
-from pydantic import BaseModel, field_validator
-
 from backend.api.features.chat.model import ChatSession
 from backend.api.features.store import db as store_db
 from backend.api.features.store.exceptions import AgentNotFoundError
@@ -29,23 +27,6 @@ from .models import (
 logger = logging.getLogger(__name__)
 
 
-class CustomizeAgentInput(BaseModel):
-    """Input parameters for the customize_agent tool."""
-
-    agent_id: str = ""
-    modifications: str = ""
-    context: str = ""
-    save: bool = True
-
-    @field_validator("agent_id", "modifications", "context", mode="before")
-    @classmethod
-    def strip_strings(cls, v: Any) -> str:
-        """Strip whitespace from string fields."""
-        if isinstance(v, str):
-            return v.strip()
-        return v if v is not None else ""
-
-
 class CustomizeAgentTool(BaseTool):
     """Tool for customizing marketplace/template agents using natural language."""
 
@@ -111,7 +92,7 @@ class CustomizeAgentTool(BaseTool):
         self,
         user_id: str | None,
         session: ChatSession,
-        **kwargs: Any,
+        **kwargs,
     ) -> ToolResponseBase:
         """Execute the customize_agent tool.
 
@@ -121,17 +102,20 @@ class CustomizeAgentTool(BaseTool):
         3. Call customize_template with the modification request
         4. Preview or save based on the save parameter
         """
-        params = CustomizeAgentInput(**kwargs)
+        agent_id = kwargs.get("agent_id", "").strip()
+        modifications = kwargs.get("modifications", "").strip()
+        context = kwargs.get("context", "")
+        save = kwargs.get("save", True)
         session_id = session.session_id if session else None
 
-        if not params.agent_id:
+        if not agent_id:
             return ErrorResponse(
                 message="Please provide the marketplace agent ID (e.g., 'creator/agent-name').",
                 error="missing_agent_id",
                 session_id=session_id,
             )
 
-        if not params.modifications:
+        if not modifications:
             return ErrorResponse(
                 message="Please describe how you want to customize this agent.",
                 error="missing_modifications",
@@ -139,11 +123,11 @@ class CustomizeAgentTool(BaseTool):
             )
 
         # Parse agent_id in format "creator/slug"
-        parts = params.agent_id.split("/")
+        parts = [p.strip() for p in agent_id.split("/")]
         if len(parts) != 2 or not parts[0] or not parts[1]:
             return ErrorResponse(
                 message=(
-                    f"Invalid agent ID format: '{params.agent_id}'. "
+                    f"Invalid agent ID format: '{agent_id}'. "
                     "Expected format is 'creator/agent-name' "
                     "(e.g., 'autogpt/newsletter-writer')."
                 ),
@@ -161,14 +145,14 @@ class CustomizeAgentTool(BaseTool):
         except AgentNotFoundError:
             return ErrorResponse(
                 message=(
-                    f"Could not find marketplace agent '{params.agent_id}'. "
+                    f"Could not find marketplace agent '{agent_id}'. "
                     "Please check the agent ID and try again."
                 ),
                 error="agent_not_found",
                 session_id=session_id,
             )
         except Exception as e:
-            logger.error(f"Error fetching marketplace agent {params.agent_id}: {e}")
+            logger.error(f"Error fetching marketplace agent {agent_id}: {e}")
             return ErrorResponse(
                 message="Failed to fetch the marketplace agent. Please try again.",
                 error="fetch_error",
@@ -178,7 +162,7 @@ class CustomizeAgentTool(BaseTool):
         if not agent_details.store_listing_version_id:
             return ErrorResponse(
                 message=(
-                    f"The agent '{params.agent_id}' does not have an available version. "
+                    f"The agent '{agent_id}' does not have an available version. "
                     "Please try a different agent."
                 ),
                 error="no_version_available",
@@ -190,7 +174,7 @@ class CustomizeAgentTool(BaseTool):
             graph = await store_db.get_agent(agent_details.store_listing_version_id)
             template_agent = graph_to_json(graph)
         except Exception as e:
-            logger.error(f"Error fetching agent graph for {params.agent_id}: {e}")
+            logger.error(f"Error fetching agent graph for {agent_id}: {e}")
             return ErrorResponse(
                 message="Failed to fetch the agent configuration. Please try again.",
                 error="graph_fetch_error",
@@ -201,8 +185,8 @@ class CustomizeAgentTool(BaseTool):
         try:
             result = await customize_template(
                 template_agent=template_agent,
-                modification_request=params.modifications,
-                context=params.context,
+                modification_request=modifications,
+                context=context,
             )
         except AgentGeneratorNotConfiguredError:
             return ErrorResponse(
@@ -214,7 +198,7 @@ class CustomizeAgentTool(BaseTool):
                 session_id=session_id,
             )
         except Exception as e:
-            logger.error(f"Error calling customize_template for {params.agent_id}: {e}")
+            logger.error(f"Error calling customize_template for {agent_id}: {e}")
             return ErrorResponse(
                 message=(
                     "Failed to customize the agent due to a service error. "
@@ -235,25 +219,55 @@ class CustomizeAgentTool(BaseTool):
                 session_id=session_id,
             )
 
-        # Handle response using match/case for cleaner pattern matching
-        return await self._handle_customization_result(
-            result=result,
-            params=params,
-            agent_details=agent_details,
-            user_id=user_id,
-            session_id=session_id,
-        )
+        # Handle error response
+        if isinstance(result, dict) and result.get("type") == "error":
+            error_msg = result.get("error", "Unknown error")
+            error_type = result.get("error_type", "unknown")
+            user_message = get_user_message_for_error(
+                error_type,
+                operation="customize the agent",
+                llm_parse_message=(
+                    "The AI had trouble customizing the agent. "
+                    "Please try again or simplify your request."
+                ),
+                validation_message=(
+                    "The customized agent failed validation. "
+                    "Please try rephrasing your request."
+                ),
+                error_details=error_msg,
+            )
+            return ErrorResponse(
+                message=user_message,
+                error=f"customization_failed:{error_type}",
+                session_id=session_id,
+            )
 
-    async def _handle_customization_result(
-        self,
-        result: dict[str, Any],
-        params: CustomizeAgentInput,
-        agent_details: Any,
-        user_id: str | None,
-        session_id: str | None,
-    ) -> ToolResponseBase:
-        """Handle the result from customize_template using pattern matching."""
-        # Ensure result is a dict
+        # Handle clarifying questions
+        if isinstance(result, dict) and result.get("type") == "clarifying_questions":
+            questions = result.get("questions") or []
+            if not isinstance(questions, list):
+                logger.error(
+                    f"Unexpected clarifying questions format: {type(questions)}"
+                )
+                questions = []
+            return ClarificationNeededResponse(
+                message=(
+                    "I need some more information to customize this agent. "
+                    "Please answer the following questions:"
+                ),
+                questions=[
+                    ClarifyingQuestion(
+                        question=q.get("question", ""),
+                        keyword=q.get("keyword", ""),
+                        example=q.get("example"),
+                    )
+                    for q in questions
+                    if isinstance(q, dict)
+                ],
+                session_id=session_id,
+            )
+
+        # Result should be the customized agent JSON
         if not isinstance(result, dict):
             logger.error(f"Unexpected customize_template response type: {type(result)}")
             return ErrorResponse(
@@ -262,77 +276,8 @@ class CustomizeAgentTool(BaseTool):
                 session_id=session_id,
             )
 
-        result_type = result.get("type")
+        customized_agent = result
 
-        match result_type:
-            case "error":
-                error_msg = result.get("error", "Unknown error")
-                error_type = result.get("error_type", "unknown")
-                user_message = get_user_message_for_error(
-                    error_type,
-                    operation="customize the agent",
-                    llm_parse_message=(
-                        "The AI had trouble customizing the agent. "
-                        "Please try again or simplify your request."
-                    ),
-                    validation_message=(
-                        "The customized agent failed validation. "
-                        "Please try rephrasing your request."
-                    ),
-                    error_details=error_msg,
-                )
-                return ErrorResponse(
-                    message=user_message,
-                    error=f"customization_failed:{error_type}",
-                    session_id=session_id,
-                )
-
-            case "clarifying_questions":
-                questions_data = result.get("questions") or []
-                if not isinstance(questions_data, list):
-                    logger.error(
-                        f"Unexpected clarifying questions format: {type(questions_data)}"
-                    )
-                    questions_data = []
-
-                questions = [
-                    ClarifyingQuestion(
-                        question=q.get("question", "") if isinstance(q, dict) else "",
-                        keyword=q.get("keyword", "") if isinstance(q, dict) else "",
-                        example=q.get("example") if isinstance(q, dict) else None,
-                    )
-                    for q in questions_data
-                    if isinstance(q, dict)
-                ]
-
-                return ClarificationNeededResponse(
-                    message=(
-                        "I need some more information to customize this agent. "
-                        "Please answer the following questions:"
-                    ),
-                    questions=questions,
-                    session_id=session_id,
-                )
-
-            case _:
-                # Default case: result is the customized agent JSON
-                return await self._save_or_preview_agent(
-                    customized_agent=result,
-                    params=params,
-                    agent_details=agent_details,
-                    user_id=user_id,
-                    session_id=session_id,
-                )
-
-    async def _save_or_preview_agent(
-        self,
-        customized_agent: dict[str, Any],
-        params: CustomizeAgentInput,
-        agent_details: Any,
-        user_id: str | None,
-        session_id: str | None,
-    ) -> ToolResponseBase:
-        """Save or preview the customized agent based on params.save."""
         agent_name = customized_agent.get(
             "name", f"Customized {agent_details.agent_name}"
         )
@@ -342,7 +287,7 @@ class CustomizeAgentTool(BaseTool):
         node_count = len(nodes) if isinstance(nodes, list) else 0
         link_count = len(links) if isinstance(links, list) else 0
 
-        if not params.save:
+        if not save:
             return AgentPreviewResponse(
                 message=(
                     f"I've customized the agent '{agent_details.agent_name}'. "

autogpt_platform/backend/backend/blocks/encoder_block.py

@@ -0,0 +1,77 @@
+"""Text encoding block for converting special characters to escape sequences."""
+
+import codecs
+
+from backend.data.block import (
+    Block,
+    BlockCategory,
+    BlockOutput,
+    BlockSchemaInput,
+    BlockSchemaOutput,
+)
+from backend.data.model import SchemaField
+
+
+class TextEncoderBlock(Block):
+    """
+    Encodes a string by converting special characters into escape sequences.
+
+    This block is the inverse of TextDecoderBlock. It takes text containing
+    special characters (like newlines, tabs, etc.) and converts them into
+    their escape sequence representations (e.g., newline becomes \\n).
+    """
+
+    class Input(BlockSchemaInput):
+        """Input schema for TextEncoderBlock."""
+
+        text: str = SchemaField(
+            description="A string containing special characters to be encoded",
+            placeholder="Your text with newlines and quotes to encode",
+        )
+
+    class Output(BlockSchemaOutput):
+        """Output schema for TextEncoderBlock."""
+
+        encoded_text: str = SchemaField(
+            description="The encoded text with special characters converted to escape sequences"
+        )
+        error: str = SchemaField(description="Error message if encoding fails")
+
+    def __init__(self):
+        super().__init__(
+            id="5185f32e-4b65-4ecf-8fbb-873f003f09d6",
+            description="Encodes a string by converting special characters into escape sequences",
+            categories={BlockCategory.TEXT},
+            input_schema=TextEncoderBlock.Input,
+            output_schema=TextEncoderBlock.Output,
+            test_input={
+                "text": """Hello
+World!
+This is a "quoted" string."""
+            },
+            test_output=[
+                (
+                    "encoded_text",
+                    """Hello\\nWorld!\\nThis is a "quoted" string.""",
+                )
+            ],
+        )
+
+    async def run(self, input_data: Input, **kwargs) -> BlockOutput:
+        """
+        Encode the input text by converting special characters to escape sequences.
+
+        Args:
+            input_data: The input containing the text to encode.
+            **kwargs: Additional keyword arguments (unused).
+
+        Yields:
+            The encoded text with escape sequences, or an error message if encoding fails.
+        """
+        try:
+            encoded_text = codecs.encode(input_data.text, "unicode_escape").decode(
+                "utf-8"
+            )
+            yield "encoded_text", encoded_text
+        except Exception as e:
+            yield "error", f"Encoding error: {str(e)}"

autogpt_platform/backend/backend/blocks/test/test_text_encoder.py

@@ -0,0 +1,77 @@
+import pytest
+
+from backend.blocks.encoder_block import TextEncoderBlock
+
+
+@pytest.mark.asyncio
+async def test_text_encoder_basic():
+    """Test basic encoding of newlines and special characters."""
+    block = TextEncoderBlock()
+    result = []
+    async for output in block.run(TextEncoderBlock.Input(text="Hello\nWorld")):
+        result.append(output)
+
+    assert len(result) == 1
+    assert result[0][0] == "encoded_text"
+    assert result[0][1] == "Hello\\nWorld"
+
+
+@pytest.mark.asyncio
+async def test_text_encoder_multiple_escapes():
+    """Test encoding of multiple escape sequences."""
+    block = TextEncoderBlock()
+    result = []
+    async for output in block.run(
+        TextEncoderBlock.Input(text="Line1\nLine2\tTabbed\rCarriage")
+    ):
+        result.append(output)
+
+    assert len(result) == 1
+    assert result[0][0] == "encoded_text"
+    assert "\\n" in result[0][1]
+    assert "\\t" in result[0][1]
+    assert "\\r" in result[0][1]
+
+
+@pytest.mark.asyncio
+async def test_text_encoder_unicode():
+    """Test that unicode characters are handled correctly."""
+    block = TextEncoderBlock()
+    result = []
+    async for output in block.run(TextEncoderBlock.Input(text="Hello 世界\n")):
+        result.append(output)
+
+    assert len(result) == 1
+    assert result[0][0] == "encoded_text"
+    # Unicode characters should be escaped as \uXXXX sequences
+    assert "\\n" in result[0][1]
+
+
+@pytest.mark.asyncio
+async def test_text_encoder_empty_string():
+    """Test encoding of an empty string."""
+    block = TextEncoderBlock()
+    result = []
+    async for output in block.run(TextEncoderBlock.Input(text="")):
+        result.append(output)
+
+    assert len(result) == 1
+    assert result[0][0] == "encoded_text"
+    assert result[0][1] == ""
+
+
+@pytest.mark.asyncio
+async def test_text_encoder_error_handling():
+    """Test that encoding errors are handled gracefully."""
+    from unittest.mock import patch
+
+    block = TextEncoderBlock()
+    result = []
+
+    with patch("codecs.encode", side_effect=Exception("Mocked encoding error")):
+        async for output in block.run(TextEncoderBlock.Input(text="test")):
+            result.append(output)
+
+    assert len(result) == 1
+    assert result[0][0] == "error"
+    assert "Mocked encoding error" in result[0][1]

autogpt_platform/frontend/src/app/(platform)/auth/integrations/oauth_callback/route.ts

@@ -1,6 +1,17 @@
 import { OAuthPopupResultMessage } from "./types";
 import { NextResponse } from "next/server";
 
+/**
+ * Safely encode a value as JSON for embedding in a script tag.
+ * Escapes characters that could break out of the script context to prevent XSS.
+ */
+function safeJsonStringify(value: unknown): string {
+  return JSON.stringify(value)
+    .replace(/</g, "\\u003c")
+    .replace(/>/g, "\\u003e")
+    .replace(/&/g, "\\u0026");
+}
+
 // This route is intended to be used as the callback for integration OAuth flows,
 // controlled by the CredentialsInput component. The CredentialsInput opens the login
 // page in a pop-up window, which then redirects to this route to close the loop.
@@ -23,12 +34,13 @@ export async function GET(request: Request) {
   console.debug("Sending message to opener:", message);
 
   // Return a response with the message as JSON and a script to close the window
+  // Use safeJsonStringify to prevent XSS by escaping <, >, and & characters
   return new NextResponse(
     `
     <html>
       <body>
         <script>
-          window.opener.postMessage(${JSON.stringify(message)});
+          window.opener.postMessage(${safeJsonStringify(message)});
           window.close();
         </script>
       </body>

docs/integrations/README.md

@@ -193,6 +193,7 @@ Below is a comprehensive list of all available blocks, categorized by their prim
 | [Get Current Time](block-integrations/text.md#get-current-time) | This block outputs the current time |
 | [Match Text Pattern](block-integrations/text.md#match-text-pattern) | Matches text against a regex pattern and forwards data to positive or negative output based on the match |
 | [Text Decoder](block-integrations/text.md#text-decoder) | Decodes a string containing escape sequences into actual text |
+| [Text Encoder](block-integrations/text.md#text-encoder) | Encodes a string by converting special characters into escape sequences |
 | [Text Replace](block-integrations/text.md#text-replace) | This block is used to replace a text with a new text |
 | [Text Split](block-integrations/text.md#text-split) | This block is used to split a text into a list of strings |
 | [Word Character Count](block-integrations/text.md#word-character-count) | Counts the number of words and characters in a given text |

docs/integrations/block-integrations/text.md

@@ -380,6 +380,42 @@ This is useful when working with data from APIs or files where escape sequences
 
 ---
 
+## Text Encoder
+
+### What it is
+Encodes a string by converting special characters into escape sequences
+
+### How it works
+<!-- MANUAL: how_it_works -->
+The Text Encoder takes the input string and applies Python's `unicode_escape` encoding (equivalent to `codecs.encode(text, "unicode_escape").decode("utf-8")`) to transform special characters like newlines, tabs, and backslashes into their escaped forms.
+
+The block relies on the input schema to ensure the value is a string; non-string inputs are rejected by validation, and any encoding failures surface as block errors. Non-ASCII characters are emitted as `\uXXXX` sequences, which is useful for ASCII-only payloads.
+<!-- END MANUAL -->
+
+### Inputs
+
+| Input | Description | Type | Required |
+|-------|-------------|------|----------|
+| text | A string containing special characters to be encoded | str | Yes |
+
+### Outputs
+
+| Output | Description | Type |
+|--------|-------------|------|
+| error | Error message if encoding fails | str |
+| encoded_text | The encoded text with special characters converted to escape sequences | str |
+
+### Possible use case
+<!-- MANUAL: use_case -->
+**JSON Payload Preparation**: Encode multiline or quoted text before embedding it in JSON string fields to ensure proper escaping.
+
+**Config/ENV Generation**: Convert template text into escaped strings for `.env` or YAML values that require special character handling.
+
+**Snapshot Fixtures**: Produce stable escaped strings for golden files or API tests where consistent text representation is needed.
+<!-- END MANUAL -->
+
+---
+
 ## Text Replace
 
 ### What it is