From ca73bc24c69008df551f4891d562ed3f8e276730 Mon Sep 17 00:00:00 2001
From: Agent <agent@example.com>
Date: Fri, 3 Apr 2026 08:27:52 +0000
Subject: [PATCH] fix: escape dollar signs in docker-compose override to
 prevent secret exposure (#182)

---
 bin/disinto | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/bin/disinto b/bin/disinto
index 74e37f5..b937b73 100755
--- a/bin/disinto
+++ b/bin/disinto
@@ -2896,18 +2896,17 @@ EOF
       echo "  Model endpoint is reachable"
     fi
 
-    # Generate service name from agent name (lowercase, replace - with -)
+    # Generate service name from agent name (lowercase)
     local service_name="agents-${agent_name}"
     service_name=$(echo "$service_name" | tr '[:upper:]' '[:lower:]')
 
     # Set default poll interval
     local interval="${poll_interval:-300}"
 
-    # Generate token for the agent (use same token as FORGE_TOKEN for simplicity)
-    local agent_token="${FORGE_TOKEN}"
-
     # Generate the override compose file
-    cat > "$override_file" <<OVERRIDEOF
+    # Note: $${VAR} syntax is used so docker-compose interpolates at runtime,
+    # not at generation time (AD-005: secrets via env var indirection)
+    cat > "$override_file" <<'OVERRIDEOF'
 # docker-compose.override.yml — auto-generated by disinto hire-an-agent
 # Local model agent configuration for ${agent_name}
 
@@ -2921,11 +2920,11 @@ services:
     volumes:
       - agent-data-llama:/home/agent/data
       - project-repos-llama:/home/agent/repos
-      - ${HOME}/.claude:/home/agent/.claude
-      - ${HOME}/.claude.json:/home/agent/.claude.json:ro
+      - $${HOME}/.claude:/home/agent/.claude
+      - $${HOME}/.claude.json:/home/agent/.claude.json:ro
       - CLAUDE_BIN_PLACEHOLDER:/usr/local/bin/claude:ro
-      - ${HOME}/.ssh:/home/agent/.ssh:ro
-      - ${HOME}/.config/sops/age:/home/agent/.config/sops/age:ro
+      - $${HOME}/.ssh:/home/agent/.ssh:ro
+      - $${HOME}/.config/sops/age:/home/agent/.config/sops/age:ro
     environment:
       FORGE_URL: http://forgejo:3000
       WOODPECKER_SERVER: http://woodpecker:8000
@@ -2934,7 +2933,7 @@ services:
       WOODPECKER_DATA_DIR: /woodpecker-data
       ANTHROPIC_BASE_URL: ${local_model}
       ANTHROPIC_API_KEY: sk-no-key-required
-      FORGE_TOKEN_OVERRIDE: ${agent_token}
+      FORGE_TOKEN_OVERRIDE: $${FORGE_TOKEN}
       CLAUDE_CONFIG_DIR: /home/agent/.claude
       POLL_INTERVAL: ${interval}
     env_file: