kin: auto-commit after pipeline

tests/test_deploy.py

@@ -516,6 +516,39 @@ class TestSSHBuildCmd:
         assert "cd" not in full_cmd_arg
         assert full_cmd_arg == "git pull"
 
+    def test_deploy_path_with_semicolon_injection_is_escaped(self):
+        """Path containing ';' must be quoted so it cannot inject a second shell command."""
+        project = {
+            "deploy_host": "myserver",
+            "deploy_path": "/srv/api; rm -rf /",
+        }
+        cmd = _build_ssh_cmd(project, "git pull")
+        full_cmd_arg = cmd[-1]
+        # The dangerous path must appear only as a quoted argument, not as a bare shell fragment.
+        assert "cd /srv/api; rm -rf /" not in full_cmd_arg
+        # shlex.quote wraps it in single quotes — the semicolon is inside the quotes.
+        assert shlex.quote("/srv/api; rm -rf /") in full_cmd_arg
+
+    def test_deploy_restart_cmd_is_not_shlex_quoted(self):
+        """deploy_restart_cmd must reach SSH as a plain shell command, not as a single quoted arg.
+
+        shlex.quote would turn 'docker compose restart worker' into a literal string
+        which the remote shell would refuse to execute. Admin-controlled field — no quoting.
+        """
+        project = {
+            "deploy_host": "myserver",
+            "deploy_path": "/srv/api",
+            "deploy_runtime": "docker",
+            "deploy_restart_cmd": "docker compose restart worker",
+        }
+        # Build steps manually and feed one step into _build_ssh_cmd.
+        restart_cmd = "docker compose restart worker"
+        cmd = _build_ssh_cmd(project, restart_cmd)
+        full_cmd_arg = cmd[-1]
+        # The command must appear verbatim (not as a single quoted token).
+        assert "docker compose restart worker" in full_cmd_arg
+        assert full_cmd_arg != shlex.quote("docker compose restart worker")
+
 
 # ---------------------------------------------------------------------------
 # 9. deploy_with_dependents — cascade deploy unit tests