fix(prompts): use function replacer in applySubstitutions to prevent $-pattern corruption

[bisma-nawaz]

Summary

applySubstitutions in packages/core/src/prompts/utils.ts passes a plain string as the second argument to String.prototype.replace. JavaScript interprets $-prefixed patterns in string replacements ($$, $&, $`, $', $n), so any skill, sub-agent, or tool description that legitimately contains shell notation like $'…', $$, or $VAR silently corrupts the assembled system prompt — duplicating content, collapsing $$ to $, or re-inserting the placeholder text.

Details

The fix replaces all four string-form replacements with arrow-function replacers, which bypass $-pattern substitution entirely. This is the same pattern already used in HookRunner.expandCommand (packages/core/src/hooks/hookRunner.ts):

// before
result = result.replace(/\${AgentSkills}/g, skillsPrompt);
// after
result = result.replace(/\${AgentSkills}/g, () => skillsPrompt);

The same change is applied to the ${SubAgents}, ${AvailableTools}, and per-tool ${toolName_ToolName} replacements.

Related Issues

Fixes #27993

How to Validate

Run the targeted test file:

cd packages/core && npx vitest run src/prompts/utils.test.ts

The three new tests ($', $$, $& cases) would have failed before this change. All 33 tests pass after it.

Reproduce the original corruption manually (Node ≥18):

const prompt = "Header.\n${AgentSkills}\nTAIL: behave safely.";
const skills = "Run: echo $'a\\nb' to print two lines";
console.log(prompt.replace(/\${AgentSkills}/g, skills));        // BUGGY — duplicates TAIL
console.log(prompt.replace(/\${AgentSkills}/g, () => skills));  // FIXED — literal insert

Pre-Merge Checklist

• Updated relevant documentation and README (if needed) — no docs change required
• Added/updated tests (if needed) — three regression tests added in utils.test.ts
• Noted breaking changes (if any) — none; pure correctness fix
• Validated on required platforms/methods:
  • MacOS — npm run / unit tests pass locally

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses a bug in the prompt substitution utility where dynamic content containing special characters was being incorrectly processed by JavaScript's regex replacement engine. By switching to functional replacers, the system now ensures that injected content is treated as a literal string, preserving the integrity of system prompts regardless of their internal character patterns.

Highlights

• String Replacement Logic: Updated applySubstitutions to use arrow-function replacers instead of plain strings in String.prototype.replace calls.
• Bug Prevention: Prevented unintended corruption of system prompts caused by $-prefixed patterns (e.g., $$, $&, $') in dynamic content.
• Regression Testing: Added three new test cases to utils.test.ts to ensure content containing special shell-like characters is inserted literally.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

📊 PR Size: size/S

• Lines changed: 40
• Additions: +36
• Deletions: -4
• Files changed: 2

[github-actions]

🛑 Action Required: Evaluation Approval

Steering changes have been detected in this PR. To prevent regressions, a maintainer must approve the evaluation run before this PR can be merged.

Maintainers:

1. Go to the Workflow Run Summary.
2. Click the yellow 'Review deployments' button.
3. Select the 'eval-gate' environment and click 'Approve'.

Once approved, the evaluation results will be posted here automatically.

[gemini-code-assist]

Code Review

This pull request updates the applySubstitutions function in packages/core/src/prompts/utils.ts to use replacer functions instead of direct string replacements when calling String.prototype.replace. This prevents special replacement patterns (such as $&, $', and $$) in the substitution values from being interpreted incorrectly. Corresponding unit tests have been added to packages/core/src/prompts/utils.test.ts to verify literal insertion of these special characters. There are no review comments, so I have no feedback to provide.