fix: harden Altimate Memory against path traversal, add adversarial tests

Security fixes:
- Replace permissive ID regex with segment-based validation that rejects
  '..', '.', '//', and all path traversal patterns (a/../b, a/./b, etc.)
- Use unique temp file names (timestamp + random suffix) to prevent race
  condition crashes during concurrent writes to the same block ID

The old regex /^[a-z0-9][a-z0-9_/.-]*[a-z0-9]$/ allowed dangerous IDs
like "a/../b" or "a/./b" that could escape the memory directory via
path.join(). The new regex validates each path segment individually.

Adds 71 adversarial tests covering:
- Path traversal attacks (10 tests)
- Frontmatter injection and parsing edge cases (9 tests)
- Unicode and special character handling (6 tests)
- TTL/expiration boundary conditions (6 tests)
- Deduplication edge cases (7 tests)
- Concurrent operations and race conditions (4 tests)
- ID validation gaps (11 tests)
- Malformed files on disk (7 tests)
- Serialization round-trip edge cases (5 tests)
- Schema validation with adversarial inputs (6 tests)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: anandgupta42

packages/opencode/src/memory/store.ts

@@ -198,7 +198,7 @@ export namespace MemoryStore {
     const dir = path.dirname(filepath)
     await fs.mkdir(dir, { recursive: true })
 
-    const tmpPath = filepath + ".tmp"
+    const tmpPath = filepath + `.tmp.${Date.now()}.${Math.random().toString(36).slice(2, 8)}`
     const serialized = serializeBlock(block)
 
     await fs.writeFile(tmpPath, serialized, "utf-8")

packages/opencode/src/memory/tools/memory-extract.ts

@@ -1,6 +1,9 @@
 import z from "zod"
 import { Tool } from "../../tool/tool"
 import { MemoryStore } from "../store"
+import { MemoryBlockSchema } from "../types"
+
+const idSchema = MemoryBlockSchema.shape.id
 
 export const MemoryExtractTool = Tool.define("altimate_memory_extract", {
   description:
@@ -9,11 +12,7 @@ export const MemoryExtractTool = Tool.define("altimate_memory_extract", {
     facts: z
       .array(
         z.object({
-          id: z
-            .string()
-            .min(1)
-            .max(256)
-            .regex(/^[a-z0-9][a-z0-9_/.-]*[a-z0-9]$|^[a-z0-9]$/),
+          id: idSchema,
           scope: z.enum(["global", "project"]),
           content: z.string().min(1).max(2048),
           tags: z.array(z.string().max(64)).max(10).optional().default([]),

packages/opencode/src/memory/tools/memory-write.ts

@@ -1,16 +1,14 @@
 import z from "zod"
 import { Tool } from "../../tool/tool"
 import { MemoryStore } from "../store"
-import { MEMORY_MAX_BLOCK_SIZE, MEMORY_MAX_BLOCKS_PER_SCOPE, CitationSchema } from "../types"
+import { MEMORY_MAX_BLOCK_SIZE, MEMORY_MAX_BLOCKS_PER_SCOPE, CitationSchema, MemoryBlockSchema } from "../types"
+
+const idSchema = MemoryBlockSchema.shape.id
 
 export const MemoryWriteTool = Tool.define("altimate_memory_write", {
   description: `Save an Altimate Memory block for cross-session persistence. Use this to store information worth remembering across sessions — warehouse configurations, naming conventions, team preferences, data model notes, or past analysis decisions. Each block is a Markdown file persisted to disk. Max ${MEMORY_MAX_BLOCK_SIZE} chars per block, ${MEMORY_MAX_BLOCKS_PER_SCOPE} blocks per scope. Supports hierarchical IDs with slashes (e.g., 'warehouse/snowflake-config'), optional TTL expiration, and citation-backed memories.`,
   parameters: z.object({
-    id: z
-      .string()
-      .min(1)
-      .max(256)
-      .regex(/^[a-z0-9][a-z0-9_/.-]*[a-z0-9]$|^[a-z0-9]$/)
+    id: idSchema
       .describe(
         "Unique identifier for this memory block (lowercase, hyphens/underscores/slashes for namespaces). Examples: 'warehouse-config', 'warehouse/snowflake', 'conventions/dbt-naming'",
       ),

packages/opencode/src/memory/types.ts

@@ -8,9 +8,17 @@ export const CitationSchema = z.object({
 
 export type Citation = z.infer<typeof CitationSchema>
 
+// Each path segment must start and end with alphanumeric.
+// Segments are separated by '/'. No '..' or '.' as standalone segments (prevents path traversal).
+// No double slashes, no leading/trailing slashes.
+const MEMORY_ID_SEGMENT = /[a-z0-9](?:[a-z0-9_-]*[a-z0-9])?/
+const MEMORY_ID_REGEX = new RegExp(
+  `^${MEMORY_ID_SEGMENT.source}(?:\\.${MEMORY_ID_SEGMENT.source})*(?:/${MEMORY_ID_SEGMENT.source}(?:\\.${MEMORY_ID_SEGMENT.source})*)*$`,
+)
+
 export const MemoryBlockSchema = z.object({
-  id: z.string().min(1).max(256).regex(/^[a-z0-9][a-z0-9_/.-]*[a-z0-9]$|^[a-z0-9]$/, {
-    message: "ID must be lowercase alphanumeric with hyphens/underscores/slashes/dots, starting and ending with alphanumeric",
+  id: z.string().min(1).max(256).regex(MEMORY_ID_REGEX, {
+    message: "ID must be lowercase alphanumeric segments separated by '/' or '.', each starting/ending with alphanumeric. No '..' or empty segments allowed.",
   }),
   scope: z.enum(["global", "project"]),
   tags: z.array(z.string().max(64)).max(10).default([]),