Validate issue_number is a finite positive integer in resolveContext

Author: MackinnonBuck

scripts/corrections/collect-corrections.js

@@ -82,7 +82,12 @@ function resolveContext(payload, sender) {
     throw new Error("Missing feedback in payload");
   }
 
-  return { issueNumber: Number(issueNumber), feedback, sender };
+  const parsed = Number(issueNumber);
+  if (!Number.isFinite(parsed) || parsed < 1 || !Number.isInteger(parsed)) {
+    throw new Error(`Invalid issue_number: ${issueNumber}`);
+  }
+
+  return { issueNumber: parsed, feedback, sender };
 }
 
 /**

scripts/corrections/test/collect-corrections.test.ts

@@ -134,6 +134,24 @@ describe("resolveContext", () => {
       resolveContext({ issue_number: "1" }, "u"),
     ).toThrow("Missing feedback");
   });
+
+  it("throws on non-numeric issue number", () => {
+    expect(() =>
+      resolveContext({ issue_number: "abc", feedback: "test" }, "u"),
+    ).toThrow("Invalid issue_number: abc");
+  });
+
+  it("throws on negative issue number", () => {
+    expect(() =>
+      resolveContext({ issue_number: "-1", feedback: "test" }, "u"),
+    ).toThrow("Invalid issue_number: -1");
+  });
+
+  it("throws on decimal issue number", () => {
+    expect(() =>
+      resolveContext({ issue_number: "1.5", feedback: "test" }, "u"),
+    ).toThrow("Invalid issue_number: 1.5");
+  });
 });
 
 // ---------------------------------------------------------------------------