fix: escape paths and commands in rich output

When the watcher detected a file path or executed a command containing square brackets (e.g., `file_with_[bracket].txt`), the `rich` library attempted to parse them as markup tags, causing a `rich.errors.MarkupError` and crashing the background debounce thread.

This commit imports `escape` from `rich.markup` and applies it to dynamically generated strings injected into the console.print statements, ensuring safe output and robust execution.

A unit test was added to verify paths and commands with brackets no longer crash the process.

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Co-authored-by: shenald-dev <245350826+shenald-dev@users.noreply.github.com>

Author: shenald-dev

.jules/bolt.md

@@ -108,3 +108,11 @@ Using `.join()` unconditionally to replace `time.sleep()` in test cases is a fla
 
 Action:
 Instead of `time.sleep()`, tests should use dynamic polling mechanisms (`while handler.current_process is None` coupled with short `time.sleep(0.05)` cycles and a maximum timeout) to efficiently wait only until the desired intermediate condition is met. This ensures the tests run significantly faster while preventing flakiness.
+
+## 2026-04-24 — Rich Markup Error Bug
+
+Learning:
+When passing raw user strings containing square brackets (like file paths, directories, or bash commands) into `rich.console.print` format strings, `rich` attempts to parse them as style markup tags (e.g., `[red]`). If the string inside the brackets is not a valid tag, or if there's a typo/unclosed tag, the library throws a `MarkupError` exception which will crash the thread executing the print statement.
+
+Action:
+Always use `rich.markup.escape(str(variable))` before injecting unvalidated user-provided strings into `rich` print statements to guarantee safe output.

src/echo/watcher.py

@@ -12,6 +12,7 @@
 from watchdog.observers import Observer
 from watchdog.events import FileSystemEventHandler
 from rich.console import Console
+from rich.markup import escape
 
 console = Console()
 
@@ -122,7 +123,7 @@ def _run_command(self, event_path):
         if self.is_shutting_down:
             return
 
-        console.print(f"\n[cyan]📡 Change detected in {event_path}. Executing: [yellow]{self.command}[/][/cyan]")
+        console.print(f"\n[cyan]📡 Change detected in {escape(str(event_path))}. Executing: [yellow]{escape(str(self.command))}[/][/cyan]")
         try:
             with self.process_lock:
                 if self.is_shutting_down:
@@ -247,7 +248,7 @@ def main():
     observer = Observer()
     observer.schedule(event_handler, args.path, recursive=True)
 
-    console.print(f"[bold green]✨ Echo is watching [cyan]{args.path}[/] and will run [yellow]{args.cmd}[/][/bold green]")
+    console.print(f"[bold green]✨ Echo is watching [cyan]{escape(str(args.path))}[/] and will run [yellow]{escape(str(args.cmd))}[/][/bold green]")
 
     try:
         observer.start()

tests/test_markup.py

@@ -0,0 +1,26 @@
+import time
+from echo.watcher import CommandRunnerHandler
+from unittest.mock import MagicMock
+
+def test_rich_markup_crash_escaping():
+    # If the command has markup tags, it should not crash
+    handler = CommandRunnerHandler("echo [/cyan]")
+
+    # Create a mock event with a bracket in the name
+    mock_event = MagicMock()
+    mock_event.is_directory = False
+    mock_event.src_path = "file_with_[bracket].txt"
+    mock_event.event_type = 'modified'
+
+    handler.on_any_event(mock_event)
+
+    # Wait for execution
+    start_time = time.monotonic()
+    while handler.current_process is None and time.monotonic() - start_time < 3.0:
+        time.sleep(0.05)
+
+    assert handler.current_process is not None, "Process should have started, indicating it didn't crash"
+
+    if handler.current_process:
+        handler.current_process.terminate()
+        handler.current_process.wait()