fix: 添加 glob 函数 pattern 参数的安全验证

internal/room/tools/executor.go

@@ -66,6 +66,11 @@ func (e *Executor) glob(args string) (string, error) {
 		return "", err
 	}
 
+	_, err := e.safePath(a.Pattern)
+	if err != nil {
+		return "", err
+	}
+
 	pattern := filepath.Join(e.workspaceDir, a.Pattern)
 	files, err := filepath.Glob(pattern)
 	if err != nil {