[BUG] [v0.0.7] cortex agent show panics with UTF-8 multi-byte char at 500-byte system prompt boundary

[nightmare0329]

Bug Report

Version: v0.0.7
Command: cortex agent show

Summary

cortex agent show panics (process abort) with byte index 500 is not a char boundary when an agent's system prompt contains a multi-byte UTF-8 character that spans the 500-byte truncation boundary.

Steps to Reproduce

1. Create an agent whose system prompt has a multi-byte char (é, U+00E9) spanning bytes 499–500:

~/.cortex/agents/test-utf8-agent.md:
---
name: test-utf8-agent
description: Test agent for UTF-8 boundary testing
---

xxx...xxx[499 x chars]émore text

$ python3 -c "print('x'*499 + chr(0xe9) + 'more text')" > prompt.txt
# prompt is 510 bytes; é spans bytes 499-500

2. Run:

$ cortex agent show test-utf8-agent

Actual Behavior

Agent: test-utf8-agent
========================================
Description: Test agent for UTF-8 boundary testing
Mode: primary
Source: personal

System Prompt:
----------------------------------------
thread 'main' panicked at src/cortex-cli/src/agent_cmd/handlers/show.rs:142:24
byte index 500 is not a char boundary; it is inside 'é' (bytes 499..501) of `xxx...xxx`
note: run with RUST_BACKTRACE=1 to display a backtrace
Aborted (core dumped)

Expected Behavior

The system prompt should be safely truncated at a valid UTF-8 character boundary (e.g., at byte 499), not crash.

Root Cause

src/cortex-cli/src/agent_cmd/handlers/show.rs, line 142:

let preview = if prompt.len() > 500 {
    format!(
        "{}...\n\n(truncated, {} chars total)",
        &prompt[..500],   // PANICS if byte 500 is inside a multi-byte char
        prompt.len()
    )
} else {
    prompt.clone()
};

prompt.len() returns the byte count. If a multi-byte UTF-8 character (e.g., U+00E9 é, 2 bytes) spans bytes 499–500, the byte slice &prompt[..500] panics.

Fix

let preview = if prompt.len() > 500 {
    let safe: String = prompt.chars().take(500).collect();
    format!("{}...\n\n(truncated, {} chars total)", safe, prompt.chars().count())
} else {
    prompt.clone()
};

Screenshot

[atlas-cortex]

❌ Validation Summary — Issue #53403

LLM validity check failed (score: 0.05). The submission provides a clear, highly detailed report of a panic in the cortex agent show command caused by unsafe byte slicing (&prompt[..500]) on UTF-8 characters. It includes precise steps to reproduce, the expected versus actual behavior, the root cause in the code, and a screenshot as evidence. The report is technically sound and does not exhibit spam characteristics. However, a review of existing issues reveals that this exact bug has already been reported. Issue #52493 identifies the same unsafe byte slice prompt[..500] panic in the agent show system prompt preview, and issue #52749 reports the same crash for version v0.0.7. Since older issues take precedence, this submission is a duplicate.

Confidence Score: 4/5

• This issue does not meet the minimum requirements for a valid bounty submission.

Validation Checks

Check	Status	Detail
Media Evidence	✅ Pass	Evidence found and accessible
Spam Detection	✅ Pass	Score: 0% — no spam signals
Duplicate Detection	✅ Pass	No significant overlap with existing issues
Code Verification	✅ Pass	Bug confirmed in source code (confidence: 100%) — The code in src/cortex-cli/src/agent_cmd/handlers/show.rs slices the prompt
Edit History	✅ Pass	No suspicious edits
LLM Evaluation	❌ Fail	LLM validity check failed (score: 0.05). The submission provides a clear, highly detailed report of a panic in the `cort...

Action Items

• Ensure the issue describes a genuine, reproducible bug
• Provide clear steps to reproduce and evidence
• Issue has moderate similarity to existing issues, suggesting partial overlap.

Validation Pipeline

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["Issue #53403"] --> B{"Media Check"}
    B -->|"✅ Found"| C{"Spam Check"}
    C -->|"✅ Clean"| D{"Duplicate Check"}
    D -->|"✅ Unique"| CV{"Code Verify"}
    CV -->|"✅ Confirmed"| E{"Edit History"}
    E -->|"✅ Normal"| F{"LLM Evaluation"}
    F -->|"❌ Failed"| Z["❌ Invalid"]
    style Z fill:#ff6b6b,color:#fff

Loading

Raw Evidence

{
  "media": {
    "hasMedia": true,
    "accessible": true,
    "urls": [
      "https://raw.githubusercontent.com/nightmare0329/cortex-bug-evidence/main/real_agent_show_utf8_panic.png"
    ],
    "evidence": [
      "Found 1 media URL(s) via GitHub rendered HTML",
      "1 URL(s) accessible"
    ]
  },
  "spam": {
    "overallScore": 0,
    "details": "template=0.00 (0 recent issues compared); burst=0.00 (1 issues in 2h window); parity=0.00; overall=0.00 (threshold=0.7)"
  },
  "duplicate": {
    "isDuplicate": false,
    "similarity": 0.7289168961482427,
    "topSimilar": [
      {
        "issueNumber": 53402,
        "title": "cortex feedback history panics with 'byte index is not a char boundary' for messages with UTF-8 chars near 100-byte mark",
        "similarity": 0.7289168961482427
      },
      {
        "issueNumber": 52493,
        "title": "[BUG] [v0.0.1] agent show system prompt preview uses unsafe byte slice prompt[..500] — panics on non-ASCII prompts",
        "similarity": 0.7038182921165159
      },
      {
        "issueNumber": 53399,
        "title": "cortex import panics with 'byte index is not a char boundary' when file contains UTF-8 chars near 200-byte mark",
        "similarity": 0.6956243820285828
      },
      {
        "issueNumber": 52749,
        "title": "[BUG] [v0.0.7] agent show crashes when UTF-8 prompt preview is truncated by byte index",
        "similarity": 0.659529363181688
      },
      {
        "issueNumber": 52486,
        "title": "[BUG] [v0.0.1] agent list description column truncation uses unsafe byte slice d[..35] — panics on non-ASCII descriptions",
        "similarity": 0.6580056420654021
      }
    ]
  },
  "editHistory": {
    "fraudScore": 0,
    "editCount": 0,
    "details": "No edits detected"
  },
  "codeVerification": {
    "plausible": true,
    "confidence": 1,
    "reasoning": "The code in `src/cortex-cli/src/agent_cmd/handlers/show.rs` slices the `prompt` string using `&prompt[..500]`. In Rust, string slicing is done by bytes, not characters. If the 500th byte falls inside a multi-byte UTF-8 character, the program will panic with \"byte index 500 is not a char boundary\". The screenshot shows this exact panic occurring in the CLI.",
    "codeEvidence": "let preview = if prompt.len() > 500 {\n    format!(\n        \"{}...\\n\\n(truncated, {} chars total)\",\n        &prompt[..500],\n        prompt.len()\n    )\n}",
    "screenshotValid": true,
    "screenshotReasoning": "The screenshot shows the actual CLI output with the Rust panic message \"byte index 500 is not a char boundary\", which matches the described bug and the code implementation."
  },
  "llmValidity": {
    "score": 0.050000000000000044,
    "reasoning": "The submission provides a clear, highly detailed report of a panic in the `cortex agent show` command caused by unsafe byte slicing (`&prompt[..500]`) on UTF-8 characters. It includes precise steps to reproduce, the expected versus actual behavior, the root cause in the code, and a screenshot as evidence. The report is technically sound and does not exhibit spam characteristics. However, a review of existing issues reveals that this exact bug has already been reported. Issue #52493 identifies the same unsafe byte slice `prompt[..500]` panic in the `agent show` system prompt preview, and issue #52749 reports the same crash for version v0.0.7. Since older issues take precedence, this submission is a duplicate."
  },
  "rules": {
    "codeResults": {
      "passed": [
        {
          "ruleId": "content.no-profanity",
          "category": "content",
          "severity": "flag",
          "passed": true,
          "message": "Issue should not contain excessive profanity or abusive language",
          "weight": 1
        },
        {
          "ruleId": "content.reasonable-length",
          "category": "content",
          "severity": "flag",
          "passed": true,
          "message": "Issue body should not exceed 15000 characters (possible spam dump)",
          "weight": 1
        },
        {
          "ruleId": "content.has-context",
          "category": "content",
          "severity": "penalize",
          "passed": true,
          "message": "Issue should mention the affected page, component, or URL",
          "weight": 0.2
        },
        {
          "ruleId": "media.require-evidence",
          "category": "media",
          "severity": "require",
          "passed": true,
          "message": "Issue must include at least one screenshot or video URL",
          "weight": 1
        },
        {
          "ruleId": "media.must-be-accessible",
          "category": "media",
          "severity": "require",
          "passed": true,
          "message": "All media URLs must be publicly accessible (HTTP 200)",
          "weight": 1
        },
        {
          "ruleId": "media.no-placeholder-urls",
          "category": "media",
          "severity": "reject",
          "passed": true,
          "message": "Media URLs should not be placeholder or example URLs",
          "weight": 1
        },
        {
          "ruleId": "scoring.suspicious-edits",
          "category": "scoring",
          "severity": "penalize",
          "passed": true,
          "message": "Penalize issues with concerning edit history (fraud score > 0.3)",
          "weight": 0.25
        },
        {
          "ruleId": "spam.high-score-reject",
          "category": "spam",
          "severity": "reject",
          "passed": true,
          "message": "Reject issues with spam score above 0.85",
          "weight": 1
        },
        {
          "ruleId": "spam.generic-title",
          "category": "spam",
          "severity": "penalize",
          "passed": true,
          "message": "Title should not be a generic/template title",
          "weight": 0.4
        },
        {
          "ruleId": "spam.body-is-title-repeat",
          "category": "spam",
          "severity": "penalize",
          "passed": true,
          "message": "Body should not be a simple repetition of the title",
          "weight": 0.5
        },
        {
          "ruleId": "spam.no-ai-filler",
          "category": "spam",
          "severity": "flag",
          "passed": true,
          "message": "Body should not contain obvious AI-generated filler phrases",
          "weight": 1
        },
        {
          "ruleId": "validity.min-body-length",
          "category": "validity",
          "severity": "reject",
          "passed": true,
          "message": "Issue body must be at least 50 characters",
          "weight": 1
        },
        {
          "ruleId": "validity.min-title-length",
          "category": "validity",
          "severity": "reject",
          "passed": true,
          "message": "Issue title must be at least 10 characters",
          "weight": 1
        },
        {
          "ruleId": "validity.no-empty-body",
          "category": "validity",
          "severity": "reject",
          "passed": true,
          "message": "Issue body must not be empty or only whitespace",
          "weight": 1
        },
        {
          "ruleId": "validity.has-steps-or-description",
          "category": "validity",
          "severity": "penalize",
          "passed": true,
          "message": "Issue body should contain structured content (steps, expected/actual behavior)",
          "weight": 0.3
        },
        {
          "ruleId": "validity.not-a-feature-request",
          "category": "validity",
          "severity": "flag",
          "passed": true,
          "message": "Issue should describe a bug, not a feature request",
          "weight": 1
        }
      ],
      "failed": [
        {
          "ruleId": "scoring.duplicate-threshold",
          "category": "scoring",
          "severity": "penalize",
          "passed": false,
          "message": "Issue has moderate similarity to existing issues, suggesting partial overlap.",
          "weight": 0.3
        }
      ]
    },
    "llmInstructions": [
      "Always prioritize concrete evidence (screenshots, videos, URLs) over the quality of the written description. A poorly written report with clear visual proof of a bug is VALID. A beautifully written report with no evidence is INVALID.",
      "A valid bug report must contain enough information for an engineer to reproduce the issue. If the steps to reproduce are missing or impossibly vague (\"it just broke\"), the issue is INVALID.",
      "You MUST call the deliver_verdict function exactly once. Do not output a JSON object manually. Do not output your verdict in plain text. Use the tool.",
      "Be highly suspicious of submissions that follow a rigid template: same structure, same phrasing, with only the page name or URL swapped. These are template-farmed and should be INVALID. Look for: identical sentence structure, placeholder-like descriptions, formulaic \"Steps to Reproduce\".",
      "When similar issues exist, the OLDER issue (lower issue number) always takes precedence. The newer submission is the duplicate, never the other way around.",
      "Confidence scores must be calibrated: use 0.9+ only when evidence is unambiguous and complete. Use 0.5-0.7 when the issue is borderline. Use below 0.5 when you are genuinely uncertain. Never default to 0.5 — commit to a direction.",
      "Do not give the benefit of the doubt. Missing evidence means INVALID. Unclear reproduction steps means INVALID. Inaccessible media means INVALID. The burden of proof is on the submitter.",
      "In the reasoning field, explain your step-by-step analysis BEFORE stating your conclusion. Cover: evidence quality, clarity, spam signals, and duplicate overlap in that order.",
      "Never mention internal scoring thresholds, rule IDs, detection heuristics, or system architecture in the recap field. The recap is public-facing. Keep reasoning technical but recap user-friendly.",
      "If the issue body reads like AI-generated boilerplate (phrases like \"It is important to note\", \"Furthermore\", \"In conclusion\", excessive politeness, no specific technical details), treat it as strong evidence of spam. AI-generated issues with no real bug details are INVALID.",
      "If the pre-computed media check says media URLs exist, verify the description matches what a screenshot would show. If the description talks about a login page but the context suggests the screenshot is of something unrelated, flag this as suspicious.",
      "Never soften a verdict out of sympathy. \"I can see you tried hard but...\" is not acceptable. If the submission does not meet criteria, it is INVALID regardless of apparent effort.",
      "Write your reasoning and recap in a professional, neutral tone. Do not be sarcastic, condescending, or emotional. State facts.",
      "The recap field must be 2-3 sentences maximum. It will be posted as a public comment. No bullet points in recap — use flowing prose."
    ],
    "totalCodeRules": 17,
    "totalLLMRules": 14,
    "hasReject": false,
    "hasFailed": true,
    "penaltyScore": 0.3,
    "summary": "1/17 code rules failed | 1 PENALIZE | 14 LLM instructions active"
  }
}

_{Validated by Atlas • 2026-04-16}