From 4dc33c256c936f496b1d9b4ccd225226a7bb138e Mon Sep 17 00:00:00 2001
From: Chuck <chuck@example.com>
Date: Sat, 30 May 2026 14:29:03 -0400
Subject: [PATCH] fix(plugin-loader): guard against empty basename when
 plugin_dir resolves to fs root

If plugin_dir somehow resolves to '/' or a bare drive root, os.path.basename()
returns '', causing safe_plugin_dir to equal plugins_dir_real and the isdir()
check to pass incorrectly. Reject early with a clear error in that case.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 src/plugin_system/plugin_loader.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/plugin_system/plugin_loader.py b/src/plugin_system/plugin_loader.py
index 7bf894e5..49d2e404 100644
--- a/src/plugin_system/plugin_loader.py
+++ b/src/plugin_system/plugin_loader.py
@@ -170,6 +170,9 @@ class PluginLoader:
             # CodeQL considers untainted.
             plugins_dir_real = os.path.realpath(str(plugins_dir))
             safe_dir_name = os.path.basename(plugin_dir_real)
+            if not safe_dir_name:
+                self.logger.error("Could not determine plugin directory name for %s", plugin_id)
+                return False
             safe_plugin_dir = os.path.join(plugins_dir_real, safe_dir_name)
             if not os.path.isdir(safe_plugin_dir):
                 self.logger.error(