[codex] harden authenticated routes and issue editor reliability (#3741)

## Thinking Path

> - Paperclip orchestrates AI agents for zero-human companies
> - The control plane depends on authenticated routes enforcing company
boundaries and role permissions correctly
> - This branch also touches the issue detail and markdown editing flows
operators use while handling advisory and triage work
> - Partial issue cache seeds and fragile rich-editor parsing could
leave important issue content missing or blank at the moment an operator
needed it
> - Blocked issues becoming actionable again should wake their assignee
automatically instead of silently staying idle
> - This pull request rebases the advisory follow-up branch onto current
`master`, hardens authenticated route authorization, and carries the
issue-detail/editor reliability fixes forward with regression tests
> - The benefit is tighter authz on sensitive routes plus more reliable
issue/advisory editing and wakeup behavior on top of the latest base

## What Changed

- Hardened authenticated route authorization across agent, activity,
approval, access, project, plugin, health, execution-workspace,
portability, and related server paths, with new cross-tenant and
runtime-authz regression coverage.
- Switched issue detail queries from `initialData` to placeholder-based
hydration so list/quicklook seeds still refetch full issue bodies.
- Normalized advisory-style HTML images before mounting the markdown
editor and strengthened fallback behavior when the rich editor silently
fails or rejects the content.
- Woke assigned agents when blocked issues move back to `todo`, with
route coverage for reopen and unblock transitions.
- Rebasing note: this branch now sits cleanly on top of the latest
`master` tip used for the PR base.

## Verification

- `pnpm exec vitest run ui/src/lib/issueDetailQuery.test.tsx
ui/src/components/MarkdownEditor.test.tsx
server/src/__tests__/issue-comment-reopen-routes.test.ts
server/src/__tests__/activity-routes.test.ts
server/src/__tests__/agent-cross-tenant-authz-routes.test.ts`
- Confirmed `pnpm-lock.yaml` is not part of the PR diff.
- Rebased the branch onto current `public-gh/master` before publishing.

## Risks

- Broad authz tightening may expose existing flows that were relying on
permissive board or agent access and now need explicit grants.
- Markdown editor fallback changes could affect focus or rendering in
edge-case content that mixes HTML-like advisory markup with normal
markdown.
- This verification was intentionally scoped to touched regressions and
did not run the full repository suite.

## Model Used

- OpenAI Codex, GPT-5-based coding agent in the Codex CLI environment
with tool use for terminal, git, and GitHub operations. The exact
runtime model identifier is not exposed inside this session.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, it is behavior-only and does not
need before/after screenshots
- [x] I have updated relevant documentation to reflect my changes, or no
documentation changes were needed for these internal fixes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>

ui/src/components/InlineEditor.test.tsx

@@ -164,6 +164,62 @@ describe("InlineEditor", () => {
     });
     outside.remove();
   });
+
+  it("syncs a new multiline value while focused when the user has not edited locally", () => {
+    const onSave = vi.fn().mockResolvedValue(undefined);
+    const root = createRoot(container);
+
+    act(() => {
+      root.render(<InlineEditor value="" multiline onSave={onSave} />);
+    });
+
+    const textarea = container.querySelector<HTMLTextAreaElement>('[data-testid="multiline-md-mock"]');
+    expect(textarea).not.toBeNull();
+    expect(textarea?.value).toBe("");
+
+    act(() => {
+      textarea!.focus();
+    });
+
+    act(() => {
+      root.render(<InlineEditor value="Loaded description" multiline onSave={onSave} />);
+    });
+
+    expect(textarea?.value).toBe("Loaded description");
+
+    act(() => {
+      root.unmount();
+    });
+  });
+
+  it("preserves focused multiline local edits when the prop value changes underneath them", () => {
+    const onSave = vi.fn().mockResolvedValue(undefined);
+    const root = createRoot(container);
+
+    act(() => {
+      root.render(<InlineEditor value="Original" multiline onSave={onSave} />);
+    });
+
+    const textarea = container.querySelector<HTMLTextAreaElement>('[data-testid="multiline-md-mock"]');
+    expect(textarea).not.toBeNull();
+
+    act(() => {
+      textarea!.focus();
+    });
+    act(() => {
+      setNativeTextareaValue(textarea!, "Local draft");
+    });
+
+    act(() => {
+      root.render(<InlineEditor value="Remote update" multiline onSave={onSave} />);
+    });
+
+    expect(textarea?.value).toBe("Local draft");
+
+    act(() => {
+      root.unmount();
+    });
+  });
 });
 
 describe("queueContainedBlurCommit", () => {

ui/src/components/InlineEditor.tsx

@@ -54,6 +54,7 @@ export function InlineEditor({
   const [editing, setEditing] = useState(false);
   const [multilineFocused, setMultilineFocused] = useState(false);
   const [draft, setDraft] = useState(value);
+  const lastPropValueRef = useRef(value);
   const inputRef = useRef<HTMLTextAreaElement>(null);
   const markdownRef = useRef<MarkdownEditorRef>(null);
   const autosaveDebounceRef = useRef<ReturnType<typeof setTimeout> | null>(null);
@@ -66,8 +67,14 @@ export function InlineEditor({
   } = useAutosaveIndicator();
 
   useEffect(() => {
-    if (multiline && multilineFocused) return;
-    setDraft(value);
+    const previousValue = lastPropValueRef.current;
+    lastPropValueRef.current = value;
+    setDraft((currentDraft) => {
+      if (multiline && multilineFocused && currentDraft !== previousValue) {
+        return currentDraft;
+      }
+      return value;
+    });
   }, [value, multiline, multilineFocused]);
 
   useEffect(() => {

ui/src/components/IssueLinkQuicklook.tsx

@@ -6,8 +6,7 @@ import { useQuery, useQueryClient } from "@tanstack/react-query";
 import { timeAgo } from "@/lib/timeAgo";
 import { createIssueDetailPath, withIssueDetailHeaderSeed } from "@/lib/issueDetailBreadcrumb";
 import {
-  fetchIssueDetail,
-  getCachedIssueDetail,
+  getIssueDetailQueryOptions,
   ISSUE_DETAIL_STALE_TIME_MS,
   prefetchIssueDetail,
 } from "@/lib/issueDetailCache";
@@ -98,12 +97,9 @@ export const IssueLinkQuicklook = React.forwardRef<
   const queryClient = useQueryClient();
   const [open, setOpen] = useState(false);
   const prefetchedState = issuePrefetch ? withIssueDetailHeaderSeed(state, issuePrefetch) : state;
-  const cachedIssue = getCachedIssueDetail(queryClient, issuePathId, issuePrefetch ?? undefined);
   const { data, isLoading } = useQuery({
-    queryKey: queryKeys.issues.detail(issuePathId),
-    queryFn: () => fetchIssueDetail(queryClient, issuePathId),
+    ...getIssueDetailQueryOptions(queryClient, issuePathId, { placeholderIssue: issuePrefetch ?? undefined }),
     enabled: open,
-    initialData: () => cachedIssue,
     staleTime: ISSUE_DETAIL_STALE_TIME_MS,
   });
 

ui/src/components/MarkdownBody.test.tsx

@@ -96,6 +96,13 @@ describe("MarkdownBody", () => {
     expect(html).toContain('data-mention-kind="skill"');
   });
 
+  it("sanitizes unsafe javascript markdown links", () => {
+    const html = renderMarkdown("[click me](javascript:alert(document.cookie))");
+
+    expect(html).toContain('<a href="" rel="noreferrer">click me</a>');
+    expect(html).not.toContain("javascript:");
+  });
+
   it("uses soft-break styling by default", () => {
     const html = renderMarkdown("First line\nSecond line");
 

ui/src/components/MarkdownBody.tsx

@@ -1,6 +1,6 @@
 import { isValidElement, useEffect, useId, useState, type ReactNode } from "react";
 import { useQuery } from "@tanstack/react-query";
-import Markdown, { type Components, type Options } from "react-markdown";
+import Markdown, { defaultUrlTransform, type Components, type Options } from "react-markdown";
 import remarkGfm from "remark-gfm";
 import { cn } from "../lib/utils";
 import { useTheme } from "../context/ThemeContext";
@@ -71,6 +71,10 @@ function extractMermaidSource(children: ReactNode): string | null {
   return flattenText(childProps.children).replace(/\n$/, "");
 }
 
+function safeMarkdownUrlTransform(url: string): string {
+  return parseMentionChipHref(url) ? url : defaultUrlTransform(url);
+}
+
 function MermaidDiagramBlock({ source, darkMode }: { source: string; darkMode: boolean }) {
   const renderId = useId().replace(/[^a-zA-Z0-9_-]/g, "");
   const [svg, setSvg] = useState<string | null>(null);
@@ -215,7 +219,11 @@ export function MarkdownBody({
       )}
       style={style}
     >
-      <Markdown remarkPlugins={remarkPlugins} components={components} urlTransform={(url) => url}>
+      <Markdown
+        remarkPlugins={remarkPlugins}
+        components={components}
+        urlTransform={safeMarkdownUrlTransform}
+      >
         {children}
       </Markdown>
     </div>

ui/src/components/MarkdownEditor.test.tsx

@@ -19,6 +19,7 @@ const mdxEditorMockState = vi.hoisted(() => ({
   emitMountParseError: false,
   emitMountSilentEmptyState: false,
   markdownValues: [] as string[],
+  suppressHtmlProcessingValues: [] as boolean[],
 }));
 
 vi.mock("@mdxeditor/editor", async () => {
@@ -41,16 +42,19 @@ vi.mock("@mdxeditor/editor", async () => {
       onChange,
       onError,
       className,
+      suppressHtmlProcessing,
     }: {
       markdown: string;
       placeholder?: string;
       onChange?: (value: string) => void;
       onError?: (error: unknown) => void;
+      suppressHtmlProcessing?: boolean;
       className?: string;
     },
     forwardedRef: React.ForwardedRef<{ setMarkdown: (value: string) => void; focus: () => void } | null>,
   ) {
     mdxEditorMockState.markdownValues.push(markdown);
+    mdxEditorMockState.suppressHtmlProcessingValues.push(Boolean(suppressHtmlProcessing));
     const [content, setContent] = React.useState(markdown);
     const editableRef = React.useRef<HTMLDivElement>(null);
     const handle = React.useMemo(() => ({
@@ -59,8 +63,16 @@ vi.mock("@mdxeditor/editor", async () => {
     }), []);
 
     React.useEffect(() => {
+      if (!suppressHtmlProcessing && markdown.includes("<img ")) {
+        setContent("");
+        onError?.({
+          error: "Error parsing markdown: HTML-like formatting requires suppressHtmlProcessing",
+          source: markdown,
+        });
+        return;
+      }
       setContent(markdown);
-    }, [markdown]);
+    }, [markdown, onError, suppressHtmlProcessing]);
 
     React.useEffect(() => {
       setForwardedRef(forwardedRef, null);
@@ -165,6 +177,7 @@ describe("MarkdownEditor", () => {
     mdxEditorMockState.emitMountParseError = false;
     mdxEditorMockState.emitMountSilentEmptyState = false;
     mdxEditorMockState.markdownValues = [];
+    mdxEditorMockState.suppressHtmlProcessingValues = [];
   });
 
   it("applies async external value updates once the editor ref becomes ready", async () => {
@@ -238,6 +251,7 @@ describe("MarkdownEditor", () => {
     await flush();
     expect(mdxEditorMockState.markdownValues.at(-1)).toContain("![image](https://example.com/test.png)");
     expect(mdxEditorMockState.markdownValues.at(-1)).not.toContain("<img");
+    expect(mdxEditorMockState.suppressHtmlProcessingValues).toContain(false);
     expect(container.textContent).toContain("Before");
     expect(container.textContent).toContain("After");
 
@@ -262,11 +276,9 @@ describe("MarkdownEditor", () => {
     });
 
     await flush();
-
     await vi.waitFor(() => {
       expect(container.querySelector("textarea")).not.toBeNull();
     });
-
     const textarea = container.querySelector("textarea");
     expect(textarea).not.toBeNull();
     expect(textarea?.value).toBe("Affected versions: <= v0.3.1");
@@ -294,11 +306,9 @@ describe("MarkdownEditor", () => {
     });
 
     await flush();
-
     await vi.waitFor(() => {
       expect(container.querySelector("textarea")).not.toBeNull();
     });
-
     const textarea = container.querySelector("textarea");
     expect(textarea).not.toBeNull();
     expect(textarea?.value).toBe("Affected versions: <= v0.3.1");
@@ -309,7 +319,6 @@ describe("MarkdownEditor", () => {
       root.unmount();
     });
   });
-
   it("anchors the mention menu inside the visual viewport when mobile offsets are present", () => {
     expect(
       computeMentionMenuPosition(

ui/src/lib/issueDetailCache.ts

@@ -84,6 +84,20 @@ export async function fetchIssueDetail(
   return seedIssueDetailCache(queryClient, issue, { issueRef });
 }
 
+export function getIssueDetailQueryOptions(
+  queryClient: QueryClient,
+  issueRef: string,
+  options?: {
+    placeholderIssue?: Pick<Issue, "id" | "identifier"> | null;
+  },
+) {
+  return {
+    queryKey: queryKeys.issues.detail(issueRef),
+    queryFn: () => fetchIssueDetail(queryClient, issueRef),
+    placeholderData: getCachedIssueDetail(queryClient, issueRef, options?.placeholderIssue ?? undefined),
+  };
+}
+
 export function prefetchIssueDetail(
   queryClient: QueryClient,
   issueRef: string,

ui/src/lib/issueDetailQuery.test.tsx

@@ -0,0 +1,129 @@
+// @vitest-environment jsdom
+
+import { act } from "react";
+import { createRoot } from "react-dom/client";
+import type { Issue } from "@paperclipai/shared";
+import { QueryClient, QueryClientProvider, useQuery, useQueryClient } from "@tanstack/react-query";
+import { afterEach, describe, expect, it, vi } from "vitest";
+import { issuesApi } from "@/api/issues";
+import { queryKeys } from "@/lib/queryKeys";
+import { getIssueDetailQueryOptions } from "./issueDetailCache";
+
+vi.mock("@/api/issues", () => ({
+  issuesApi: {
+    get: vi.fn(),
+  },
+}));
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+(globalThis as any).IS_REACT_ACT_ENVIRONMENT = true;
+
+function makeIssue(overrides: Partial<Issue> = {}): Issue {
+  const now = new Date("2026-04-13T20:00:00.000Z");
+  return {
+    id: "issue-1",
+    companyId: "company-1",
+    projectId: null,
+    projectWorkspaceId: null,
+    goalId: null,
+    parentId: null,
+    title: "Issue title",
+    description: null,
+    status: "todo",
+    priority: "medium",
+    assigneeAgentId: null,
+    assigneeUserId: null,
+    checkoutRunId: null,
+    executionRunId: null,
+    executionAgentNameKey: null,
+    executionLockedAt: null,
+    createdByAgentId: null,
+    createdByUserId: null,
+    issueNumber: 1442,
+    identifier: "PAP-1442",
+    requestDepth: 0,
+    billingCode: null,
+    assigneeAdapterOverrides: null,
+    executionWorkspaceId: null,
+    executionWorkspacePreference: null,
+    executionWorkspaceSettings: null,
+    startedAt: null,
+    completedAt: null,
+    cancelledAt: null,
+    hiddenAt: null,
+    createdAt: now,
+    updatedAt: now,
+    ...overrides,
+  };
+}
+
+function IssueDetailQueryHarness({
+  issueRef,
+  placeholderIssue,
+}: {
+  issueRef: string;
+  placeholderIssue?: Pick<Issue, "id" | "identifier"> | null;
+}) {
+  const queryClient = useQueryClient();
+  const query = useQuery({
+    ...getIssueDetailQueryOptions(queryClient, issueRef, { placeholderIssue }),
+  });
+
+  return <div>{query.data?.description ?? "EMPTY"}</div>;
+}
+
+async function flush() {
+  // Multiple act cycles to allow React Query to process the async queryFn
+  for (let i = 0; i < 5; i++) {
+    await act(async () => {
+      await new Promise((r) => setTimeout(r, 0));
+    });
+  }
+}
+
+describe("getIssueDetailQueryOptions", () => {
+  afterEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it("treats cached issue data as placeholder and still fetches full detail", async () => {
+    const container = document.createElement("div");
+    document.body.appendChild(container);
+    const root = createRoot(container);
+    const queryClient = new QueryClient({
+      defaultOptions: {
+        queries: {
+          retry: false,
+        },
+      },
+    });
+    const partialIssue = makeIssue({ description: null });
+    const fullIssue = makeIssue({ description: "GitHub Security Advisory body" });
+
+    queryClient.setQueryData(queryKeys.issues.detail("issue-1"), partialIssue);
+    queryClient.setQueryData(queryKeys.issues.detail("PAP-1442"), partialIssue);
+    vi.mocked(issuesApi.get).mockResolvedValue(fullIssue);
+
+    await act(async () => {
+      root.render(
+        <QueryClientProvider client={queryClient}>
+          <IssueDetailQueryHarness
+            issueRef="PAP-1442"
+            placeholderIssue={{ id: partialIssue.id, identifier: partialIssue.identifier }}
+          />
+        </QueryClientProvider>,
+      );
+    });
+
+    await flush();
+
+    expect(issuesApi.get).toHaveBeenCalledWith("PAP-1442");
+    expect(container.textContent).toContain("GitHub Security Advisory body");
+
+    await act(async () => {
+      root.unmount();
+    });
+    queryClient.clear();
+    container.remove();
+  });
+});

ui/src/pages/IssueDetail.tsx

@@ -28,7 +28,8 @@ import {
   readIssueDetailHeaderSeed,
   rememberIssueDetailLocationState,
 } from "../lib/issueDetailBreadcrumb";
-import { fetchIssueDetail, getCachedIssueDetail } from "../lib/issueDetailCache";
+import { resolveIssueActiveRun, shouldTrackIssueActiveRun } from "../lib/issueActiveRun";
+import { getIssueDetailQueryOptions } from "../lib/issueDetailCache";
 import {
   hasBlockingShortcutDialog,
   resolveIssueDetailGoKeyAction,
@@ -882,22 +883,15 @@ export function IssueDetail() {
     () => readIssueDetailHeaderSeed(location.state) ?? readIssueDetailHeaderSeed(resolvedIssueDetailState),
     [location.state, resolvedIssueDetailState],
   );
-  const cachedIssue = useMemo(
-    () =>
-      issueId
-        ? getCachedIssueDetail(queryClient, issueId, issueHeaderSeed ? {
-            id: issueHeaderSeed.id,
-            identifier: issueHeaderSeed.identifier,
-          } : null)
-        : undefined,
-    [issueHeaderSeed, issueId, queryClient],
-  );
 
   const { data: issue, isLoading, error } = useQuery({
-    queryKey: queryKeys.issues.detail(issueId!),
-    queryFn: () => fetchIssueDetail(queryClient, issueId!),
+    ...getIssueDetailQueryOptions(queryClient, issueId!, {
+      placeholderIssue: issueHeaderSeed ? {
+        id: issueHeaderSeed.id,
+        identifier: issueHeaderSeed.identifier,
+      } : null,
+    }),
     enabled: !!issueId,
-    initialData: () => cachedIssue,
   });
   const resolvedCompanyId = issue?.companyId ?? selectedCompanyId;
   const commentComposerDisabledReason = useMemo(() => {