improvement(file-block): add get operation

[Sg312]

Summary

File block get

Type of Change

• Bug fix

Testing

Manual

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		May 14, 2026 1:28am

[greptile-apps]

Greptile Summary

This PR adds a "Get" operation to the File block, letting users retrieve workspace file metadata by selecting a file from the UI (basic mode) or supplying a file ID directly (advanced mode). The new file_get tool, route handler case, Zod schema, and block config are all wired together consistently.

• New file_get tool (tools/file/get.ts, registry.ts, tools/file/index.ts): calls POST /api/tools/file/manage with operation: 'get' and returns the file object; follows existing append/write patterns.
• Route handler (app/api/tools/file/manage/route.ts): resolves the file either from an already-hydrated fileInput object (fast-path) or by querying the DB with fileId; the fast-path echoes client-supplied data without validation (see inline comment).
• Block config (blocks/blocks/file.ts): adds the "Get" dropdown entry and two sub-blocks sharing canonicalParamId: 'getFileInput', matching the existing append pattern.

Confidence Score: 3/5

The file ID path is safe; the fileInput fast-path returns whatever the caller sends without any server-side validation.

The block config, tool definition, and registry changes are straightforward and follow existing patterns. The route handler's fileInput fast-path blindly echoes a client-supplied object — authenticated callers can inject an arbitrary URL into the returned file object, which downstream workflow blocks may then fetch.

apps/sim/app/api/tools/file/manage/route.ts and apps/sim/lib/api/contracts/tools/file.ts need attention around the fileInput handling in the new get case.

Security Review

• Data injection / SSRF via unvalidated fileInput pass-through (app/api/tools/file/manage/route.ts, lines 47-49): the get case returns any object supplied in fileInput verbatim (schema uses z.any(), no field-level validation). An authenticated caller can craft a fileInput with an arbitrary url that gets propagated as a trusted file object to downstream workflow blocks, which may then fetch that URL.

Important Files Changed

Filename	Overview
apps/sim/app/api/tools/file/manage/route.ts	Adds get case to the file manage route; the fileInput fast-path echoes unvalidated client data back as a trusted file object, creating a potential SSRF/data-injection vector.
apps/sim/lib/api/contracts/tools/file.ts	New fileManageGetBodySchema added; uses z.any() for fileInput and makes both nullable inputs optional without a schema-level mutual-exclusion check.
apps/sim/tools/file/get.ts	New file_get tool definition; clean structure, correctly delegates to the manage API and transforms the response.
apps/sim/blocks/blocks/file.ts	Adds "Get" operation to the file block dropdown with basic/advanced sub-block modes; correctly routes to file_get tool and builds params.
apps/sim/tools/file/index.ts	Exports fileGetTool alongside existing file tools — no issues.
apps/sim/tools/registry.ts	Registers file_get in the tool registry; change is minimal and correct.

_{Reviews (1): Last reviewed commit: "Lint" | Re-trigger Greptile}