Re-validate instance name in DeleteInstance for improved security

pkg/manager/operations.go

@@ -288,12 +288,13 @@ func (im *instanceManager) DeleteInstance(name string) error {
 
 		// Delete the instance's config file if persistence is enabled
 		// Re-validate instance name for security (defense in depth)
-		if _, err := validation.ValidateInstanceName(name); err != nil {
+		validatedName, err := validation.ValidateInstanceName(name)
+		if err != nil {
 			return fmt.Errorf("invalid instance name for file deletion: %w", err)
 		}
-		instancePath := filepath.Join(im.instancesConfig.InstancesDir, name+".json")
+		instancePath := filepath.Join(im.instancesConfig.InstancesDir, validatedName+".json")
 		if err := os.Remove(instancePath); err != nil && !os.IsNotExist(err) {
-			return fmt.Errorf("failed to delete config file for remote instance %s: %w", name, err)
+			return fmt.Errorf("failed to delete config file for remote instance %s: %w", validatedName, err)
 		}
 
 		return nil
@@ -311,12 +312,13 @@ func (im *instanceManager) DeleteInstance(name string) error {
 
 	// Delete the instance's config file if persistence is enabled
 	// Re-validate instance name for security (defense in depth)
-	if _, err := validation.ValidateInstanceName(inst.Name); err != nil {
+	validatedName, err := validation.ValidateInstanceName(inst.Name)
+	if err != nil {
 		return fmt.Errorf("invalid instance name for file deletion: %w", err)
 	}
-	instancePath := filepath.Join(im.instancesConfig.InstancesDir, inst.Name+".json")
+	instancePath := filepath.Join(im.instancesConfig.InstancesDir, validatedName+".json")
 	if err := os.Remove(instancePath); err != nil && !os.IsNotExist(err) {
-		return fmt.Errorf("failed to delete config file for instance %s: %w", inst.Name, err)
+		return fmt.Errorf("failed to delete config file for instance %s: %w", validatedName, err)
 	}
 
 	return nil