fix: harden ssh target handling

apps/macos/Tests/ClawdbotIPCTests/CommandResolverTests.swift

@@ -123,11 +123,16 @@ import Testing
             configRoot: [:])
 
         #expect(cmd.first == "/usr/bin/ssh")
-        #expect(cmd.contains("clawd@example.com"))
+        if let marker = cmd.firstIndex(of: "--") {
+            #expect(cmd[marker + 1] == "clawd@example.com")
+        } else {
+            #expect(Bool(false))
+        }
         #expect(cmd.contains("-i"))
         #expect(cmd.contains("/tmp/id_ed25519"))
         if let script = cmd.last {
-            #expect(script.contains("cd '/srv/clawdbot'"))
+            #expect(script.contains("PRJ='/srv/clawdbot'"))
+            #expect(script.contains("cd \"$PRJ\""))
             #expect(script.contains("clawdbot"))
             #expect(script.contains("status"))
             #expect(script.contains("--json"))
@@ -135,6 +140,12 @@ import Testing
         }
     }
 
+    @Test func rejectsUnsafeSSHTargets() async throws {
+        #expect(CommandResolver.parseSSHTarget("-oProxyCommand=calc") == nil)
+        #expect(CommandResolver.parseSSHTarget("host:-oProxyCommand=calc") == nil)
+        #expect(CommandResolver.parseSSHTarget("user@host:2222")?.port == 2222)
+    }
+
     @Test func configRootLocalOverridesRemoteDefaults() async throws {
         let defaults = self.makeDefaults()
         defaults.set(AppState.ConnectionMode.remote.rawValue, forKey: connectionModeKey)

apps/macos/Tests/ClawdbotIPCTests/MasterDiscoveryMenuSmokeTests.swift

@@ -11,7 +11,12 @@ struct MasterDiscoveryMenuSmokeTests {
         discovery.statusText = "Searching…"
         discovery.gateways = []
 
-        let view = GatewayDiscoveryInlineList(discovery: discovery, currentTarget: nil, onSelect: { _ in })
+        let view = GatewayDiscoveryInlineList(
+            discovery: discovery,
+            currentTarget: nil,
+            currentUrl: nil,
+            transport: .ssh,
+            onSelect: { _ in })
         _ = view.body
     }
 
@@ -32,7 +37,12 @@ struct MasterDiscoveryMenuSmokeTests {
         ]
 
         let currentTarget = "\(NSUserName())@office.tailnet-123.ts.net:2222"
-        let view = GatewayDiscoveryInlineList(discovery: discovery, currentTarget: currentTarget, onSelect: { _ in })
+        let view = GatewayDiscoveryInlineList(
+            discovery: discovery,
+            currentTarget: currentTarget,
+            currentUrl: nil,
+            transport: .ssh,
+            onSelect: { _ in })
         _ = view.body
     }