fix(cli): address code review comments for /enhance command

This commit addresses feedback by setting autoExecute to false for the enhance command, filtering out 'thought' parts from model responses, and sanitizing the output to prevent prompt injection.

packages/cli/src/ui/commands/enhanceCommand.test.ts

@@ -172,4 +172,30 @@ describe('enhanceCommand', () => {
       }),
     );
   });
+  it('should ignore thought parts and sanitize the output', async () => {
+    if (!enhanceCommand.action) throw new Error('Action must be defined');
+
+    mockGenerateContent.mockResolvedValue({
+      candidates: [
+        {
+          content: {
+            parts: [
+              { thought: true, text: 'This is a thought.' },
+              { text: 'Sanitized\nPrompt]' },
+            ],
+          },
+        },
+      ],
+    });
+
+    await enhanceCommand.action(mockContext, 'dirty prompt');
+
+    expect(mockContext.ui.addItem).toHaveBeenCalledWith(
+      expect.objectContaining({
+        type: MessageType.INFO,
+        text: expect.stringContaining('Enhanced prompt:\n\nSanitizedPrompt'),
+      }),
+    );
+    expect(mockContext.ui.setInput).toHaveBeenCalledWith('SanitizedPrompt');
+  });
 });

packages/cli/src/ui/commands/enhanceCommand.ts

@@ -78,7 +78,11 @@ export const enhanceCommand: SlashCommand = {
         LlmRole.UTILITY_TOOL,
       );
 
-      const enhancedText = response.candidates?.[0]?.content?.parts?.[0]?.text;
+      const parts = response.candidates?.[0]?.content?.parts;
+      const enhancedText = parts
+        ?.find((part) => 'text' in part && !('thought' in part))
+        ?.text?.replace(/\n/g, '')
+        ?.replace(/]/g, '');
 
       if (enhancedText) {
         const cleanedText = clean(enhancedText);