fix(cli): validate whitespace-only prompts before quote-wrapping

Fixes bounty issue #1497

When a user provides a whitespace-only prompt like `cortex run "   "`, the
message was wrapped in quotes before validation, causing the validation check
to pass because the trimmed string contained quote characters. This allowed
whitespace-only prompts to be sent to the engine, causing hangs or empty streams.

The fix validates the original message content before quote-wrapping is applied,
properly catching whitespace-only prompts and returning a validation error.

Author: factorydroid

cortex-cli/src/run_cmd.rs

@@ -253,6 +253,10 @@ impl RunCli {
             bail!("top-p must be between 0.0 and 1.0, got {top_p}");
         }
 
+        // Check if original message args are all whitespace (before quote-wrapping)
+        // This catches cases like `cortex run "   "` which would otherwise pass validation
+        let message_args_all_whitespace = self.message.iter().all(|s| s.trim().is_empty());
+
         // Build the message from arguments
         let mut message = self
             .message
@@ -268,10 +272,12 @@ impl RunCli {
             .join(" ");
 
         // Read from stdin if not a TTY (piped input)
+        let mut has_stdin_content = false;
         if !io::stdin().is_terminal() {
             let mut stdin_content = String::new();
             io::stdin().lock().read_to_string(&mut stdin_content)?;
-            if !stdin_content.is_empty() {
+            if !stdin_content.trim().is_empty() {
+                has_stdin_content = true;
                 if !message.is_empty() {
                     message.push('\n');
                 }
@@ -280,7 +286,8 @@ impl RunCli {
         }
 
         // Validate we have something to do
-        if message.trim().is_empty() && self.command.is_none() {
+        // Use the pre-quote-wrap check for message args to catch whitespace-only prompts
+        if message_args_all_whitespace && !has_stdin_content && self.command.is_none() {
             bail!("You must provide a message or a --command");
         }
 
@@ -980,4 +987,25 @@ mod tests {
         assert!(!(0.0..=2.0).contains(&-0.1));
         assert!(!(0.0..=2.0).contains(&2.1));
     }
+
+    #[test]
+    fn test_whitespace_only_message_detection() {
+        // Test that whitespace-only messages are detected before quote-wrapping
+        let whitespace_args = vec!["   ".to_string()];
+        assert!(whitespace_args.iter().all(|s| s.trim().is_empty()));
+
+        let whitespace_args2 = vec!["  ".to_string(), "\t".to_string()];
+        assert!(whitespace_args2.iter().all(|s| s.trim().is_empty()));
+
+        // Test that non-whitespace messages are not detected as whitespace
+        let valid_args = vec!["hello".to_string()];
+        assert!(!valid_args.iter().all(|s| s.trim().is_empty()));
+
+        let mixed_args = vec!["   ".to_string(), "hello".to_string()];
+        assert!(!mixed_args.iter().all(|s| s.trim().is_empty()));
+
+        // Test empty message args
+        let empty_args: Vec<String> = vec![];
+        assert!(empty_args.iter().all(|s| s.trim().is_empty()));
+    }
 }