It seems dashboard.snapcraft.io does little to no validation on the text fields (Title, Summary, and Description). In particular, I can have \n in title and summary, and arbitrary control characters in any of them. I'd expect the three of them to reject anything that isn't valid UTF-8; of Unicode, they should reject any control or private use character (that is: any character with class Cc or Co), and noncharacters. The exception being that description should accept \n. -- I'm tagging as a security issue because you can currently embed escape sequences into the summary, which is displayed unquoted in 'snap find' and can thus do potentially nasty things to the user's terminal. I don't think it's a _serious_ security risk, but it's nasty. "snap find counterintelligences" for a harmless example. Note the line drawing characters are done using VT100 drawing (i.e. DEC special characters set; it changes the character set the terminal uses).