permissions hook helper
Make shell metacharacter rejection message blunt and explicit for agents
+1
-1
+1
-1
example.toml
+1
-1
example.toml
···
29
29
[[deny]]
30
30
tool = "Bash"
31
31
command_regex = "&|;|\\||`|\\$\\("
32
-
reason = "Shell metacharacters (&, ;, |, `, $()) are not auto-approved. Run each command independently as separate Bash calls, use a package.json script, or use single-line commit messages with code comments for detail."
32
+
reason = "BLOCKED: Command contains shell metacharacters (&, ;, |, `, $()). You MUST run exactly ONE command per Bash call. Do NOT chain commands with && or ;. Do NOT use pipes. Do NOT use subshells. Split into separate Bash calls instead."
33
33
34
34
# === ALLOW RULES (checked after deny) ===
35
35