azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: azcomputerguru:46485af0092c7d812c786b9051b5d79cbcb520e0
Branches Tags
azcomputerguru:main azcomputerguru:feature/real-time-tunnel azcomputerguru:ad2
..
compare: azcomputerguru:e31162f3b877f398870f529823ffee26fc0e38fc
Branches Tags
azcomputerguru:main azcomputerguru:feature/real-time-tunnel azcomputerguru:ad2

2 Commits
46485af009 ... e31162f3b8

Author SHA1 Message Date
Mike Swanson
e31162f3b8 sync: auto-sync from DESKTOP-0O8A1RL at 2026-05-12 18:20:46 
Author: Mike Swanson
Machine: DESKTOP-0O8A1RL
Timestamp: 2026-05-12 18:20:46
 2026-05-12 18:20:46 -07:00
Mike Swanson
4b03334304 feat: Claude Code pre-bash hooks for PowerShell and path enforcement 
Block inline pwsh -Command/-c (force .ps1 file approach) and
Windows backslash paths in Bash commands (enforce forward slashes).

Eliminates the 2-3 retry loop on PowerShell operations and prevents
the /tmp path mismatch that caused the stale-payload Syncro incident.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-12 17:40:37 -07:00
4 changed files with 54 additions and 2 deletions
Expand all files Collapse all files

26
.claude/hooks/pre-bash-backslash.sh Normal file
View File

@@ -0,0 +1,26 @@
#!/usr/bin/env bash
# Pre-tool hook: block Windows backslash paths in Bash commands.
#
# Blocks patterns like C:\Users\foo passed inside Bash command strings.
# Enforces forward slashes: C:/Users/foo
#
# Why: Git Bash mangles backslash paths — C:\tmp writes to a different
# directory than the Write tool's C:\tmp, causing stale payload bugs.
input=$(cat)
cmd=$(echo "$input" | jq -r '.tool_input.command // ""' 2>/dev/null)
# Match a drive letter followed by a literal backslash in the command.
# In the extracted command string (not JSON-escaped), backslash is just \.
if echo "$cmd" | grep -qE '[A-Za-z]:\\[A-Za-z/\\]'; then
echo "BLOCKED: Use forward slashes for Windows paths in Bash commands."
echo ""
echo " Wrong: C:\\Users\\guru\\file.txt"
echo " Correct: C:/Users/guru/file.txt"
echo ""
echo "Git Bash converts backslash paths unpredictably. PowerShell and Windows"
echo "APIs both accept forward slashes without issue."
exit 2
fi
exit 0

26
.claude/hooks/pre-bash-pwsh-script.sh Normal file
View File

@@ -0,0 +1,26 @@
#!/usr/bin/env bash
# Pre-tool hook: block inline PowerShell, enforce .ps1 file approach.
#
# Blocks powershell.exe -Command and pwsh -Command / pwsh -c inline execution.
# Forces: write a .ps1 file, then run pwsh -NoProfile -File script.ps1
#
# Why: Git Bash expands $_ and mangles quoting before PowerShell sees the
# command. Inline execution fails 2-3 times before landing on the .ps1 approach.
input=$(cat)
cmd=$(echo "$input" | jq -r '.tool_input.command // ""' 2>/dev/null)
# Match: (powershell[.exe] | pwsh) followed by -Command or -c (as a flag, not a filename)
if echo "$cmd" | grep -qiE '^\s*(powershell(\.exe)?|pwsh)\s+(-Command|-c) ' || \
echo "$cmd" | grep -qiE '^\s*(powershell(\.exe)?|pwsh)\s+(-Command|-c)$'; then
echo "BLOCKED: Do not use powershell.exe or pwsh with inline -Command/-c arguments."
echo ""
echo "Git Bash mangles quoting and variable expansion before PowerShell sees the command."
echo ""
echo "Correct approach:"
echo " 1. Write the script using the Write tool to a .ps1 file"
echo " 2. Run: pwsh -NoProfile -File \"path/to/script.ps1\""
exit 2
fi
exit 0

2
.claude/scheduled_tasks.lock
View File

@@ -1 +1 @@
{"sessionId":"bb6994f9-af09-43bb-878c-0461b669706b","pid":28492,"acquiredAt":1778626705410} {"sessionId":"6a57138d-cebd-4d89-ae22-800420e34018","pid":40628,"acquiredAt":1778633056936}

2
projects/msp-tools/guru-rmm

Submodule projects/msp-tools/guru-rmm updated: 90e8ae60bf...f52156ce72