Mike Swanson
4b03334304
Block inline pwsh -Command/-c (force .ps1 file approach) and Windows backslash paths in Bash commands (enforce forward slashes). Eliminates the 2-3 retry loop on PowerShell operations and prevents the /tmp path mismatch that caused the stale-payload Syncro incident. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
27 lines
989 B
Bash
27 lines
989 B
Bash
#!/usr/bin/env bash
|
|
# Pre-tool hook: block Windows backslash paths in Bash commands.
|
|
#
|
|
# Blocks patterns like C:\Users\foo passed inside Bash command strings.
|
|
# Enforces forward slashes: C:/Users/foo
|
|
#
|
|
# Why: Git Bash mangles backslash paths — C:\tmp writes to a different
|
|
# directory than the Write tool's C:\tmp, causing stale payload bugs.
|
|
|
|
input=$(cat)
|
|
cmd=$(echo "$input" | jq -r '.tool_input.command // ""' 2>/dev/null)
|
|
|
|
# Match a drive letter followed by a literal backslash in the command.
|
|
# In the extracted command string (not JSON-escaped), backslash is just \.
|
|
if echo "$cmd" | grep -qE '[A-Za-z]:\\[A-Za-z/\\]'; then
|
|
echo "BLOCKED: Use forward slashes for Windows paths in Bash commands."
|
|
echo ""
|
|
echo " Wrong: C:\\Users\\guru\\file.txt"
|
|
echo " Correct: C:/Users/guru/file.txt"
|
|
echo ""
|
|
echo "Git Bash converts backslash paths unpredictably. PowerShell and Windows"
|
|
echo "APIs both accept forward slashes without issue."
|
|
exit 2
|
|
fi
|
|
|
|
exit 0
|