Files
wehub-resource-sync bb5c75ce05
Component Security Validation / Security Audit (push) Has been cancelled
Deploy to Cloudflare Pages / deploy (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:38:58 +08:00

1 line
865 B
JSON

{"content": "{\n \"description\": \"Detects destructive commands hidden inside shell wrappers (sh -c, bash -c, python3 -c, node -e, perl -e, ruby -e). Complements dangerous-command-blocker by catching bypass vectors like 'sh -c \\\"rm -rf /\\\"' that evade direct command checks. Covers 8 bypass patterns: interpreter one-liners, nested wrappers, pipe-to-shell, here-strings, and env-based wrappers.\",\n \"supportingFiles\": [\n {\n \"source\": \"shell-wrapper-guard.sh\",\n \"destination\": \".claude/hooks/shell-wrapper-guard.sh\",\n \"executable\": true\n }\n ],\n \"hooks\": {\n \"PreToolUse\": [\n {\n \"matcher\": \"Bash\",\n \"hooks\": [\n {\n \"type\": \"command\",\n \"command\": \"bash .claude/hooks/shell-wrapper-guard.sh\"\n }\n ]\n }\n ]\n }\n}\n"}