diff options
| author | nsfisis <nsfisis@gmail.com> | 2025-06-27 01:14:29 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2025-06-27 01:14:29 +0900 |
| commit | a6e65ea70f2c4ec26cc38cf6137e80f4c596e7cc (patch) | |
| tree | 1fc5df6ff9e9454d4ca9970487a20290a3683aac /home-manager/config/bash | |
| parent | 1ef93b823d7414c9eabbe5625d25e8c63f0c6f1d (diff) | |
| download | dotfiles-a6e65ea70f2c4ec26cc38cf6137e80f4c596e7cc.tar.gz dotfiles-a6e65ea70f2c4ec26cc38cf6137e80f4c596e7cc.tar.zst dotfiles-a6e65ea70f2c4ec26cc38cf6137e80f4c596e7cc.zip | |
claude-code: prevent claude from running `find` or `fd` with dangerous actions
Diffstat (limited to 'home-manager/config/bash')
| -rw-r--r-- | home-manager/config/bash/.bashrc | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/home-manager/config/bash/.bashrc b/home-manager/config/bash/.bashrc new file mode 100644 index 0000000..39d2837 --- /dev/null +++ b/home-manager/config/bash/.bashrc @@ -0,0 +1,44 @@ +# Safe wrappers for Claude Code +if [[ -n "$CLAUDECODE" ]]; then + # Safe wrapper for find command + find() { + local has_dangerous=0 + + for arg in "$@"; do + case "$arg" in + -delete|-exec|-execdir|-fls|-fprint|-fprint0|-fprintf|-ok|-okdir) + has_dangerous=1 + break + ;; + esac + done + + if [[ $has_dangerous == 1 ]]; then + echo "Error: dangerous actions, -delete/-exec/-execdir/-fls/-fprint/-fprint0/-fprintf/-ok/-okdir, are not allowed in Claude Code environment" >&2 + return 1 + fi + + command find "$@" + } + + # Safe wrapper for fd command + fd() { + local has_dangerous=0 + + for arg in "$@"; do + case "$arg" in + -x|--exec|-X|--exec-batch) + has_dangerous=1 + break + ;; + esac + done + + if [[ $has_dangerous == 1 ]]; then + echo "Error: dangerous actions, -x/--exec/-X/--exec-batch, are not allowed in Claude Code environment" >&2 + return 1 + fi + + command fd "$@" + } +fi |