ralph-wiggum plugin: Bash command permission check fails on multi-line scripts with newlines

Open 💬 7 comments Opened Jan 2, 2026 by Pochetes

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Description

I'm encountering a permission check error when using the ralph-wiggum plugin from claude-plugins-official. The plugin's bash command contains newlines, which triggers Claude Code's security safeguards.

Error Message

Error: Bash command permission check failed for pattern "```!
"/Users/rmart/.claude/plugins/cache/claude-plugins-official/ralph-wiggum/6d3752c000e2/scripts/setup-ralph-loop.sh" "write 1+1 in a file" --max-iterations 25
# Extract and display completion promise if set
if [ -f .claude/ralph-loop.local.md ]; then
  PROMISE=$(grep '^completion_promise:' .claude/ralph-loop.local.md | sed 's/completion_promise: *//' | sed 's/^"\(.*\)"$/\1/')
...
```": Command contains newlines that could separate multiple commands

Steps to Reproduce

  1. Install the ralph-wiggum plugin from the official Claude plugins repository
  2. Run a task like: "write 1+1 in a file"
  3. Observe the permission check error

Expected Behavior

The plugin should be able to execute its bash scripts without triggering newline-based command separation security checks.

Root Cause

The ralph-wiggum plugin is attempting to run a multi-line bash script (setup-ralph-loop.sh) via the Bash tool. Claude Code's security checks prevent executing commands containing newlines because newlines could potentially be used to chain multiple commands together. This is a legitimate security concern, but it conflicts with the plugin's implementation approach.

Suggested Solution

The plugin maintainers should refactor the script to:

  1. Write the script to a temporary file first, then execute that file instead of embedding multi-line commands
  2. Or encode/structure the command to avoid passing raw newlines to the Bash execution layer

Environment

  • System: macOS
  • Plugin: ralph-wiggum (claude-plugins-official)
  • Claude Code: Latest version

What Should Happen?

The ralph-wiggum plugin should be able to execute its bash scripts without triggering newline-based command separation security checks. The plugin's multi-line setup script should run successfully and return proper completion promises without permission errors.

Error Messages/Logs

Error: Bash command permission check failed for pattern "!
"/Users/rmart/.claude/plugins/cache/claude-plugins-official/ralph-wiggum/6d3752c000e2/scripts/setup-ralph-loop.sh" "write 1+1 in a file" --max-iterations 25
# Extract and display completion promise if set
if [ -f .claude/ralph-loop.local.md ]; then
  PROMISE=$(grep '^completion_promise:' .claude/ralph-loop.local.md | sed 's/completion_promise: *//' | sed 's/^"\(.*\)"$/\1/')
  if [ -n "$PROMISE" ] && [ "$PROMISE" != "null" ]; then
    echo ""
    echo "═══════════════════════════════════════════════════════════"
    echo "CRITICAL - Ralph Loop Completion Promise"
    echo "═══════════════════════════════════════════════════════════"
...
": Command contains newlines that could separate multiple commands

Steps to Reproduce

  1. Install the ralph-wiggum plugin from claude-plugins-official
  2. Run a task with the plugin, e.g., "write 1+1 in a file"
  3. Observe that the plugin attempts to execute its setup-ralph-loop.sh bash script
  4. The bash command permission check fails with the error message about newlines
  5. The task does not complete because the script cannot be executed

Claude Model

None

Is this a regression?

No, this never worked

Last Working Version

_No response_

Claude Code Version

Latest

Platform

Anthropic API

Operating System

macOS

Terminal/Shell

Terminal.app (macOS)

Additional Information

This is a plugin-specific issue where the official ralph-wiggum plugin's bash script execution is blocked by Claude Code's security safeguards against command injection. The plugin attempts to execute a multi-line bash script that contains legitimate content, but the security check is overly restrictive for plugin use cases. The plugin maintainers should refactor their implementation to avoid passing raw newlines in bash commands.

View original on GitHub ↗

This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗