Permission heuristic false-positive: echo "---" triggers 'quoted characters in flag names'

Resolved 💬 2 comments Opened Mar 5, 2026 by fbartho Closed Mar 5, 2026

Description

When Claude constructs a compound ls command with echo "---" as a visual separator, the permission system incorrectly flags it with:

Command contains quoted characters in flag names

Reproduction

This command triggers a permission prompt:

ls /path/to/dir1/ && echo "---" && ls /path/to/dir2/ && echo "---" && ls /path/to/dir3/

The "---" in echo "---" is not a flag — it's a string argument to echo. The heuristic appears to pattern-match quoted dash sequences without considering the command context.

Two issues

  1. Heuristic false-positive: The "quoted characters in flag names" check should not flag quoted arguments to echo/printf/similar output commands. "---" as an argument to echo is clearly a separator string, not an obfuscated flag.

Note: Claude was exploring the skills/agents/commands at the time. I did not tell it "list these directories". The prompt was "identify the tools that might be improved by <some new thing from the claude changelog>".

  1. Claude's command construction contributes: When asked to list multiple directories, Claude chains them into one compound command with decorative echo "---" separators instead of making separate ls/Glob calls. This compound construction is what introduces the pattern that triggers the false positive. If Claude used parallel tool calls (3 Glob or 3 Bash calls), no prompt would occur. The user had already granted ls permission — the prompt was unexpected.

Expected behavior

  • echo "---" should not trigger a permission prompt
  • Ideally, Claude should prefer parallel tool calls over compound shell commands with decorative separators

Environment

  • Claude Code CLI
  • macOS (Darwin)

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗