Bash Command Chaining Bypasses Safety Checks for Multi-Command Execution

Resolved 💬 5 comments Opened Mar 7, 2025 by FyZyX Closed Jun 3, 2025

Bug Description
When Claude uses the Bash tool, it can execute multiple commands at the same time with &&, which can circumvent protections against dangerous command execution.

In my case, it was able to execute a commit message without my consent by doing

cd /my/path && git commit -m "blah"

I think this is because I gave it permission to run cd commands freely in the session, and it saw the cd up front and allowed the entire command, even though it also included a git commit.

Obviously this is not so bad, but you can easily imagine scarier cases.

Environment Info

  • Platform: macos
  • Terminal: iTerm.app
  • Version: 0.2.32
  • Feedback ID: 465f7d0e-1427-41f4-b5c4-eff16337cc33

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗