Bash Command Chaining Bypasses Safety Checks for Multi-Command Execution
Resolved 💬 5 comments Opened Mar 7, 2025 by FyZyX Closed Jun 3, 2025
Bug Description
When Claude uses the Bash tool, it can execute multiple commands at the same time with &&, which can circumvent protections against dangerous command execution.
In my case, it was able to execute a commit message without my consent by doing
cd /my/path && git commit -m "blah"
I think this is because I gave it permission to run cd commands freely in the session, and it saw the cd up front and allowed the entire command, even though it also included a git commit.
Obviously this is not so bad, but you can easily imagine scarier cases.
Environment Info
- Platform: macos
- Terminal: iTerm.app
- Version: 0.2.32
- Feedback ID: 465f7d0e-1427-41f4-b5c4-eff16337cc33
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗