[Bug] Bash AST parser warning bypasses sandbox auto-approve mode

Resolved 💬 2 comments Opened Apr 8, 2026 by deepdelirious Closed Apr 9, 2026

Bug Description
Newline followed by # inside a quoted argument can hide arguments from path validation

Bug: Bash AST parser prompts user despite sandbox auto-approve mode

Reproduction:

  1. Enable sandbox auto-approve mode (via /permissions or /sandbox)
  2. Have Claude Code run a bash command containing a newline followed by # inside a quoted argument:
  python -c "print('here')
  # That should have printed here
  "
  1. User is prompted with: Newline followed by # inside a quoted argument can hide arguments from path validation

Expected: No prompt — auto-approve is on, so any command would be approved by the permissions module regardless.

Root cause (suspected): The bash command goes through an AST parser to isolate individual commands before being passed to the permissions module. The permissions module is where auto-approve
takes effect. But the AST parser raises this warning at a layer above the permissions check, short-circuiting auto-approve.

The check makes sense when commands are not auto-approved — it flags potentially hidden arguments before the user manually reviews. But when auto-approve is active, it's just noise.

Environment Info

  • Platform: linux
  • Terminal: ghostty
  • Version: 2.1.96
  • Feedback ID: da87d51f-010f-4704-b03d-eb584d941ccc

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗