[BUG] backticks and exclamations in a slash command trigger permission check
Resolved 💬 7 comments Opened Sep 25, 2025 by nedtwigg Closed Mar 13, 2026
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
- I have a custom slash command which takes one argument
- the slash command does not involve bash
- but it causes Claude Code to throw
Error: Bash command permission check failed for patternand then a huge blob of markdown is the "pattern" - It broke starting with Claude Code 1.0.54 (worked in 1.0.53)
- changelog for 1.0.54 says "Custom slash commands: Added argument-hint to frontmatter"
- superficially similar (red herring) to #3662
- very similar to #6660
What Should Happen?
- it should run the slash command (like it did in 1.0.53)
Error Messages/Logs
Steps to Reproduce
The exact slash command which causes the issue is https://github.com/diffplug/gitcasso/blob/f8b5faa2b3e9c4295858f5e2b6e079eda2b05fa2/.claude/commands/corpus-loop.md?plain=1
Key excerpts:
---
argument-hint: [corpus_slug]
description: uses Playwright MCP and the `corpus` to parse page elements
---
- using Playwright MCP, navigate to `http://localhost:3001/corpus/$1/gitcasso`
- the page will have a div with id `gitcasso-comment-spots`, wait 500ms for it to settle
(blah blah blah)
- Don't hedge your bets and write lots of fallback code or strings of `?.`. Have a specific piece of data you want to get, use non-null `!` assertions where necessary to be clear about getting.
- If a field is empty, represent it with an empty string. Don't use placeholders when extracting data.
- The pages we are scraping are going to change over time, and it's easier to fix broken ones if we know exactly what used to work. If the code has lots of branching paths, it's harder to tell what it was doing.
## Troubleshooting
- If you see `"spot": "NO_SPOT"` but expect an enhancer to match:
- Check console logs for enhancer attempts (e.g., `"eE examing url"`)
- Look for specific rejection reasons in the enhancer's `tryToEnhance` method
For an exact reproducer
- clone https://github.com/diffplug/gitcasso
- run
claude /corpus-loop gh_issue_edit_multiple- you'll get this error message:
> /corpus-loop slug
⎿ Error: Bash command permission check failed for pattern "!` assertions where necessary to be clear about getting.
- If a field is empty, represent it with an empty string. Don't use placeholders when extracting data.
- The pages we are scraping are going to change over time, and it's easier to fix broken ones if we know exactly what used to work. If the
code has lots of branching paths, it's harder to tell what it was doing.
## Troubleshooting
- If you see `": This command uses shell operators that require approval for safety
Claude Model
Not sure / Multiple models
Is this a regression?
Yes, this worked in a previous version
Last Working Version
1.0.53
Claude Code Version
1.0.124
Platform
Anthropic API
Operating System
macOS
Terminal/Shell
VS Code integrated terminal
Additional Information
I permalinked the slashcommand with the issue above. The workaround is:
Workaround:
`!` <-- replace this
! <-- with this
the slash command in the main of my repository doesn't trigger this anymore because of the workaround.
This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗