Skip to content

fix(command-mode): detect destructive commands in chained segments#432

Open
postoso wants to merge 1 commit into
altic-dev:mainfrom
postoso:fix/command-mode-chained-detection
Open

fix(command-mode): detect destructive commands in chained segments#432
postoso wants to merge 1 commit into
altic-dev:mainfrom
postoso:fix/command-mode-chained-detection

Conversation

@postoso

@postoso postoso commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

What

CommandModeService.isDestructiveCommand applied its prefix checks to the whole command string, so a destructive command hidden after a shell chaining separator bypassed the confirm gate and auto-ran. Examples that returned false (auto-run): echo ok && killall Finder, true; shred secret.txt, echo a || killall Finder, echo ok & killall Finder, and a newline-chained sudo reboot.

How

Split the command on chaining separators (&&, ||, ;, &, newline) into segments, trim each, and apply the existing detection per segment (factored into isDestructiveSegment). && is normalized before the single & so it is not read as two background separators. Pipe (|) is intentionally not a split point: piped destructive commands stay matched by the existing | rm / | sudo / | dd substring patterns. Verified that 2>&1 and sleep 10 & echo done do not false-positive.

Tests

New CommandModeDestructiveCommandTests (15 methods): each separator hiding a destructive command, safe chains, a backgrounded-safe command, and preserved single-command plus piped detection. xcodebuild test is green and swiftlint --strict is clean.

Note

Focused follow-up to #428 (which hardens the same function for pipe-to-shell and output redirects). The two address independent gaps; this is structured so it rebases cleanly after #428 merges (the new per-segment isDestructiveSegment helper is where #428's added patterns belong).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant