feat: add rm -rf block hook script and fix stderr (#661)

2026-01-23 17:26:50 -08:00
parent 7af73fe53e
commit 55524061ab
4 changed files with 46 additions and 18 deletions
--- a/hooks/block-rm-rf.sh
+++ b/hooks/block-rm-rf.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+# Block dangerous rm -rf commands
+
+input=$(cat)
+tool_name=$(echo "$input" | jq -r '.tool_name')
+
+# Only check Bash commands
+if [ "$tool_name" != "Bash" ]; then
+  exit 0
+fi
+
+command=$(echo "$input" | jq -r '.tool_input.command')
+
+# Check for rm -rf pattern (handles -rf, -fr, -rfi, etc.)
+if echo "$command" | grep -qE 'rm\s+(-[a-zA-Z]*r[a-zA-Z]*f|-[a-zA-Z]*f[a-zA-Z]*r)'; then
+  echo "Blocked: rm -rf commands must be ran manually, use rm and rmdir instead." >&2
+  exit 2
+fi
+
+exit 0