From d63e1e01bb363b1cea0ea282712c2f3c8437b508 Mon Sep 17 00:00:00 2001
From: Charles Packer <packercharles@gmail.com>
Date: Wed, 31 Dec 2025 15:56:31 -0800
Subject: [PATCH] fix: command analyzer uses first command in pipelines (#438)

Co-authored-by: Letta <noreply@letta.com>
---
 src/permissions/analyzer.ts | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/permissions/analyzer.ts b/src/permissions/analyzer.ts
index 63af1e0..5ee9e07 100644
--- a/src/permissions/analyzer.ts
+++ b/src/permissions/analyzer.ts
@@ -349,14 +349,19 @@ function analyzeBashApproval(
   }
 
   // Handle complex piped/chained commands (cd /path && git diff | head)
-  // Strip out cd commands and extract the actual command
+  // For pipes (|), the FIRST command is the main one
+  // For && and ;, we skip cd prefixes and use the actual command
   if (
     command.includes("&&") ||
     command.includes("|") ||
     command.includes(";")
   ) {
-    // Split on these delimiters and analyze each part
-    const segments = command.split(/\s*(?:&&|\||;)\s*/);
+    // First, strip everything after the first pipe - the piped-to command is secondary
+    // e.g., "curl --version | head -1" -> analyze "curl --version"
+    const beforePipe = (command.split("|")[0] ?? command).trim();
+
+    // Now split on && and ; to handle cd prefixes
+    const segments = beforePipe.split(/\s*(?:&&|;)\s*/);
 
     for (const segment of segments) {
       const segmentParts = segment.trim().split(/\s+/);