bcdewitt/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(hooks): add bash tool name to pre-tool-use hook for OpenCode support

Browse Source 
OpenCode uses tool name 'bash' (not 'run_in_terminal') for shell execution.
The hook was early-exiting for 'bash' tool calls, leaving banned commands
unchecked. Added 'bash' to both the inspect allowlist and COMMAND extraction.
This commit is contained in:
Brydon DeWitt 2026-05-22 16:42:04 -04:00
parent 690178da96
commit 88435d6b51
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.agents/hooks/pre-tool-use.sh
View File

@ -26,7 +26,7 @@ echo "{\"ts\":\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\",\"hook\":\"pre-tool-use\",\"too
# Only inspect terminal/execution tools and file-editing tools # Only inspect terminal/execution tools and file-editing tools
case "$TOOL_NAME" in case "$TOOL_NAME" in
run_in_terminal|execution_subagent|send_to_terminal|\ bash|run_in_terminal|execution_subagent|send_to_terminal|\
replace_string_in_file|multi_replace_string_in_file|create_file|\ replace_string_in_file|multi_replace_string_in_file|create_file|\
read_file|read|edit) read_file|read|edit)
;; ;;
@ -40,7 +40,7 @@ esac
COMMAND="" COMMAND=""
FILE_PATH="" FILE_PATH=""
case "$TOOL_NAME" in case "$TOOL_NAME" in
run_in_terminal|execution_subagent|send_to_terminal) bash|run_in_terminal|execution_subagent|send_to_terminal)
COMMAND=$(echo "$INPUT" | node -e " COMMAND=$(echo "$INPUT" | node -e "
const d = JSON.parse(require('fs').readFileSync('/dev/stdin','utf8')); const d = JSON.parse(require('fs').readFileSync('/dev/stdin','utf8'));
const i = d.tool_input || {}; const i = d.tool_input || {};