Second Brain

❯

❯

cleanup 2026 04 17 conversation flush bulk

❯

❯

❯

destructive hook regex matches rm inside echo strings

destructive-hook-regex-matches-rm-inside-echo-strings

Apr 14, 20261 min read

x/hooks
x/claude-code

destructive-hook-regex-matches-rm-inside-echo-strings

Hook regex patterns like \b(rm|mv)\s+.FILE match the substring rm or mv anywhere in a command string, including inside echo ‘rm FILE’ quoted literals and documentation strings, causing false-positive blocks on harmless read/echo commands. Fix: anchor with CMD_START = r’(?:^|[;&|`(]\s)’ so rm/mv must appear at the actual start of a shell command token, not inside a quoted string argument.

Related

destructive-ops-blocker-false-positive-on-backup-suffixes
destructive-hook-regex-word-boundary-backup-false-positive
docker
salesforce
spec-reviewer-blocks-on-os-system-in-test-code
hook-regex-false-positives-require-cmd-start-not-backup-anch
hook-regex-cmd-start-not-backup-anchors-required
hook-regex-false-positives-cmd-start-not-backup-anchors
security-reminder-hook-blocks-literal-exec-eval-in-prose
security-hook-blocks-literal-exec-eval-tokens-in-prose
security-hook-blocks-literal-exec-eval-in-prose

Graph View

destructive-hook-regex-matches-rm-inside-echo-strings
Related

Backlinks

hook-regex-cmd-start-not-backup-anchors-required
hook-regex-false-positives-cmd-start-not-backup-anchors
hook-regex-false-positives-require-cmd-start-not-backup-anch
security-hook-blocks-literal-exec-eval-in-prose
security-hook-blocks-literal-exec-eval-tokens-in-prose
destructive-hook-regex-word-boundary-backup-false-positive
destructive-ops-blocker-false-positive-on-backup-suffixes
security-hook-blocks-literal-exec-eval-tokens-in-prose
security-reminder-hook-blocks-literal-exec-eval-in-prose
spec-reviewer-blocks-on-os-system-in-test-code

Created with Quartz v4.5.2 © 2026

CIOS
Mission Control