Skip to content

Language intelligence with rules #58

Description

@laffer1

Description

The exec check is assuming javascript/typescript when it happens to be working on C code. (execve and friends)

⎿  Error: PreToolUse:Write hook error: [python3 ${CLAUDE_PLUGIN_ROOT}/hooks/security_reminder_hook.py]: ⚠️ Security Warning: Using child_process.exec() can lead to command injection vulnerabilities.

 This codebase provides a safer alternative: src/utils/execFileNoThrow.ts             
                       
 Instead of:                                                                                                                                                                                                                        
   exec(`command ${userInput}`)                                      
                                                                                                                                                                                                                                    
 Use:                                                   
   import { execFileNoThrow } from '../utils/execFileNoThrow.js'                                                                                                                                                                    
   await execFileNoThrow('command', [userInput]) 

What AI Coding Tool are you Using?

Claude Code

AI Model Used

Claude sonnet 4.6

The feedback pertains to which aspect of the project?

Rule definition

Metadata

Metadata

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions