50 lines
1.2 KiB
Bash
Executable File
50 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# PreToolUse hook: Block Bash commands that should use dedicated tools.
|
|
# Runs before every Bash call (main agent + subagents).
|
|
# Exit 0 = allow, Exit 2 = block with message.
|
|
|
|
INPUT=$(cat)
|
|
COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
|
|
|
|
# Strip leading whitespace and env vars (e.g. FOO=bar cat file)
|
|
CLEAN=$(echo "$COMMAND" | sed 's/^[[:space:]]*//' | sed 's/^[A-Za-z_][A-Za-z_0-9]*=[^ ]* *//')
|
|
|
|
# Extract the first word (the actual command)
|
|
FIRST=$(echo "$CLEAN" | awk '{print $1}' | sed 's|.*/||')
|
|
|
|
case "$FIRST" in
|
|
cat)
|
|
echo "Use the Read tool instead of cat." >&2
|
|
exit 2
|
|
;;
|
|
head|tail)
|
|
echo "Use the Read tool (with offset/limit) instead of $FIRST." >&2
|
|
exit 2
|
|
;;
|
|
ls)
|
|
echo "Use the Glob tool instead of ls." >&2
|
|
exit 2
|
|
;;
|
|
find)
|
|
echo "Use the Glob tool instead of find." >&2
|
|
exit 2
|
|
;;
|
|
grep|rg)
|
|
echo "Use the Grep tool instead of $FIRST." >&2
|
|
exit 2
|
|
;;
|
|
sed|awk)
|
|
echo "Use the Edit tool instead of $FIRST." >&2
|
|
exit 2
|
|
;;
|
|
echo)
|
|
# Block echo used for file writing (echo > file, echo >> file)
|
|
if echo "$COMMAND" | grep -qE '>\s*\S'; then
|
|
echo "Use the Write or Edit tool instead of echo redirection." >&2
|
|
exit 2
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
exit 0
|