Description
The exec check is assuming javascript/typescript when it happens to be working on C code. (execve and friends)
⎿ Error: PreToolUse:Write hook error: [python3 ${CLAUDE_PLUGIN_ROOT}/hooks/security_reminder_hook.py]: ⚠️ Security Warning: Using child_process.exec() can lead to command injection vulnerabilities.
This codebase provides a safer alternative: src/utils/execFileNoThrow.ts
Instead of:
exec(`command ${userInput}`)
Use:
import { execFileNoThrow } from '../utils/execFileNoThrow.js'
await execFileNoThrow('command', [userInput])
What AI Coding Tool are you Using?
Claude Code
AI Model Used
Claude sonnet 4.6
The feedback pertains to which aspect of the project?
Rule definition
Description
The exec check is assuming javascript/typescript when it happens to be working on C code. (execve and friends)
⎿ Error: PreToolUse:Write hook error: [python3 ${CLAUDE_PLUGIN_ROOT}/hooks/security_reminder_hook.py]:⚠️ Security Warning: Using child_process.exec() can lead to command injection vulnerabilities.
What AI Coding Tool are you Using?
Claude Code
AI Model Used
Claude sonnet 4.6
The feedback pertains to which aspect of the project?
Rule definition