Added warning to avoid command substitution in run_shell_command tool… (#9934)

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
This commit is contained in:
owenofbrien
2025-09-26 13:16:05 -05:00
committed by GitHub
parent c65bfc3698
commit d1187f0319
3 changed files with 25 additions and 3 deletions
+10 -2
View File
@@ -395,10 +395,18 @@ function getShellToolDescription(): string {
}
function getCommandDescription(): string {
const cmd_substitution_warning =
'\n*** WARNING: Command substitution using $(), `` ` ``, <(), or >() is not allowed for security reasons.';
if (os.platform() === 'win32') {
return 'Exact command to execute as `cmd.exe /c <command>`';
return (
'Exact command to execute as `cmd.exe /c <command>`' +
cmd_substitution_warning
);
} else {
return 'Exact bash command to execute as `bash -c <command>`';
return (
'Exact bash command to execute as `bash -c <command>`' +
cmd_substitution_warning
);
}
}