v0.22.5

Summary

• #41 — Permission guard rejected allowed Bash commands with quoted shell metacharacters. singleShellCommand in _lib/permission-matching.mjs rejected any command containing ;&|<> or $(/backtick even when those were literal characters inside single/double quotes. A contract allowing Bash(gh issue*) therefore denied gh issue close 28 --comment "…level=province&lat=…&lng=…;…".

The safe-command check is now quote-aware: a metacharacter only counts as a shell operator when it appears outside quotes. Command substitution ($(…), backticks) stays dangerous everywhere except inside single quotes; newlines and unbalanced quotes are still rejected. Genuine chaining (&& rm -rf) and substitution (--comment "$(…)") remain denied. The skill permission guard now imports the shared helper instead of duplicating it.

Validation

• node scripts/check-version-sync.mjs — all manifests pinned to v0.22.5
• node scripts/verify-contracts.mjs — contracts verified
• npm run lint — OK
• npm test — 914/914 pass (incl. issue #41 regression: quoted metacharacters allowed, unquoted chaining/substitution still denied)
• npm run check:readiness — PASSED