fix(command): add allowed-tools and parameterize hardcoded path in upgrade-patches#17
Closed
xiaolai wants to merge 1 commit intoykdojo:mainfrom
Closed
fix(command): add allowed-tools and parameterize hardcoded path in upgrade-patches#17xiaolai wants to merge 1 commit intoykdojo:mainfrom
xiaolai wants to merge 1 commit intoykdojo:mainfrom
Conversation
…grade-patches - Add `allowed-tools: [Bash]` frontmatter so Claude Code grants Bash permission without prompting on every tool use - Replace hardcoded `/Users/yk/Desktop/projects/safeclaw` with `$SAFECLAW_DIR` env variable so the command works for contributors beyond the original author Co-Authored-By: Claude Code <noreply@anthropic.com>
This was referenced Apr 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes two bugs in
.claude/commands/upgrade-patches.mdidentified by an automated NLPM audit:Bug 1: Missing
allowed-toolsfrontmatterThe command invokes Bash tools (
npm,tmux) but has noallowed-toolsfield in its frontmatter. Without this, Claude Code may prompt for permission on every tool use or fail to execute the steps reliably.Fix: Added
allowed-tools: [Bash]to the frontmatter.Bug 2: Hardcoded absolute path
/Users/yk/Desktop/projects/safeclawThe Container section contains a hardcoded path specific to the author's machine (
/Users/yk/Desktop/projects/safeclaw). Any contributor running this command will get a path-not-found error and be unable to create the upgrade container.Fix: Replaced the hardcoded path with
$SAFECLAW_DIRand added a brief note for users to set the environment variable to their local safeclaw checkout.Test plan
claude command list)