## Summary
- Extends the existing `gh pr` shell injection exemption to also cover
`gh issue` commands in the permission hook
- `gh issue create/comment/edit` frequently contain markdown in `--body`
with backticks, pipes, `**bold**`, etc. that were incorrectly flagged as
injection attempts
- Added 50+ test cases covering `gh issue` and `gh pr` commands with
rich markdown body content

## Test plan
- [x] All 977 hook permission tests pass (`python
.claude/hooks/tests/test_gh_permission_hook.py`)
- [x] `npm run fmt && npm run lint:fix && npm run ts` passes
- [x] `npm test` passes (33/33 test files)

#skip-bugbot

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2638"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->


<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Extend the shell injection exemption to gh issue commands to prevent
false positives on markdown in --body (backticks, pipes, bold). Other gh
commands remain protected by injection checks.

- **Bug Fixes**
- Exempted "gh issue ..." (and kept "gh pr ...") from shell injection
checks in the permission hook.
- Added 50+ tests for rich markdown bodies across gh issue and gh pr
commands.
- Moved six gh issue cases from bad_commands to good_commands to match
the exemption.
  - Preserved injection checks for all other gh commands.

<sup>Written for commit e168f9b81384568475cbcb81a92ef19a0963c7a6.
Summary will update on new commits.</sup>

<!-- End of auto-generated description by cubic. -->
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>