-
由 Will Chen 提交于
## Summary - Move Claude commands to `dyad/` namespace (e2e-rebase, pr-fix) - Add new commands: fix-issue, gh-push, gh-rebase, lint, session-debug - Add `gh-permission-hook.py` to block destructive gh commands (except PRs) - Expand allowed bash commands in settings.json - Update AGENTS.md to reference `/dyad:lint` skill and fix typo ## Test plan - [ ] Verify commands work with `/dyad:<command>` syntax - [ ] Test that gh-permission-hook blocks issue modifications but allows PR operations
🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Reorganized Claude commands under the /dyad namespace and added a GitHub CLI permission hook that auto-approves read-only commands plus PR and issue updates while blocking destructive actions. Added new skills (including deflaking E2E and split PR fix steps), hardened the hook, and added tests. - **New Features** - Moved e2e-rebase and pr-fix to dyad/; added fix-issue, pr-push, gh-rebase, lint, session-debug, deflake-e2e; split pr-fix into pr-fix:comments and pr-fix:actions. - Updated AGENTS.md to reference /dyad:lint and fixed a typo. - **Permissions** - Added gh-permission-hook.py (PreToolUse) for Bash gh commands; auto-approves read-only ops, PR modification commands, issue create/edit/close/reopen/comment, PR review thread ops, and PR/issue comment replies and updates; blocks destructive actions across issues, releases, gists, labels, secrets, repos, workflows, config, and auth. - Hardened checks: require gh as the executed command (handles env/sudo/command wrappers); detect shell injection (;, &&/||, &, newlines, ANSI-C $'…', process substitution); allow safe pipes to jq and common text filters (head/tail/grep/wc/sort/uniq/cut/tr) and stderr redirects; parse --method/-X (incl. equals syntax); allow GraphQL queries plus specific PR review thread/comment mutations; added unit tests with good/bad fixtures. - Updated settings.json to narrow read-only gh allowlist, expand safe Bash commands, and register the PreToolUse hook. <sup>Written for commit 3237d344cdc2850a97a9a4856bff54bd25be102b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Streamlines Claude command suite and hardens GitHub CLI usage in the workspace. > > - Reorganizes commands under `/.claude/commands/dyad/` and adds new skills: `deflake-e2e`, `fix-issue`, `gh-rebase`, `lint`, `pr-push`, `session-debug`; splits `pr-fix` into `pr-fix:comments` and `pr-fix:actions` > - Adds `/.claude/hooks/gh-permission-hook.py` to auto-approve read-only/PR operations and block destructive `gh` commands; supports GraphQL query/limited mutations and safe piping > - Introduces unit tests (`.claude/hooks/tests/*`) with good/bad command fixtures and a test runner > - Updates `.claude/settings.json` to expand safe Bash allowlist and register `PreToolUse` hook; tweaks `.gitignore` and `AGENTS.md` (references `/dyad:lint`) > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 3237d344cdc2850a97a9a4856bff54bd25be102b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by:Claude Opus 4.5 <noreply@anthropic.com>
