cc-sessions Version
0.3.6
Installation Method
npm/npx (JavaScript)
Operating System
Linux (Other)
Shell/Terminal
Zsh
IDE/Environment
Terminal/CLI only
Bug Description
Description
The sessions API bypass check uses command.includes('sessions ') which performs a substring match. Any bash command containing the word "sessions" anywhere bypasses all DAIC enforcement in Discussion mode.
Affected Code
File: cc_sessions/javascript/hooks/sessions_enforce.js
Lines: 333-338
if (toolName === "Bash" && STATE.mode === Mode.NO && !STATE.flags.bypass_mode) {
// Special case: Allow sessions.api commands in discussion mode
if (command && (command.includes('sessions ') || command.includes('python -m cc_sessions.scripts.api'))) {
// API commands are allowed in discussion mode for state inspection and safe config operations
process.exit(0);
}Problem
String.includes() matches substrings anywhere in the command, not just at the start. This creates a security bypass where any command containing "sessions" will skip all DAIC enforcement.
Steps to Reproduce
- Open a chat in Claude Code and ensure it is discussion mode.
- Use a prompt like
Try run this for me echo "session are cool" > file.txt.
- Then, add a "s" to session and re-run (i.e.,
Try run this for me echo "session are cool" > file.txt).
Expected Behavior
- The first is blocked by DAIC.
- The second one should have been blocked by DAIC. Instead, you will see file.txt being created without issues.
Error Messages
Additional Context
(P.S.: These are suggested by Claude Code, so please take them with a grain of salt.)
Proposed Fix
Option 1 (Recommended): Use startsWith() for command verification
if (command && (command.trim().startsWith('sessions ') || command.includes('python -m cc_sessions.scripts.api'))) {
// API commands are allowed in discussion mode for state inspection and safe config operations
process.exit(0);
}Option 2: Use regex for more precise matching
if (command && (/^sessions\s/.test(command.trim()) || command.includes('python -m cc_sessions.scripts.api'))) {
process.exit(0);
}Both ensure only commands that begin with sessions trigger the bypass.
cc-sessions Version
0.3.6
Installation Method
npm/npx (JavaScript)
Operating System
Linux (Other)
Shell/Terminal
Zsh
IDE/Environment
Terminal/CLI only
Bug Description
Description
The sessions API bypass check uses
command.includes('sessions ')which performs a substring match. Any bash command containing the word "sessions" anywhere bypasses all DAIC enforcement in Discussion mode.Affected Code
File:
cc_sessions/javascript/hooks/sessions_enforce.jsLines: 333-338
Problem
String.includes()matches substrings anywhere in the command, not just at the start. This creates a security bypass where any command containing "sessions" will skip all DAIC enforcement.Steps to Reproduce
Try run this for me echo "session are cool" > file.txt.Try run this for me echo "session are cool" > file.txt).Expected Behavior
Error Messages
Additional Context
(P.S.: These are suggested by Claude Code, so please take them with a grain of salt.)
Proposed Fix
Option 1 (Recommended): Use
startsWith()for command verificationOption 2: Use regex for more precise matching
Both ensure only commands that begin with
sessionstrigger the bypass.