claude-code - 💡(How to fix) Fix Benign `node -e` regex script false-flagged as "Fork bomb detected"

What's wrong?

A harmless one-off node -e script — one that only constructs a couple of regular expressions and prints their matches — is blocked by the Bash tool with:

Blocked: Fork bomb detected
This command is blocked for safety. If intentional, run it manually.

The script has no recursion, no &/backgrounding, and forks no processes. It is a pure, terminating computation. The fork-bomb heuristic appears to be matching on benign JavaScript/regex syntax (the alternation character | together with (){}-style regex and template-literal syntax) inside the single-quoted -e program.

This matters beyond the single command: when the false block lands inside an assistant turn that issued several tool calls in one parallel batch, the block then triggers cancellation of the sibling calls that were still pending in the queue (each reported as Cancelled: parallel tool call … errored), discarding unrelated, already-queued work. (That sibling-cancellation behavior is tracked separately — see "Related" below; this report is specifically about the false positive that sets it off.)

What should happen?

The command should run (it is benign). At minimum, a safety heuristic should not classify a non-recursive, non-forking node -e regex script as a fork bomb.

Minimal reproduction (verified)

Run this through the Bash tool. It uses entirely neutral tokens and is structurally equivalent to a real-world command that was blocked:

node -e '
const toks = ["AA","BB","AB","Ab","bb"];
const alt = toks.slice().sort((a,b)=>b.length-a.length)
  .map(t=>t.replace(/[.*+?^${}()|[\]\\]/g,"\\$&")).join("|");
const re = new RegExp(`(?<=^|[,\\s])(?:${alt})(?=$|[,\\s])`,"g");
for (const m of "bb neg".matchAll(re)) console.log(JSON.stringify(m[0]), m.index);
'

Observed: Blocked: Fork bomb detected (the script never executes). Expected: it executes and prints the regex matches, e.g. "bb" 0.

Running the same script from a normal terminal (node script.js) works fine and forks nothing — confirming the block is a false positive of the command-string heuristic, not a property of the program.

Likely trigger

The detector seems to key on the combination of the alternation operator | with (){}-style grouping/quantifier syntax present in any non-trivial regex built inside node -e '…'. Suggested fix: require the actual fork-bomb shape (a function definition that recursively pipes into itself and backgrounds, e.g. :(){ :|:& };:) rather than the mere co-occurrence of | and (){} in a string, and/or skip the heuristic for the body of node -e / python -c style -e/-c program arguments.

Environment

• Claude Code: 2.1.158
• Interaction surface: Claude Code for VS Code extension (anthropic.claude-code) 2.1.158
• OS: Linux (x86_64)
• Shell: zsh
• Node.js: present (any recent version)

Impact

• Legitimate diagnostic/inspection node -e snippets are blocked, forcing the work to be restructured (e.g. writing the script to a temp file first).
• More seriously, when the block occurs inside a parallel tool-call batch, it cascades into cancellation of unrelated sibling calls in the same turn, destroying partially-completed work and wasting context/tokens.

Related

• The parallel-batch sibling-cancellation behavior is already reported (see #64246 and #64247) — please cross-link rather than treat this as a duplicate. This issue is scoped to the fork-bomb false positive that triggers the cascade.