Re-enable backticks in shell tool usage. (#3360)

2 files changed, 2 insertions, 12 deletions

diff --git a/packages/core/src/tools/shell.test.ts b/packages/core/src/tools/shell.test.ts
index f33d3f03..acc8c01f 100644
--- a/packages/core/src/tools/shell.test.ts
+++ b/packages/core/src/tools/shell.test.ts
@@ -350,17 +350,14 @@ describe('ShellTool', () => {
     expect(result.allowed).toBe(true);
   });
 
-  it('should block a command with command substitution using backticks', async () => {
+  it('should allow a command with command substitution using backticks', async () => {
     const config = {
       getCoreTools: () => ['run_shell_command(echo)'],
       getExcludeTools: () => [],
     } as unknown as Config;
     const shellTool = new ShellTool(config);
     const result = shellTool.isCommandAllowed('echo `rm -rf /`');
-    expect(result.allowed).toBe(false);
-    expect(result.reason).toBe(
-      'Command substitution using backticks is not allowed for security reasons',
-    );
+    expect(result.allowed).toBe(true);
   });
 
   it('should block a command with command substitution using $()', async () => {
diff --git a/packages/core/src/tools/shell.ts b/packages/core/src/tools/shell.ts
index 4954e055..bdee190f 100644
--- a/packages/core/src/tools/shell.ts
+++ b/packages/core/src/tools/shell.ts
@@ -123,13 +123,6 @@ Process Group PGID: Process group started or \`(none)\``,
           'Command substitution using $() is not allowed for security reasons',
       };
     }
-    if (command.includes('`')) {
-      return {
-        allowed: false,
-        reason:
-          'Command substitution using backticks is not allowed for security reasons',
-      };
-    }
 
     const SHELL_TOOL_NAMES = [ShellTool.name, ShellTool.Name];