From 9a3ef068e8789d7a30ef164fe261880e80b3c069 Mon Sep 17 00:00:00 2001
From: eleanorjboyd <26030610+eleanorjboyd@users.noreply.github.com>
Date: Fri, 3 Oct 2025 13:26:14 -0700
Subject: [PATCH] improve quoteStringIfNecessary to escape special characters

---
 src/features/execution/execUtils.ts | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/features/execution/execUtils.ts b/src/features/execution/execUtils.ts
index 49409ef7..b5f4671a 100644
--- a/src/features/execution/execUtils.ts
+++ b/src/features/execution/execUtils.ts
@@ -1,8 +1,14 @@
 export function quoteStringIfNecessary(arg: string): string {
-    if (arg.indexOf(' ') >= 0 && !(arg.startsWith('"') && arg.endsWith('"'))) {
-        return `"${arg}"`;
+    // Always return if already quoted to avoid double-quoting
+    if (arg.startsWith('"') && arg.endsWith('"')) {
+        return arg;
     }
-    return arg;
+
+    // Quote if contains common shell special characters that are problematic across multiple shells
+    // Includes: space, &, |, <, >, ;, ', ", `, (, ), [, ], {, }, $
+    const needsQuoting = /[\s&|<>;'"`()\[\]{}$]/.test(arg);
+
+    return needsQuoting ? `"${arg}"` : arg;
 }
 
 export function quoteArgs(args: string[]): string[] {