1id: bash-unsafe-rm-rf
 2message: Potentially dangerous 'rm -rf' usage - ensure variable is not empty
 3severity: warning
 4language: Bash
 5note: |
 6  Always check variables are non-empty before rm -rf:
 7  [[ -n "$VAR" ]] && rm -rf "$VAR"
 8  Or use safer alternatives like find with -delete
 9  
10  Note: This rule may produce false positives when multiple conditions are chained.
11rule:
12  pattern: rm -rf $VAR
13  not:
14    inside:
15      any:
16        - pattern: |
17            if [[ -n "$VAR" ]]; then
18              $$$
19            fi
20        - pattern: |
21            if [ -n "$VAR" ]; then
22              $$$
23            fi
24        - pattern: |
25            [[ -n "$VAR" ]] && $$$