Skip to content

Instantly share code, notes, and snippets.

@Theo6890

Theo6890/auto-approve-safe.json

Last active February 19, 2026 00:19
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Theo6890/b0cb336f49ec0064fca52b2c10cde5ef to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Theo6890/b0cb336f49ec0064fca52b2c10cde5ef to your computer and use it in GitHub Desktop.
Download ZIP
Agent Safe Auto-Approve Command List
Raw
auto-approve-safe.json
"chat.tools.terminal.autoApprove": {
"nl": true,
// ============ PIPE CHAIN SUPPORT ============
"chat.tools.terminal.allowPipeChains": true,
"chat.tools.terminal.validatePipeSegments": true,
// ============ BASIC SYSTEM COMMANDS ============
"cd": true,
"echo": true,
"ls": true,
"pwd": true,
"cat": true,
"head": true,
"tail": true,
"grep": true,
"findstr": true,
"wc": true,
"tr": true,
"cut": true,
"cmp": true,
"diff": true,
"which": true,
"basename": true,
"dirname": true,
"realpath": true,
"readlink": true,
"stat": true,
"file": true,
"du": true,
"df": true,
"sleep": true,
"column": true,
"date": true,
"find": true,
"sort": true,
"tree": true,
"uniq": true,
"tee": true,
"uname": true,
"hostname": true,
"whoami": true,
"printenv": true,
"awk": true,
"sed": true,
"mv": true,
// ============ GIT COMMANDS (READ-ONLY + SAFE) ============
"/^git\\s+(status|diff|log|show)\\b/": true,
"git status": true,
"git log": true,
"git show": true,
"git diff": true,
"git grep": true,
"git branch": true,
"git blame": true,
"git reflog": true,
"/^git\\s+stash\\s+(list|show)\\b/": true,
"/^git\\s+remote\\s+-v\\b/": true,
"git checkout": true,
"/^git\\s+checkout\\s+-b\\b/": true,
"/^git\\s+add\\b/": true,
"/^git\\s+commit\\b/": true,
"/^git\\s+stash\\b(?!.*drop)/": true,
"/^git\\s+merge\\s+--abort\\b/": true,
"/^git\\s+rebase\\s+--abort\\b/": true,
// Block destructive git operations
"/^git branch\\b.*-(d|D|m|M|-delete|-force)\\b/": false,
"/^git\\s+push\\s+.*--force/": false,
"/^git\\s+reset\\s+--hard\\b/": false,
"/^git\\s+clean\\s+-f/": false,
// ============ NPM COMMANDS ============
"/^npm\\s+(test|run\\s+lint)\\b/": true,
"/^npm\\s+(ls|list|view|search|outdated|audit)\\b/": true,
"/^npm\\s+install\\s+--dry-run\\b/": true,
"/^npm\\s+ci\\b/": true,
"/^npm\\s+run\\s+[a-zA-Z0-9:_-]+$/": true,
// ============ PNPM COMMANDS ============
"/^pnpm\\s+(test|lint)\\b/": true,
"/^pnpm\\s+(ls|list|outdated|audit)\\b/": true,
"/^pnpm\\s+install\\s+--frozen-lockfile\\b/": true,
"/^pnpm\\s+--filter\\s+\\w+\\s+(test|typecheck|lint|build)\\b/": true,
"/^pnpm\\s+exec\\s+eslint\\b/": true,
"/^pnpm\\s+typecheck\\b/": true,
"pnpm": true,
"npx": true,
// ============ FORGE/FOUNDRY COMMANDS ============
"forge": true,
// Safe read-only forge commands
"/^(\\w+=\\w+\\s+)*forge\\s+build\\b.*(?:\\||$)/": true,
"/^(\\w+=\\w+\\s+)*forge\\s+test\\b.*(?:\\||$)/": true,
"/^(\\w+=\\w+\\s+)*forge\\s+compile\\b.*(?:\\||$)/": true,
"/^forge\\s+clean\\b/": true,
"/^forge\\s+fmt\\b/": true,
"/^forge\\s+coverage\\b/": true,
"/^forge\\s+flatten\\b/": true,
"/^forge\\s+lint\\b/": true,
"/^forge\\s+selectors\\b/": true,
"/^forge\\s+snapshot\\b/": true,
"/^forge\\s+tree\\b/": true,
"/^forge\\s+inspect\\b/": true,
"/^forge\\s+config\\b/": true,
"/^forge\\s+remappings\\b/": true,
"/^forge\\s+geiger\\b/": true,
// Forge verification commands (read-only checks)
"/^forge\\s+verify-bytecode\\b/": true,
"/^forge\\s+verify-check\\b/": true,
// Block deployment and contract creation
"/^forge\\s+create\\b/": false,
"/^forge\\s+script\\b.*--broadcast/": false,
"/^forge\\s+verify-contract\\b/": false,
// ============ CAST COMMANDS (READ-ONLY) ============
"/^cast\\s+(call|abi-decode|abi-encode|calldata|sig|keccak|index)\\b/": true,
"/^cast\\s+(block|tx|receipt|logs|storage)\\b/": true,
"/^cast\\s+(balance|code|nonce|chain-id|gas-price)\\b/": true,
// Block cast commands that send transactions
"/^cast\\s+send\\b/": false,
"/^cast\\s+publish\\b/": false,
// ============ DOCKER COMMANDS (READ-ONLY) ============
"/^docker\\s+(ps|images|inspect|logs)\\b/": true,
"/^docker\\s+compose\\s+(ps|logs|config)\\b/": true,
// ============ MAVEN COMMANDS ============
"/^mvn\\s+test\\b/": true,
"/^mvn\\s+clean\\b/": true,
"/^mvn\\s+verify\\b/": true,
// ============ MAKE COMMANDS ============
"/^make\\s+-n\\b/": true,
"/^make\\s+--dry-run\\b/": true,
// ============ POWERSHELL COMMANDS ============
"Get-ChildItem": true,
"Get-Content": true,
"Get-Date": true,
"Get-Random": true,
"Get-Location": true,
"Write-Host": true,
"Write-Output": true,
"Split-Path": true,
"Join-Path": true,
"Start-Sleep": true,
"Where-Object": true,
"/^Select-[a-z0-9]/i": true,
"/^Measure-[a-z0-9]/i": true,
"/^Compare-[a-z0-9]/i": true,
"/^Format-[a-z0-9]/i": true,
"/^Sort-[a-z0-9]/i": true,
// ============ REGEX PATTERNS FOR PIPES ============
"/^grep\\s+.*(?:\\||$)/": true,
"/^head\\s+-?[0-9]+.*(?:\\||$)/": true,
"/^tail\\s+-?[0-9]+.*(?:\\||$)/": true,
"/^awk\\s+.*(?:\\||$)/": true,
"/^sed\\s+.*(?:\\||$)/": true,
"/^sort\\s+.*(?:\\||$)/": true,
"/^uniq\\s+.*(?:\\||$)/": true,
"/^wc\\s+.*(?:\\||$)/": true,
"/^cut\\s+.*(?:\\||$)/": true,
"/^tr\\s+.*(?:\\||$)/": true,
// ============ COMMAND-SPECIFIC SAFETY BLOCKS ============
"/^column\\b.*-c\\s+[0-9]{4,}/": false,
"/^date\\b.*(-s|--set)\\b/": false,
"/^find\\b.*-(delete|exec|execdir|fprint|fprintf|fls|ok|okdir)\\b/": false,
"/^sort\\b.*-(o|S)\\b/": false,
"/^tree\\b.*-o\\b/": false,
// ============ DANGEROUS COMMANDS (EXPLICITLY BLOCKED) ============
"rm": false,
"rmdir": false,
"del": false,
"Remove-Item": false,
"ri": false,
"rd": false,
"erase": false,
"dd": false,
"kill": false,
"ps": false,
"top": false,
"Stop-Process": false,
"spps": false,
"taskkill": false,
"taskkill.exe": false,
"curl": false,
"wget": false,
"Invoke-RestMethod": false,
"Invoke-WebRequest": false,
"irm": false,
"iwr": false,
"chmod": false,
"chown": false,
"Set-ItemProperty": false,
"sp": false,
"Set-Acl": false,
"jq": false,
"xargs": false,
"eval": false,
"Invoke-Expression": false,
"iex": false,
"sudo": false,
// Block pipe chains with dangerous commands
"/^.*\\|\\s*sh\\b/": false,
"/^.*\\|\\s*bash\\b/": false,
"/^.*\\|\\s*zsh\\b/": false,
"/^.*\\|\\s*powershell\\b/": false,
"/^.*>\\s*\\/dev\\//": false,
"/^.*&&.*rm\\b/": false,
"/^.*;.*rm\\b/": false,
"/^.*&&.*curl\\b/": false,
"/^.*;.*wget\\b/": false,
"/sudo/": false,
// ============ SPECIFIC APPROVED COMMAND LINES ============
"/^FOUNDRY_PROFILE=default forge build --force --no-cache 2>&1 \\| grep -i 'stack\\\\\\|error\\\\\\|Variable' \\| head -30$/": {
"approve": true,
"matchCommandLine": true
},
"/^git show origin/main:apps/protocol/components/lending/LendingBorrow\\.tsx \\| rg -n \"Your Position\" -n$/": {
"approve": true,
"matchCommandLine": true
},
"/^git show origin/main:apps/protocol/components/lending/LendingBorrow\\.tsx \\| sed -n '1180,1305p'$/": {
"approve": true,
"matchCommandLine": true
},
"/^git show origin/main:apps/protocol/components/lending/LendingBorrow\\.tsx \\| sed -n '1305,1450p'$/": {
"approve": true,
"matchCommandLine": true
},
"/^pnpm --filter protocol typecheck$/": {
"approve": true,
"matchCommandLine": true
},
"/^pnpm exec eslint apps/protocol/components/lending/LendingSupply\\.tsx$/": {
"approve": true,
"matchCommandLine": true
},
"/^cd /Users/theo/code/Aria/dummy-haven-frontend/apps/protocol && pnpm typecheck$/": {
"approve": true,
"matchCommandLine": true
},
"/^pnpm typecheck$/": {
"approve": true,
"matchCommandLine": true
},
"/^pnpm typecheck --filter=protocol$/": {
"approve": true,
"matchCommandLine": true
}
},
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment