Greg Gauthier
f9d99527e0
- Replace hardcoded safeCommands map with sync.OnceValue loading from ~/.config/grokkit/safe_shell_commands.yaml - Provide fallback built-in safe list if config load fails - Add safe_shell_commands.yaml.example for user reference - Update safety check to use loaded map and prefix matching
28 lines
561 B
Plaintext
28 lines
561 B
Plaintext
# Grokkit safe shell commands whitelist
|
|
# Only commands listed here (or prefixed by these) are allowed in recipes.
|
|
# This is a safety boundary — never add rm, mv, cd, sudo, etc.
|
|
# This file should be placed in ~/.config/grokkit/safe_shell_commands.yaml
|
|
# customize it as you see fit.
|
|
|
|
safe_commands:
|
|
- ls
|
|
- pwd
|
|
- cat
|
|
- tree
|
|
- find
|
|
- grep
|
|
- rg # ripgrep
|
|
- git status
|
|
- git log
|
|
- git diff
|
|
- git branch
|
|
- go test
|
|
- go vet
|
|
- go fmt
|
|
- go mod tidy
|
|
- make test
|
|
- pytest
|
|
- poetry run pytest
|
|
- ctest
|
|
- python -m pytest
|