Function●Since v0.0

is_shell_command_allowed

Check if a shell command is in the allow-list.

The allow-list matches against the first token of the command (the executable name). This allows read-only commands like ls, cat, grep, etc. to be auto-approved.

When allow_list is the SHELL_ALLOW_ALL sentinel, all non-empty commands are approved unconditionally — dangerous pattern checks are skipped.

SECURITY: For regular allow-lists, this function rejects commands containing dangerous shell patterns (command substitution, redirects, process substitution, etc.) BEFORE parsing, to prevent injection attacks that could bypass the allow-list.

is_shell_command_allowed(
    command: str,
    allow_list: list[str] | None,
) -> bool

Parameters

Name	Type	Description
`command`*	`str`	The full shell command to check.
`allow_list`*	`list[str] \| None`	List of allowed command names (e.g., `["ls", "cat", "grep"]`), the `SHELL_ALLOW_ALL` sentinel to allow any command, or `None`.

View source on GitHub

is_shell_command_allowed

Parameters

LangChain Assistant

Menu

is_shell_command_allowed

Parameters