I have denied git from my allowlist of commands because I don’t want agent mode to do a destructive action that it can’t easily come back from. E.g. deleting a branch without merging it.
That said, I would love it if I could set safe sub-commands in my allowlist, such as:
Allow: git status
Deny: git commit
Or maybe support for wildcards, unless they are overridden. E.g.:
Deny: git * or simply, git
Allow: git status