I have denied git from my allowlist of commands because I don’t want agent mode to do a destructive action that it can’t easily come back from. E.g. deleting a branch without merging it.
That said, I would love it if I could set safe sub-commands in my allowlist, such as:
Allow: git status
Deny: git commit
Or maybe support for wildcards, unless they are overridden. E.g.:
Deny: git * or simply, git
Allow: git status
There’s actually a lot of things that fall into that category imo:
For example when working with golang, one might want to enable go fmt or go test without necessarily wanting to allow everything go.
I’d love more granular allowlist controls
I believe this is already possible by editing the config file yourself manually. See the Permissions documentation: Permissions | Cursor Docs
Here is a sample from my current ~/.cursor/cli-config.json file.
{
"permissions": {
"allow": [
"Shell(ls)",
"Shell(pre-commit)",
"Shell(git status)",
"Shell(git add)",
"Shell(git log)",
"Shell(git show)",
"Shell(pnpm typecheck)",
"Shell(git mv)",
"Shell(git reset)",
...
],
"deny": []
},
"version": 1,
"editor": {
"vimMode": true
},
...
}
can someone actually confirm if sub-commands actually work, and if so the proper syntax? The Permissions document linked to only includes the example of “Shell(git)” But I’ve had trouble with subcommands being denied in a non-interactive session with that in my allowed list.