Feature request for product/service
Chat
Describe the request
Build a “temporary command permission” feature for the command execution approval dialog.
Goal
When the user approves running a command, they can choose a duration from a dropdown: Once, 1 hour, 1 day. While active, the same command can run again without prompting.
UX
- In the approval modal, add a dropdown next to Accept: “Allow once”, “Allow for 1 hour”, “Allow for 1 day”.
- After selection, show a small banner or chip somewhere: “Auto allowed commands: 1 active” and clicking opens a list with expiry timers and a Revoke button.
- If the command differs, still prompt.
Security rules
- Scope permission to: normalized command string + working directory + shell.
- Optionally also scope to repo root to avoid cross project leakage.
- Always prompt for high risk commands even if they match, or require a separate stronger confirmation. Examples:
rm -rf, disk formatting, rawcurl | sh, editing system directories, sudo changes.
Data model
- Store allow entries locally. Example fields:
id,commandNormalized,cwd,shell,createdAt,expiresAt,lastUsedAt,timesUsed. - On every run request: normalize command, match entry, check
now < expiresAt. If true, run without prompt and updatelastUsedAt.
Edge cases
- Whitespace differences should not break matching. Normalize by trimming, collapsing spaces, and keeping quoted strings intact if possible.
- If the user edits the command even slightly, prompt.
- Add a global “Disable auto allow” kill switch in settings.
Acceptance criteria
- User can approve a command for 1h or 1d and repeats within that window auto run.
- After expiry, prompt again.
- User can revoke at any time.
- High risk commands never silently auto run.
