{ "description": "Permission-first model configuration", "settings": { "allow_caching": true, "cache_file": "data/runtime/allowed_commands.json", "normalize_commands": true, "split_chained": true }, "command_categories": { "hard_stop": { "description": "Commands that are never executed - hard stop", "allow_once": false, "allow_always": false, "commands": [ "rm -rf /", "rm -rf /*", "dd if=/dev/zero of=/dev/sd*", "dd if=/dev/zero of=/dev/hd*", "mkfs", "> /dev/sd*", "> /dev/hd*" ] }, "no_always": { "description": "Dangerous commands - allow once only", "allow_once": true, "allow_always": false, "commands": [ "rm -rf *", "rm -rf .*", "curl |", "wget -O- |", ":(){:|:&};:", "fork", "chmod -R 000", "chmod -R 777", "chown -R", "apt", "apt-get", "dpkg", "yum", "dnf", "pacman", "shutdown", "reboot", "halt", "init 0", "init 6", "telinit", "systemctl stop", "systemctl start", "systemctl restart", "service stop", "service start", "kill -9 -1", "killall", "pkill -9", "reboot -f", "shutdown -h now", "poweroff", "echo .* > /proc/", "echo .* > /sys/" ] }, "normal": { "description": "Normal commands - allow once or always", "allow_once": true, "allow_always": true, "commands": [ "shell_exec", "file_write" ], "file_extensions": [ ".py", ".txt", ".json", ".md", ".yaml", ".yml", ".sh", ".bash" ] } }, "path_settings": { "allow_read_outside": true, "allow_write_paths": [ "/home/mirivlad/git/ducklm", "/tmp" ], "require_confirmation_for_write": true, "require_confirmation_for_shell": true } }