Security/Exec: persist inner commands for shell-wrapper approvals

2026-04-24 07:01:49 +00:00 · 2026-02-21 21:26:06 -08:00
parent 2f023a4775
commit 98b2b16ac3
5 changed files with 279 additions and 4 deletions
--- a/src/node-host/invoke-system-run.ts
+++ b/src/node-host/invoke-system-run.ts
@@ -9,6 +9,7 @@ import {
  evaluateShellAllowlist,
  recordAllowlistUse,
  requiresExecApproval,
+  resolveAllowAlwaysPatterns,
  resolveExecApprovals,
  resolveSafeBins,
  type ExecAllowlistEntry,
@@ -314,8 +315,13 @@ export async function handleSystemRunInvoke(opts: {
  }
  if (approvalDecision === "allow-always" && security === "allowlist") {
    if (analysisOk) {
-      for (const segment of segments) {
-        const pattern = segment.resolution?.resolvedPath ?? "";
+      const patterns = resolveAllowAlwaysPatterns({
+        segments,
+        cwd: opts.params.cwd ?? undefined,
+        env,
+        platform: process.platform,
+      });
+      for (const pattern of patterns) {
        if (pattern) {
          addAllowlistEntry(approvals.file, agentId, pattern);
        }