command-whitelist/
This example uses a PreToolUse hook to enforce a strict allowlist of shell commands. Any command not on the list is blocked before execution. This is the whitelist approach: deny everything by default, allow only what you explicitly approve.
Allowed Commands
The bundledstrict-mode plugin permits only these read-only operations:
| Category | Commands |
|---|---|
| File operations | ls, cat, head, tail, file |
| Search & filter | grep, find, wc |
| System info | pwd, whoami, date, uname, df, du, stat |
| Utilities | echo, which, env, printenv, history, tree |
pip, npm, rm, git, curl, and anything else — is blocked.
How It Works
The hook extracts the command name from the tool invocation JSON, checks it against the approved list, and denies it if not found:strict-mode/.
Try It
- Via API
- Via Badge
Customizing the Allowlist
Edit thecase statement in hooks/hooks.json to add commands for your use case:
When to Use Whitelisting
| Use case | Recommendation |
|---|---|
| General development work | Blacklist — fewer blocked operations |
| Read-only exploration or analysis | Whitelist — agent can only inspect, never modify |
| Regulated environments | Whitelist — explicit control over every permitted action |
| Shared/multi-tenant setups | Workspace Isolation combined with either approach |
See Also
- Command Blacklist — Block specific dangerous commands while allowing everything else
- Workspace Isolation — Enforce directory boundaries regardless of which commands are used
- Hooks — Full hooks documentation

