Executes a shell command via /bin/sh -c with a configurable timeout.
Arguments:
command(required) — the shell command.timeout_ms(optional, default 120_000, max 600_000).
Returns captured stdout+stderr plus the exit code. Timeouts kill the spawned
process and surface {:error, :timeout} to the loop.
Runs with cd: ctx.cwd, stderr_to_stdout: true. No input redirection.
Summary
Functions
Classify a bash invocation's args as read-only or not. Used by the
permissions layer to allow read-only bash calls (cat, ls, grep, git log,
gh issue view, …) during :plan phase while still denying mutations
(rm, mkdir, redirects, git add/commit, mix ecto.migrate, …).
Functions
Classify a bash invocation's args as read-only or not. Used by the
permissions layer to allow read-only bash calls (cat, ls, grep, git log,
gh issue view, …) during :plan phase while still denying mutations
(rm, mkdir, redirects, git add/commit, mix ecto.migrate, …).
Returns true when args["command"] does not match any known
write/destructive pattern. Missing/empty command → false (treat as
not read-only so the model gets a clear phase-gated denial rather than
a silent allow).