Safe commands enable Agentforce Vibes to run approved terminal commands automatically, without interrupting your workflow for manual approval. You control which commands are safe through a configurable allowlist. Before adding commands to your safe list, review them for security implications to ensure that they don't pose risks to your development environment.

1. In the Agentforce chat panel, click Auto-approve to open the Auto-approve settings.
2. Click Safe Commands Allowlist to open your a4d_safe_commands file.
3. Add commands to the file, one per line.
4. Use # at the start of a line to add comments. Agentforce ignores commented lines.
5. Save the file.

Agentforce Vibes gives you two approaches to match commands in your safe list, each suited to different levels of control and flexibility.

With exact matching, you specify commands precisely as they appear in the terminal. Agentforce auto-approves only commands that match each character exactly. This is always a safer option.

Examples:

When you add git status to your safe commands list, Agentforce auto-approves only git status. Variations like git status --short or git log still require your manual approval, giving you fine-grained control.

When you frequently use a command with different arguments, flexible matching saves time. Add ... after the base command to approve it regardless of the arguments that follow.

Examples:

With git checkout ... in your safe commands list, Agentforce auto-approves all of these commands:

• git checkout main
• git checkout -b feature-branch
• git checkout v1.2.3

Flexible patterns respect word boundaries. The pattern git checkout ... matches git checkout main but not git checkoutfoo, ensuring pattern safety.

Agentforce Vibes understands compound commands, which multiple commands connected by separators in a single-line. When you run a compound command, Agentforce validates each individual command against your safe list.

Supported separators:

• ; (semicolon) - Sequential execution
• & (background) - Run in background
• && (AND) - Run second command only if first succeeds
• || (OR) - Run second command only if first fails
• Newlines (\n) - Multiple lines in the same execution

Examples:

Agentforce auto-approves a compound command only when every command in the chain exists in your safe list. If you run npm run build && npm test, you must list both npm run buildand npm test as safe commands— either individually or as the full compound command.

Security Note: Pipelines (|) and redirections (>, <, >>) always require manual approval. These operators can modify command behavior and potentially enable data exfiltration, so Agentforce treats them as high-risk patterns regardless of your safe list configuration.

Agentforce Vibes interprets shell quoting rules intelligently, distinguishing between operators that run and text that's simply displayed, allowing you to use legitimate commands with special characters while maintaining security.

When separators and special characters appear inside quotes, Agentforce treats them as literal text rather than operational commands.

These are safe (separators become text):

When you have echo ... in your safe commands list, Agentforce auto-approves all of the commands because the separators are safely contained within quotes. Agentforce reads them as just text instead of executable operators.

Different quote types offer different levels of security. Choose the right quote type based on what you're trying to accomplish.

Single Quotes (Safest Option)

Single quotes prevent all shell expansion and substitution, treating everything inside as literal text.

Double Quotes (Use carefully)

Double quotes allow variable expansion and command substitution, which creates security risks.

Agentforce always requires approval for double-quoted strings containing command substitution $() or variable expansion ${...}. These patterns execute code dynamically, making them inherently risky even in a safe list.

Agentforce Vibes prioritizes your security by automatically blocking high-risk command patterns, regardless of your safe list configuration. Understanding these restrictions helps you work safely while maintaining productivity.

These patterns are safe when they appear inside quotes because they're treated as literal text rather than executable operators:

• Separators: echo "hello; world" — the semicolon is just text in your output
• Operators: git commit -m "A & B" — the ampersand is part of your commit message
• Pipes: echo "data | formatted" — the pipe symbol appears in your text output

Here's a practical example showing how to structure your a4d_safe_commands file. This example demonstrates exact matching, flexible patterns, multi-command chains, and safe quote usage.

Follow these practices to maintain security while maximizing productivity with safe commands.

Start with exact matching. Exact matching gives you precise control over auto-approved commands. Add flexible patterns only when you've established trust with specific command families.

Test in development first. Before adding commands to your production workflow, verify them in a development environment, helping you catch unintended side effects.

Review regularly. Audit your safe commands list periodically. Remove commands you no longer use to minimize your security surface area.

Organize with comments. Use # comments to group commands by category, project, or purpose. This makes your safe list easier to maintain as it grows.

Choose quotes wisely. Use single quotes when you need to prevent all shell expansion. Use double quotes only for literal text without variable expansion or command substitution.

Understand flexible patterns. The ... pattern is powerful but permissive. When you add git checkout ..., you're trusting all possible arguments. Use this pattern only for commands where you understand the full range of potential behaviors.