Can I get some clarification how allowed_tools should work?

[goodevilgenius]

I'm looking to migrate from opencode to crush.

In opencode, I have a permission config like this:

{
  "bash": {
    "*": "ask",
    "git log *": "allow",
    "git status *": "allow",
    "git diff *": "allow",
    "git show *": "allow",
    "ls *": "allow",
    "grep *": "allow",
    "find *": "allow",
    "fd *": "allow",
    "rg *": "allow",
    "sort *": "allow",
    "head *": "allow",
    "tail *": "allow",
    "echo *": "allow",
    "rm *": "deny"
  },
  "edit": "ask",
  "webfetch": "ask"
}

According to Allowing Tools, in crush, I provide a list of the tools that are allowed. I'm mostly interested in whitelisting shell commands, similar to the "allow" fields above. In the docs, it shows "grep", and "ls" listed, so can I just put commands in there to allow certain commands? What about sub-commands, like whitelisting git log, but still requiring permission for git commit. Is such a thing possible?

[andreynering]

Hi @goodevilgenius,

There was a previous attempt to implement this, but it didn't proceed. It was a bit more complex than needed I think.

• feat: add ability to configure banned commands #1571

There is currently this other PR opened:

• feat: add allowed_commands configuration with CLI support #2043

Looks like it missed the ability to configure subcommands, though, and that would be nice to have. If you could try and give an opinion, that would be helpful.

[MaeuRodrig]

Would be helpful a migration guide (opencode -> crush) or (better) an almost compatibility.
my custom opencode config are in 4 folders: skills, plugins, prompts and commands.
My mcps are in opencode.json and an AGENTS.md in the root config.