diff --git a/command.go b/command.go
index 0fea787..29180cf 100644
--- a/command.go
+++ b/command.go
@@ -142,6 +142,8 @@ func New(cfg *Config) (cmd Command, err error) {
 			IsHistoryDisabled: cfg.IsHistoryDisabled,
 			//
 			IsInheritEnvironmentEnabled: cfg.IsInheritEnvironmentEnabled,
+			//
+			AllowedSystemEnvKeys: cfg.AllowedSystemEnvKeys,
 		})
 		if err != nil {
 			return nil, err
@@ -167,6 +169,8 @@ func New(cfg *Config) (cmd Command, err error) {
 			Privileged:     cfg.Privileged,
 			//
 			DockerHost: cfg.DockerHost,
+			//
+			AllowedSystemEnvKeys: cfg.AllowedSystemEnvKeys,
 		})
 		if err != nil {
 			return nil, err
@@ -186,6 +190,8 @@ func New(cfg *Config) (cmd Command, err error) {
 			Server:       cfg.Server,
 			ClientID:     cfg.ClientID,
 			ClientSecret: cfg.ClientSecret,
+			//
+			AllowedSystemEnvKeys: cfg.AllowedSystemEnvKeys,
 		})
 		if err != nil {
 			return nil, err
@@ -208,6 +214,8 @@ func New(cfg *Config) (cmd Command, err error) {
 			Platform:       cfg.Platform,
 			Network:        cfg.Network,
 			DisableNetwork: cfg.DisableNetwork,
+			//
+			AllowedSystemEnvKeys: cfg.AllowedSystemEnvKeys,
 		})
 		if err != nil {
 			return nil, err
@@ -233,6 +241,8 @@ func New(cfg *Config) (cmd Command, err error) {
 			//
 			IsIgnoreStrictHostKeyChecking: cfg.SSHIsIgnoreStrictHostKeyChecking,
 			KnowHostsFilePath:             cfg.SSHKnowHostsFilePath,
+			//
+			AllowedSystemEnvKeys: cfg.AllowedSystemEnvKeys,
 		})
 		if err != nil {
 			return nil, err
diff --git a/config/config.go b/config/config.go
index fbf6a60..a7f5b06 100644
--- a/config/config.go
+++ b/config/config.go
@@ -27,6 +27,8 @@ type Config struct {
 	// engine = host
 	IsHistoryDisabled           bool
 	IsInheritEnvironmentEnabled bool
+	//
+	AllowedSystemEnvKeys []string
 
 	// engine = docker
 	Image string
diff --git a/engine/caas/config.go b/engine/caas/config.go
index be54c0a..aea6bf9 100644
--- a/engine/caas/config.go
+++ b/engine/caas/config.go
@@ -16,4 +16,7 @@ type Config struct {
 
 	// Custom Command Runner ID
 	ID string
+
+	// AllowedSystemEnvKeys is the allowed system environment keys, which will be inherited to the command
+	AllowedSystemEnvKeys []string
 }
diff --git a/engine/caas/wait.go b/engine/caas/wait.go
index 7952799..9a4a177 100644
--- a/engine/caas/wait.go
+++ b/engine/caas/wait.go
@@ -1,9 +1,23 @@
 package caas
 
-import "github.com/go-zoox/commands-as-a-service/entities"
+import (
+	"os"
+
+	"github.com/go-zoox/commands-as-a-service/entities"
+)
 
 // Wait waits for the command to finish.
 func (c *caas) Wait() error {
+	if len(c.cfg.AllowedSystemEnvKeys) != 0 {
+		for _, key := range c.cfg.AllowedSystemEnvKeys {
+			if c.cfg.Environment[key] == "" {
+				if value, ok := os.LookupEnv(key); ok {
+					c.cfg.Environment[key] = value
+				}
+			}
+		}
+	}
+
 	return c.client.Exec(&entities.Command{
 		ID:          c.cfg.ID,
 		Script:      c.cfg.Command,
diff --git a/engine/dind/config.go b/engine/dind/config.go
index 20e6f0c..8b6d0f0 100644
--- a/engine/dind/config.go
+++ b/engine/dind/config.go
@@ -25,4 +25,7 @@ type Config struct {
 
 	// Custom Command Runner ID
 	ID string
+
+	// AllowedSystemEnvKeys is the allowed system environment keys, which will be inherited to the command
+	AllowedSystemEnvKeys []string
 }
diff --git a/engine/dind/create.go b/engine/dind/create.go
index 8b73a9a..96a8a5a 100644
--- a/engine/dind/create.go
+++ b/engine/dind/create.go
@@ -1,11 +1,23 @@
 package dind
 
 import (
+	"os"
+
 	"github.com/go-zoox/command/engine/docker"
 )
 
 // create creates a container.
 func (d *dind) create() (err error) {
+	if len(d.cfg.AllowedSystemEnvKeys) != 0 {
+		for _, key := range d.cfg.AllowedSystemEnvKeys {
+			if d.cfg.Environment[key] == "" {
+				if value, ok := os.LookupEnv(key); ok {
+					d.cfg.Environment[key] = value
+				}
+			}
+		}
+	}
+
 	d.client, err = docker.New(&docker.Config{
 		ID: d.cfg.ID,
 		//
diff --git a/engine/docker/config.go b/engine/docker/config.go
index 1baacd5..21c788a 100644
--- a/engine/docker/config.go
+++ b/engine/docker/config.go
@@ -30,4 +30,7 @@ type Config struct {
 
 	// Custom Command Runner ID
 	ID string
+
+	// AllowedSystemEnvKeys is the allowed system environment keys, which will be inherited to the command
+	AllowedSystemEnvKeys []string
 }
diff --git a/engine/docker/create.go b/engine/docker/create.go
index 95ac127..ee89292 100644
--- a/engine/docker/create.go
+++ b/engine/docker/create.go
@@ -3,6 +3,7 @@ package docker
 import (
 	"context"
 	"fmt"
+	"os"
 
 	"github.com/docker/cli/cli/streams"
 	"github.com/docker/docker/api/types"
@@ -23,6 +24,14 @@ func (d *docker) create() (err error) {
 		d.args = append(d.args, "-c", d.cfg.Command)
 	}
 
+	if len(d.cfg.AllowedSystemEnvKeys) != 0 {
+		for _, key := range d.cfg.AllowedSystemEnvKeys {
+			if value, ok := os.LookupEnv(key); ok {
+				d.env = append(d.env, fmt.Sprintf("%s=%s", key, value))
+			}
+		}
+	}
+
 	for k, v := range d.cfg.Environment {
 		d.env = append(d.env, fmt.Sprintf("%s=%s", k, v))
 	}
diff --git a/engine/host/config.go b/engine/host/config.go
index 8968ef2..e7ed602 100644
--- a/engine/host/config.go
+++ b/engine/host/config.go
@@ -14,6 +14,8 @@ type Config struct {
 	IsHistoryDisabled bool
 	//
 	IsInheritEnvironmentEnabled bool
+	// AllowedSystemEnvKeys is the allowed system environment keys, which will be inherited to the command
+	AllowedSystemEnvKeys []string
 
 	// Custom Command Runner ID
 	ID string
diff --git a/engine/host/create.go b/engine/host/create.go
index 550a85e..6d45db4 100644
--- a/engine/host/create.go
+++ b/engine/host/create.go
@@ -26,7 +26,7 @@ func (h *host) create() error {
 	logger.Debugf("create command: %s %v", h.cfg.Shell, args)
 	h.cmd = exec.Command(h.cfg.Shell, args...)
 
-	if err := applyEnv(h.cmd, h.cfg.Environment, h.cfg.IsInheritEnvironmentEnabled); err != nil {
+	if err := applyEnv(h.cmd, h.cfg.Environment, h.cfg.IsInheritEnvironmentEnabled, h.cfg.AllowedSystemEnvKeys); err != nil {
 		return err
 	}
 
@@ -45,10 +45,16 @@ func (h *host) create() error {
 	return nil
 }
 
-func applyEnv(cmd *exec.Cmd, environment map[string]string, IsInheritEnvironmentEnabled bool) error {
+func applyEnv(cmd *exec.Cmd, environment map[string]string, IsInheritEnvironmentEnabled bool, allowedSystemEnvKeys []string) error {
 	cmd.Env = append([]string{}, "TERM=xterm")
 	if IsInheritEnvironmentEnabled {
 		cmd.Env = append(cmd.Env, os.Environ()...)
+	} else if len(allowedSystemEnvKeys) != 0 {
+		for _, key := range allowedSystemEnvKeys {
+			if value, ok := os.LookupEnv(key); ok {
+				cmd.Env = append(cmd.Env, fmt.Sprintf("%s=%s", key, value))
+			}
+		}
 	}
 
 	for k, v := range environment {
diff --git a/engine/ssh/ssh.go b/engine/ssh/ssh.go
index 4fe603a..b314895 100644
--- a/engine/ssh/ssh.go
+++ b/engine/ssh/ssh.go
@@ -31,6 +31,8 @@ type Config struct {
 	//
 	KnowHostsFilePath string
 
+	AllowedSystemEnvKeys []string
+
 	//
 	ID string
 }
diff --git a/engine/ssh/start.go b/engine/ssh/start.go
index f57b5a6..cd939ab 100644
--- a/engine/ssh/start.go
+++ b/engine/ssh/start.go
@@ -2,6 +2,7 @@ package ssh
 
 import (
 	"io"
+	"os"
 
 	sshx "golang.org/x/crypto/ssh"
 )
@@ -20,6 +21,15 @@ func (s *ssh) Start() error {
 		return nil
 	}
 
+	if len(s.cfg.AllowedSystemEnvKeys) != 0 {
+		for _, key := range s.cfg.AllowedSystemEnvKeys {
+			if value, ok := os.LookupEnv(key); ok {
+				s.session.Setenv(key, value)
+			}
+		}
+
+	}
+
 	for k, v := range s.cfg.Environment {
 		s.session.Setenv(k, v)
 	}