feat(core): add allowEnv policy option for shell commands

google-labs-jules[bot] · rmedranollamas · rmedranollamas · commit 030c928b53c9 · 2026-04-14T15:26:04.000+02:00
This adds `allowEnv` to the policy engine, mirroring the behavior
of `allowRedirection`. It allows shell commands prefixed with
environment variable assignments (e.g. `VAR=value cmd`) to execute
without prompting the user if they match a rule with `allowEnv = true`.

Also includes tests to verify parsing and enforcement logic.

Address Code Review Feedback:
- Updated `hasEnvPrefix` to detect the use of the `env` command (e.g., `env VAR=val cmd`)
- Added tests to verify `env` command detection

Co-authored-by: rmedranollamas &lt;45878745+rmedranollamas@users.noreply.github.com&gt;
diff --git a/packages/core/src/utils/shell-utils.test.ts b/packages/core/src/utils/shell-utils.test.ts
@@ -23,6 +23,7 @@ import {
   stripShellWrapper,
   normalizeCommand,
   hasRedirection,
+  hasEnvPrefix,
   resolveExecutable,
 } from './shell-utils.js';
 import path from 'node:path';
@@ -621,3 +622,33 @@ describe('resolveExecutable', () => {
     expect(await resolveExecutable('unknown')).toBeUndefined();
   });
 });
+
+describe('hasEnvPrefix', () => {
+  it('should detect simple environment variable assignments', () => {
+    expect(hasEnvPrefix('FOO=bar cmd')).toBe(true);
+    expect(hasEnvPrefix('FOO=bar')).toBe(true);
+    expect(hasEnvPrefix('FOO=bar baz=qux cmd')).toBe(true);
+  });
+
+  it('should detect quoted environment variable assignments', () => {
+    expect(hasEnvPrefix('FOO="bar baz" cmd')).toBe(true);
+    expect(hasEnvPrefix("FOO='bar baz' cmd")).toBe(true);
+  });
+
+  it('should detect environment variable assignments using env', () => {
+    expect(hasEnvPrefix('env FOO=bar cmd')).toBe(true);
+    expect(hasEnvPrefix('FOO=bar env cmd')).toBe(true);
+    expect(hasEnvPrefix('env FOO="bar baz" cmd')).toBe(true);
+    expect(hasEnvPrefix('env cmd')).toBe(true);
+  });
+
+  it('should not detect environment variables used in the command', () => {
+    expect(hasEnvPrefix('echo $FOO')).toBe(false);
+    expect(hasEnvPrefix('echo "${FOO}"')).toBe(false);
+  });
+
+  it('should not detect commands that just happen to have an equal sign later', () => {
+    expect(hasEnvPrefix('echo foo=bar')).toBe(false);
+    expect(hasEnvPrefix('cmd --opt=val')).toBe(false);
+  });
+});
diff --git a/packages/core/src/utils/shell-utils.ts b/packages/core/src/utils/shell-utils.ts
@@ -755,7 +755,9 @@ export function hasRedirection(command: string): boolean {
  * Checks if a command contains environment variable prefixes (e.g. `FOO=bar cmd`).
  */
 export function hasEnvPrefix(command: string): boolean {
-  const fallbackCheck = () => /^[a-zA-Z_][a-zA-Z0-9_]*=/.test(command.trim());
+  const fallbackCheck = () =>
+    /^(?:env\s+)?[a-zA-Z_][a-zA-Z0-9_]*=/.test(command.trim()) ||
+    /^env\s+/.test(command.trim());
 
   const configuration = getShellConfiguration();
 
@@ -769,6 +771,9 @@ export function hasEnvPrefix(command: string): boolean {
       if (current.type === 'variable_assignment') {
         return true;
       }
+      if (current.type === 'command_name' && current.text === 'env') {
+        return true;
+      }
       for (let i = current.childCount - 1; i >= 0; i -= 1) {
         const child = current.child(i);
         if (child) stack.push(child);
diff --git a/test_parse_tree3.js b/test_parse_tree3.js
@@ -0,0 +1,28 @@
+import { initializeShellParsers } from './packages/core/dist/src/utils/shell-utils.js';
+import { Parser, Language } from 'web-tree-sitter';
+import fs from 'fs';
+
+async function main() {
+  await initializeShellParsers();
+  const treeSitterBinary = new Uint8Array(fs.readFileSync('node_modules/web-tree-sitter/tree-sitter.wasm'));
+  const bashBinary = new Uint8Array(fs.readFileSync('node_modules/tree-sitter-bash/tree-sitter-bash.wasm'));
+
+  await Parser.init({ wasmBinary: treeSitterBinary });
+  const bashLanguage = await Language.load(bashBinary);
+
+  const parser = new Parser();
+  parser.setLanguage(bashLanguage);
+
+  const tree = parser.parse('env FOO=bar PAGER=cat git commit');
+
+  function printNode(node, indent = '') {
+    console.log(`${indent}${node.type} [${node.startIndex}, ${node.endIndex}] '${node.text}'`);
+    for (let i = 0; i < node.childCount; i++) {
+      printNode(node.child(i), indent + '  ');
+    }
+  }
+
+  printNode(tree.rootNode);
+}
+
+main();
diff --git a/test_parse_tree4.js b/test_parse_tree4.js
@@ -0,0 +1,28 @@
+import { initializeShellParsers } from './packages/core/dist/src/utils/shell-utils.js';
+import { Parser, Language } from 'web-tree-sitter';
+import fs from 'fs';
+
+async function main() {
+  await initializeShellParsers();
+  const treeSitterBinary = new Uint8Array(fs.readFileSync('node_modules/web-tree-sitter/tree-sitter.wasm'));
+  const bashBinary = new Uint8Array(fs.readFileSync('node_modules/tree-sitter-bash/tree-sitter-bash.wasm'));
+
+  await Parser.init({ wasmBinary: treeSitterBinary });
+  const bashLanguage = await Language.load(bashBinary);
+
+  const parser = new Parser();
+  parser.setLanguage(bashLanguage);
+
+  const tree = parser.parse('FOO=bar env PAGER=cat git commit');
+
+  function printNode(node, indent = '') {
+    console.log(`${indent}${node.type} [${node.startIndex}, ${node.endIndex}] '${node.text}'`);
+    for (let i = 0; i < node.childCount; i++) {
+      printNode(node.child(i), indent + '  ');
+    }
+  }
+
+  printNode(tree.rootNode);
+}
+
+main();
