# is_shell_command_allowed

> **Function** in `deepagents_cli`

📖 [View in docs](https://reference.langchain.com/python/deepagents-cli/config/is_shell_command_allowed)

Check if a shell command is in the allow-list.

The allow-list matches against the first token of the command (the executable
name). This allows read-only commands like ls, cat, grep, etc. to be
auto-approved.

When `allow_list` is the `SHELL_ALLOW_ALL` sentinel, all non-empty commands
are approved unconditionally — dangerous pattern checks are skipped.

SECURITY: For regular allow-lists, this function rejects commands containing
dangerous shell patterns (command substitution, redirects, process
substitution, etc.) BEFORE parsing, to prevent injection attacks that could
bypass the allow-list.

## Signature

```python
is_shell_command_allowed(
    command: str,
    allow_list: list[str] | None,
) -> bool
```

## Parameters

| Name | Type | Required | Description |
|------|------|----------|-------------|
| `command` | `str` | Yes | The full shell command to check. |
| `allow_list` | `list[str] \| None` | Yes | List of allowed command names (e.g., `["ls", "cat", "grep"]`), the `SHELL_ALLOW_ALL` sentinel to allow any command, or `None`. |

## Returns

`bool`

`True` if the command is allowed, `False` otherwise.

---

[View source on GitHub](https://github.com/langchain-ai/deepagents/blob/64ecf141be0479f859f4efe25d139166b45ee18c/libs/cli/deepagents_cli/config.py#L1539)