// This is a configuration file for gemini-cli, which sets up security policies and other configurations.
// Include this JSON in your project root/home dir .gemini/settings.json file to change the default security settings.
// Make sure to remove the comments before using it in production.
// WARNING: **DO NOT USE YOLO MODE** IN PRODUCTION ENVIRONMENTS WITHOUT A SANDBOX OR OTHER ISOLATION MECHANISM.
// It seriously can do a "rm -rf /" on your system if you are not careful.
{
"securityPolicy": {
// Security modes:
// "read-only": The safest mode, only read-only tools are allowed. This is the default behavior when this file is absent.
// "restricted": Recommended mode. Only tools listed in `allowedTools` are permitted, and shell commands are restricted.
// "yolo": Least secure mode, allows all operations without restrictions. Use only in fully trusted local development environments.
"mode": "restricted",
// In "restricted" mode, only tools listed here will be enabled.
"allowedTools": [
"read_file",
"list_directory",
"glob",
"search_file_content",
"google_web_search",
"web_fetch",
"write_file",
"replace",
"run_shell_command" // Allows shell tools, but their behavior is restricted by the shellCommandPolicy below
],
// Fine-grained control over the `run_shell_command` tool.
// This policy is effective only when "run_shell_command" is in "allowedTools".
"shellCommandPolicy": {
// Whitelist: Only these commands (or commands prefixed by these) are allowed.
// This is a very important security layer.
"allow": [
"ls",
"git status",
"git diff",
"npm install",
"npm run test",
"npm run lint",
"echo",
"cat",
"grep"
],
// Blacklist: Explicitly prohibits these dangerous commands as an additional safeguard.
// Blacklist takes precedence over whitelist.
"deny": [
"rm",
"sudo",
"mv",
"cp",
"docker",
"podman",
"chmod",
"chown"
]
}
},
// You can also add other gemini-cli configurations here, such as themes.
"theme": "Dracula"
}
