add_to_whitelist
Enable secure command execution by adding macOS terminal commands to the whitelist with specified security levels (safe, requires_approval, forbidden) on the Mac Shell MCP Server.
Instructions
Add a command to the whitelist
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| command | Yes | The command to whitelist | |
| description | No | Description of the command | |
| securityLevel | Yes | Security level for the command |
Input Schema (JSON Schema)
{
"properties": {
"command": {
"description": "The command to whitelist",
"type": "string"
},
"description": {
"description": "Description of the command",
"type": "string"
},
"securityLevel": {
"description": "Security level for the command",
"enum": [
"safe",
"requires_approval",
"forbidden"
],
"type": "string"
}
},
"required": [
"command",
"securityLevel"
],
"type": "object"
}
Implementation Reference
- src/index.ts:326-357 (handler)Main handler function for 'add_to_whitelist' tool. Parses arguments using Zod, maps security level string to enum, calls CommandService.addToWhitelist, and returns success response.private async handleAddToWhitelist(args: unknown) { const schema = z.object({ command: z.string(), securityLevel: z.enum(['safe', 'requires_approval', 'forbidden']), description: z.string().optional(), }); const { command, securityLevel, description } = schema.parse(args); // Map string security level to enum const securityLevelEnum = securityLevel === 'safe' ? CommandSecurityLevel.SAFE : securityLevel === 'requires_approval' ? CommandSecurityLevel.REQUIRES_APPROVAL : CommandSecurityLevel.FORBIDDEN; this.commandService.addToWhitelist({ command, securityLevel: securityLevelEnum, description, }); return { content: [ { type: 'text', text: `Command '${command}' added to whitelist with security level '${securityLevel}'`, }, ], }; }
- src/index.ts:120-140 (schema)Input schema definition for the 'add_to_whitelist' tool, registered in the ListTools response.name: 'add_to_whitelist', description: 'Add a command to the whitelist', inputSchema: { type: 'object', properties: { command: { type: 'string', description: 'The command to whitelist', }, securityLevel: { type: 'string', enum: ['safe', 'requires_approval', 'forbidden'], description: 'Security level for the command', }, description: { type: 'string', description: 'Description of the command', }, }, required: ['command', 'securityLevel'], },
- src/index.ts:228-229 (registration)Registration of the 'add_to_whitelist' handler in the CallToolRequestSchema switch statement.case 'add_to_whitelist': return await this.handleAddToWhitelist(args);
- Helper method in CommandService that stores the whitelist entry in the internal Map.public addToWhitelist(entry: CommandWhitelistEntry): void { this.whitelist.set(entry.command, entry); }
- Type definition for CommandWhitelistEntry used in addToWhitelist.export interface CommandWhitelistEntry { /** The command path or name */ command: string; /** Security level of the command */ securityLevel: CommandSecurityLevel; /** Allowed arguments (string for exact match, RegExp for pattern match) */ allowedArgs?: Array<string | RegExp>; /** Description of the command for documentation */ description?: string; }