If you want to pull in your local .zshrc settings for each execute_bash command, you can follow the following steps:
- copy the following content to a new file named “myzsh” and put it somewhere in your local bin folder. I put it under ~/bin/myzsh
#!/bin/zsh
# Set to "allowlist" or "blocklist"
MODE="blocklist"
ALLOWED_PATTERNS=(
'^ls'
'^cat'
'^echo'
'^pwd'
'^cd'
'^grep'
'^find'
'^git'
)
NOT_ALLOWED_PATTERNS=(
'^rm'
'^sudo'
'^chmod'
'eval'
)
###########
check_command() {
local cmd="$1"
cmd=$(echo "$cmd" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
if [[ "$MODE" == "allowlist" ]]; then
for pattern in "${ALLOWED_PATTERNS[@]}"; do
if [[ "$cmd" =~ $pattern ]]; then
return 0
fi
done
return 1
else
for pattern in "${NOT_ALLOWED_PATTERNS[@]}"; do
if [[ "$cmd" =~ $pattern ]]; then
return 1
fi
done
return 0
fi
}
if [[ "$1" == "-c" ]]; then
source ~/.zshrc
echo "$2" | sed 's/[;&|]\+/\n/g' | while IFS= read -r cmd; do
if ! check_command "$cmd"; then
echo "Command checked by security rules: $cmd"
printf "Run anyway? (y/n):\n"
if read -r response </dev/tty 2>/dev/null; then
case "$response" in
y|yes) ;;
*) echo "Notice: Command skipped" >&2; exit 1 ;;
esac
else
echo "Notice: Command skipped" >&2; exit 1
fi
fi
done
eval "$2"
else
exec zsh "$@"
fi
2.
chmod +x ~/bin/myzsh
export AMAZON_Q_CHAT_SHELL="$HOME/bin/myzsh"
And use q chat as you normally do. in my case, it was able to see all the aliases I defined in my .zshrc file while before doing this it couldn’t see them. Also now you have full control on what command are allowed or blocked.