# Supported Commands
Auto-generated by `safe-chains --list-commands`.
Any command with only `--version` or `--help` as its sole argument is always allowed.
## Unconditionally Safe
These commands are allowed with any arguments.
| Command | Description |
|---------|-------------|
| `arch` | Print machine architecture |
| `b2sum` | BLAKE2 checksum |
| `base64` | Base64 encode/decode |
| `basename` | Strip directory from path |
| `bat` | Syntax-highlighted cat |
| `bc` | Calculator |
| `branchdiff` | Branch diff tool |
| `cal` | Display calendar |
| `cat` | Print file contents |
| `cd` | Change directory |
| `cksum` | File checksum |
| `cloc` | Count lines of code |
| `colordiff` | Colorized diff |
| `column` | Format into columns |
| `comm` | Compare sorted files |
| `command` | Run command or check existence |
| `cucumber` | BDD test runner |
| `cut` | Extract fields from lines |
| `date` | Display date and time |
| `delta` | Syntax-highlighted diff viewer |
| `df` | Disk free space |
| `diff` | Compare files |
| `dig` | DNS lookup |
| `dirname` | Strip filename from path |
| `du` | Disk usage |
| `dust` | Disk usage viewer |
| `echo` | Print text |
| `exa` | Modern ls replacement |
| `expand` | Convert tabs to spaces |
| `expr` | Evaluate expression |
| `eza` | Modern ls replacement |
| `factor` | Print prime factors |
| `false` | Return failure exit code |
| `fd` | Find files |
| `file` | Detect file type |
| `fmt` | Reformat text |
| `fold` | Wrap lines |
| `getconf` | Get system configuration values |
| `grep` | Search file contents |
| `groups` | Print group memberships |
| `head` | Print first lines |
| `hexdump` | Display file in hex |
| `host` | DNS lookup |
| `hostname` | Print hostname |
| `htop` | Interactive process viewer |
| `iconv` | Convert character encoding |
| `id` | Print user/group IDs |
| `identify` | ImageMagick identify |
| `ifconfig` | Network interface info |
| `ioreg` | macOS I/O Registry viewer |
| `iotop` | I/O usage monitor |
| `jq` | JSON processor |
| `last` | Show login history |
| `lastlog` | Show last login for all users |
| `locale` | Print locale info |
| `ls` | List directory |
| `lsof` | List open files |
| `md5` | MD5 checksum (macOS) |
| `md5sum` | MD5 checksum |
| `mdfind` | Spotlight search (macOS) |
| `mdls` | File metadata (macOS) |
| `netstat` | Network connections and statistics |
| `nl` | Number lines |
| `nm` | List object file symbols |
| `nproc` | Print number of CPUs |
| `nslookup` | DNS lookup |
| `od` | Octal dump |
| `otool` | Object file tool (macOS) |
| `paste` | Merge lines of files |
| `pgrep` | Search for processes |
| `printenv` | Print environment variables |
| `printf` | Format and print text |
| `procs` | Modern process viewer |
| `ps` | List processes |
| `pwd` | Print working directory |
| `readlink` | Resolve symlink |
| `realpath` | Resolve path |
| `rev` | Reverse lines |
| `rg` | Ripgrep search |
| `route` | Routing table |
| `safe-chains` | Safe command checker |
| `seq` | Print number sequence |
| `sha1sum` | SHA-1 checksum |
| `sha256sum` | SHA-256 checksum |
| `sha512sum` | SHA-512 checksum |
| `shasum` | SHA checksum |
| `shellcheck` | Shell script linter |
| `size` | Object file section sizes |
| `sleep` | Pause execution |
| `ss` | Socket statistics |
| `stat` | File status |
| `strings` | Find printable strings in binary |
| `sum` | File checksum |
| `sw_vers` | macOS version info |
| `system_profiler` | macOS hardware/software info |
| `tac` | Print file in reverse |
| `tail` | Print last lines |
| `test` | Evaluate conditional expression |
| `tokei` | Code statistics |
| `top` | Process monitor |
| `tr` | Translate characters |
| `tree` | Directory tree |
| `true` | Return success exit code |
| `tty` | Print terminal name |
| `uname` | System information |
| `unexpand` | Convert spaces to tabs |
| `uniq` | Filter duplicate lines |
| `uptime` | System uptime |
| `uuidgen` | Generate UUID |
| `vm_stat` | Virtual memory statistics |
| `w` | Show logged-in users and activity |
| `wc` | Count lines/words/bytes |
| `which` | Locate command |
| `who` | Show logged-in users |
| `whoami` | Print current user |
| `whois` | Domain registration lookup |
| `xxd` | Hex dump |
## Handled Commands
These commands are allowed with specific subcommands or flags.
### `asdf`
Allowed: --version, current, help, info, list, version, which. Also: plugin-list, plugin-list-all. Multi-word: plugin list.
### `awk / gawk / mawk / nawk`
Safe unless program contains system, getline, |, >, >>, or -f flag (file-based program).
### `bash / sh`
Allowed: --version, --help. Only `bash -c` / `sh -c` with a safe inner command. Scripts denied.
### `brew`
Allowed: --prefix, --version, casks, cat, config, deps, desc, doctor, formulae, home, info, leaves, list, log, outdated, search, shellenv, tap, uses.
### `bun`
Allowed: --version, outdated, test. Multi-word: pm bin/cache/hash/ls. x delegates to bunx logic.
### `bundle`
Allowed: --version, check, info, list, show. Guarded: exec (brakeman, cucumber, erb_lint, herb, rspec, standardrb only).
### `bunx`
Allowed: --version. Whitelisted packages only: eslint, @herb-tools/linter, karma. Guarded: tsc (requires --noEmit). Skips flags: --bun/--no-install/--package/-p.
### `cargo`
Allowed: --version, audit, bench, build, check, clippy, deny, doc, license, locate-project, metadata, pkgid, read-manifest, search, test, tree, verify-project. Guarded: fmt (Requires: --check), publish (Requires: --dry-run. Denied: --force, --no-verify). Any subcommand with --help is safe (unless -- separator is present).
### `cmake`
Allowed: --version, --system-information (single argument only).
### `codesign`
Requires: --display, --verify, -d, -v. Denied: --force, --remove-signature, --sign, -f, -s.
### `composer`
Allowed: --version, about, audit, check-platform-reqs, diagnose, fund, help, info, licenses, outdated, show, suggests.
### `conda`
Allowed: --version, info, list. Guarded: config (--show, --show-sources only).
### `csrutil`
Allowed: authenticated-root, report, status.
### `defaults`
Allowed: domains, export, find, read, read-type.
### `deno`
Allowed: --version, check, doc, info, lint, test. Guarded: fmt (requires --check).
### `diskutil`
Allowed: activity, apfs, info, list, listFilesystems. Multi-word: apfs list/listCryptoUsers/listSnapshots/listVolumeGroups.
### `docker / podman`
Allowed: --version, diff, history, images, info, inspect, logs, port, ps, stats, top, version. Multi-word: buildx --version/inspect/ls/version, compose --version/config/images/ls/ps/top/version, container diff/inspect/list/logs/ls/port/stats/top, context inspect/ls/show, image history/inspect/list/ls, manifest inspect, network inspect/ls, system df/info, volume inspect/ls.
### `dotnet`
Allowed: --info, --list-runtimes, --list-sdks, --version, build, list, test.
### `env`
Strips flags (-i, -u) and KEY=VALUE pairs, then recursively validates the inner command. Bare `env` allowed.
### `find`
Safe unless dangerous flags: -delete, -ok, -okdir, -fls, -fprint, -fprint0, -fprintf. -exec/-execdir allowed when the executed command is itself safe.
### `fnm`
Allowed: --version, current, default, list, ls-remote.
### `gem`
Allowed: --version, contents, dependency, environment, help, info, list, outdated, pristine, search, sources, specification, stale, which.
### `gh`
Read-only subcommands (view/list/status/diff/checks/verify): pr, issue, repo, release, run, workflow, label, codespace, variable, extension, cache, attestation, gpg-key, ssh-key. Always safe: search, status. Guarded: auth (status/token only), browse (requires --no-browser), api (GET only, no body flags).
### `git`
Read-only: log, diff, show, status, ls-tree, grep, rev-parse, merge-base, merge-tree, fetch, help, shortlog, describe, blame, reflog, ls-files, ls-remote, diff-tree, cat-file, name-rev, for-each-ref, count-objects, verify-commit, verify-tag. Guarded: remote (deny add/remove/rename/set-url/prune), branch (deny -d/-m/-c/--delete/--move/--copy), stash (list, show only), tag (list only, deny -d/-a/-s/-f), config (--list/--get/--get-all/--get-regexp/-l only), worktree (list only), notes (show, list only). Supports `-C <dir>` prefix.
### `go`
Allowed: --version, build, doc, env, list, test, version, vet.
### `gradle / gradlew`
Allowed: --version, build, check, dependencies, properties, tasks, test.
### `hyperfine`
Recursively validates each benchmarked command. Denied if --prepare, --cleanup, or --setup flags are used (arbitrary shell execution).
### `jj`
Read-only: log, diff, show, status, st, help, --version. Multi-word: op log, file show, config get/list, bookmark list, git fetch, git remote list. Skips global flags: --ignore-working-copy, --no-pager, --quiet, --verbose, --debug, --ignore-immutable, --color, -R/--repository, --at-op/--at-operation.
### `launchctl`
Allowed: blame, dumpstate, error, examine, help, hostinfo, list, print, print-cache, print-disabled, resolveport, version.
### `lipo`
Requires: -archs, -detailed_info, -info, -verify_arch. Denied: -output.
### `llm`
Allowed: --version, aliases, collections, logs, models, plugins, templates.
### `log`
Allowed: help, show, stats, stream.
### `mise`
Allowed: --version, current, doctor, list, ls, which. Multi-word: settings get.
### `mvn / mvnw`
Allowed: --version, -v, compile, dependency:list, dependency:tree, help:describe, test, test-compile, validate, verify.
### `networksetup`
Allowed: subcommands starting with -list, -get, -show, -print, plus -version and -help.
### `nice / ionice`
Skips priority flags (-n/--adjustment), then recursively validates the inner command.
### `npm`
Allowed: --version, audit, doctor, explain, fund, info, list, ls, outdated, prefix, root, test, view, why. Guarded: config (list/get only), run/run-script (test/test:* only).
### `npx`
Allowed: --version. Whitelisted packages only: eslint, @herb-tools/linter, karma. Guarded: tsc (requires --noEmit). Skips flags: --yes/-y/--no/--package/-p.
### `nvm`
Allowed: --version, current, list, ls, ls-remote, version, which.
### `ollama`
Allowed: --version, list, ps, show.
### `perl`
Allowed: -e/-E inline one-liners with safe code, --version, --help, -v, -V. Blocked: script files (no -e/-E), -i (in-place edit), s///e modifier, backticks, and code containing identifiers not in the safe built-in allowlist.
### `pip / pip3`
Allowed: --version, check, debug, freeze, help, index, inspect, list, show. Guarded: config (list/get only).
### `pkgutil`
Requires: --check-signature, --export-plist, --file-info, --file-info-plist, --files, --group-pkgs, --groups, --groups-plist, --packages, --payload-files, --pkg-groups, --pkg-info, --pkg-info-plist, --pkgs, --pkgs-plist. Denied: --expand, --flatten, --forget, --learn.
### `plutil`
Allowed: -help, -lint, -p, -type.
### `pnpm`
Allowed: --version, audit, list, ls, outdated, why.
### `poetry`
Allowed: --version, check, show. Multi-word: env info/list.
### `pyenv`
Allowed: --version, help, root, shims, version, versions, which.
### `rbenv`
Allowed: --version, help, root, shims, version, versions, which.
### `rustup`
Allowed: --version, doc, show, which. Multi-word: component list, target list, toolchain list.
### `security`
Allowed: cms, dump-keychain, dump-trust-settings, find-certificate, find-generic-password, find-identity, find-internet-password, list-keychains, show-keychain-info, smartcard, verify-cert.
### `sed`
Safe unless -i/--in-place flag or 'e' modifier on substitutions (executes replacement as shell command).
### `sort`
Safe unless -o/--output or --compress-program flag.
### `swift`
Allowed: --version, build, test. Multi-word: package describe/dump-package/show-dependencies.
### `sysctl`
Safe unless -w/--write flag or key=value assignment syntax.
### `time`
Skips -p flag, then recursively validates the inner command.
### `timeout`
Skips timeout flags (-s/--signal, -k/--kill-after, --preserve-status), then recursively validates the inner command.
### `uv`
Allowed: --version. Multi-word: pip check/freeze/list/show, python list, tool list.
### `volta`
Allowed: --version, list, which.
### `xargs`
Recursively validates the inner command. Skips xargs-specific flags (-I, -L, -n, -P, -s, -E, -d, -0, -r, -t, -p, -x).
### `xcode-select`
Allowed: -p/--print-path, -v/--version. Denied: -s/--switch, -r/--reset, --install.
### `xcodebuild`
Allowed: -list, -showBuildSettings, -showdestinations, -showsdks, -version.
### `xcrun`
Allowed: --find, --show-sdk-build-version, --show-sdk-path, --show-sdk-platform-path, --show-sdk-platform-version, --show-sdk-version, --show-toolchain-path. Also: simctl list. Skips flags: --sdk/--toolchain (with arg), -v/-l/-n.
### `xmllint`
Safe unless --output flag.
### `yarn`
Allowed: --version, info, list, ls, why. Also allowed: test, test:*.
### `yq`
Safe unless -i/--inplace flag.