pub async fn validate_command(
command: &[String],
workspace_root: &Path,
working_dir: &Path,
confirm: bool,
) -> Result<()>Expand description
Validate whether a command is allowed to run under the execution policy.
The policy is inspired by the Codex execution policy and limits commands to a curated allow-list with argument validation to prevent workspace breakout or destructive actions.