Control which commands Ona Agent can execute with command deny lists.
Configure command deny list patterns in Agents settings
aws *
exec
toolshutdown
blocks exactly “shutdown”shutdown*
blocks “shutdown”, “shutdown -h”, “shutdown now”rm *
blocks all rm
commands with arguments/clear
, /support-bundle
) are NOT directly blocked by deny lists. Slash commands are converted to prompts before reaching Ona Agent!
) are still subject to deny list filteringConfigure command deny list patterns in Agents settings
aws *
instead of listing every aws
variant