[command_run]
Configuration for the command_run tool — timeouts, output bounds, and project env-loading flags.
deny_unknown_fields matches [limits] / [security]: typos in field names error loudly rather than silently fail.
auto_load_env
Section titled “auto_load_env”Auto-source project env files (.env, .env.local, .envrc) before each command_run invocation. Default: true. Set to false to disable env auto-loading entirely.
auto_load_env_files
Section titled “auto_load_env_files”Which file types to load (in precedence order; later overrides earlier). Empty disables auto-loading even when auto_load_env = true. Default: [".env", ".env.local", ".envrc"].
auto_load_env_protected
Section titled “auto_load_env_protected”Variable names that project files MUST NOT override. Glob patterns are supported (* matches any run of characters). Daemon-internal SEAL_* vars are always protected regardless of this list — adding them here is redundant. Common entries to consider: project-specific debug knobs the user wants stable across command_run calls.
command_max_timeout
Section titled “command_max_timeout”Hard ceiling (seconds). A tool call requesting a longer timeout is clamped to this value. 0 falls back to command_timeout as the effective cap.
command_run_max_output_chars
Section titled “command_run_max_output_chars”Soft cap in bytes on the in-memory aggregate returned to the LLM as the command_run tool result. Named chars for agent-facing convention; internally compared against String::len() in bytes with a char-boundary guard on truncation. On hit, the body is trimmed to the cap and the marker "\n[truncated at N chars — full output at <path>]" is appended.
command_run_spill_full_output
Section titled “command_run_spill_full_output”Disable per-call disk spill by setting false. The soft cap still applies; the marker drops the ” — full output at …” clause.
command_run_spill_max_bytes
Section titled “command_run_spill_max_bytes”Hard cap on bytes written to the spill file before the child is SIGKILL’d. 5 GiB ceiling. u64 because 5 GiB > u32::MAX.
command_run_verbose_default
Section titled “command_run_verbose_default”Default value for the command_run tool’s verbose argument when the call omits it. When false (default), the agent-facing buffer has wrapper-tool noise (today: direnv load notices from the direnv exec wrap) filtered out. Set to true to surface the unfiltered buffer to the agent by default. Per-call verbose: Some(b) overrides this. The spill file always contains the unfiltered buffer.
command_timeout
Section titled “command_timeout”Default timeout (seconds) applied when a tool call omits its own timeout. 0 disables the timeout entirely.
envrc_mode
Section titled “envrc_mode”Per-project trust mode for .envrc body content. Lives on [command_run].envrc_mode. See [CommandRunConfig::envrc_mode].
| Value | Meaning |
|---|---|
"prompt" | Body change re-prompts; approved bodies cached. |
"trust" | Skip the prompt entirely; cache + direnv allow on first sight. |
"off" | Never wrap command_run in direnv exec. |