Before Opsh shows you a generated command, it runs the command through a safety classifier that checks for risky patterns — from simple file moves to commands that could destroy your system. The result shapes whether Opsh asks you to confirm, refuses to run the command at all, or (in warp mode) proceeds automatically.
Risk levels
Every command Opsh generates is assigned one of three risk levels: safe, caution, or dangerous. The level determines whether Opsh requires your confirmation before running the command and how warp mode behaves. See Command risk levels for a full breakdown of what triggers each level.
Hard-blocked commands
Some commands are never executed, regardless of what you confirm. These match patterns that could cause irreversible, system-wide damage:
| Pattern | Why it’s blocked |
|---|
rm -rf / or rm -rf --no-preserve-root | Deletes every file on the system |
| Fork bomb pattern | Crashes the system by exhausting process resources |
mkfs.* | Formats a filesystem, erasing all data on the target device |
dd writing to raw disk | Writes directly to a raw disk, destroying its contents |
Confirmation flow
By default (confirmByDefault: true), Opsh asks for your confirmation before running every command. If you set confirmByDefault: false, Opsh skips the prompt for safe commands but still confirms for caution and dangerous ones. Dangerous commands always require confirmation regardless of settings — they are never auto-run, even in warp mode. At the confirmation prompt you can:
- Press Enter or y to run the command
- Press n to cancel
- Press e to edit the command manually before running
- Press r to ask Opsh to regenerate a safer or simpler version
Print-only mode
To prevent Opsh from executing anything at all, enable print-only mode. Opsh will generate and display the command but stop before running it.
- In the REPL, type
!print on to toggle print-only mode on
- In one-shot mode, pass the
--print-only flag: opsh --print-only "list open ports"
Safety classification catches common dangerous patterns, but it cannot guarantee that every generated command is safe for your specific environment. Always read the command and its explanation before confirming, especially for commands classified as caution or dangerous.
