Add blacklist/auto-reject mechanism for terminal commands alongside existing whitelistΒ #5522
Description
What specific problem does this solve?
When running Roo in specific workflows, certain commands need to be automatically rejected to maintain workflow integrity and prevent unwanted actions. Currently, we have a whitelist mechanism (added in PR #5491) that allows users to "always allow" certain commands, but there's no equivalent blacklist feature to automatically reject commands.
Who is affected: Users who run Roo in controlled workflows or environments where certain commands should never be executed
When this happens: During task execution when Roo suggests commands that are inappropriate for the specific workflow (e.g., using gh CLI to create PRs when that should be handled differently)
Current behavior: Users must manually reject unwanted commands each time they appear, even if they know they never want to execute them in their workflow
Expected behavior: Users should be able to mark commands as "always reject" similar to how they can mark commands as "always allow", preventing these commands from being executed automatically
Impact: Time wasted repeatedly rejecting the same commands, risk of accidentally approving unwanted commands, and inability to enforce workflow-specific command restrictions
Additional context
The UI for this feature should mirror the existing whitelist functionality shown in PR #5491. In the chat view, when commands appear during task execution, users should be able to toggle between:
- Always allow (existing functionality)
- Always reject (new functionality)
- Default behavior (ask each time)
The settings UI would need to be updated to show both whitelisted and blacklisted commands, allowing users to manage both lists manually.
This issue is currently blocked by #5491