1 files changed, 29 insertions, 10 deletions

diff --git a/tools.go b/tools.go
index dbf8310..dbf1f89 100644
--- a/tools.go
+++ b/tools.go
@@ -648,12 +648,6 @@ func executeCommand(args map[string]string) []byte {
 		return []byte(msg)
 	}
 
-	if !isCommandAllowed(command) {
-		msg := fmt.Sprintf("command '%s' is not allowed", command)
-		logger.Error(msg)
-		return []byte(msg)
-	}
-
 	// Get arguments - handle both single arg and multiple args
 	var cmdArgs []string
 	if args["args"] != "" {
@@ -673,6 +667,12 @@ func executeCommand(args map[string]string) []byte {
 		}
 	}
 
+	if !isCommandAllowed(command, cmdArgs...) {
+		msg := fmt.Sprintf("command '%s' is not allowed", command)
+		logger.Error(msg)
+		return []byte(msg)
+	}
+
 	// Execute with timeout for safety
 	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
 	defer cancel()
@@ -907,7 +907,19 @@ func todoDelete(args map[string]string) []byte {
 	return jsonResult
 }
 
-func isCommandAllowed(command string) bool {
+var gitReadSubcommands = map[string]bool{
+	"status":    true,
+	"log":       true,
+	"diff":      true,
+	"show":      true,
+	"branch":    true,
+	"reflog":    true,
+	"rev-parse": true,
+	"shortlog":  true,
+	"describe":  true,
+}
+
+func isCommandAllowed(command string, args ...string) bool {
 	allowedCommands := map[string]bool{
 		"grep":   true,
 		"sed":    true,
@@ -937,8 +949,15 @@ func isCommandAllowed(command string) bool {
 		"whoami": true,
 		"date":   true,
 		"uname":  true,
+		"git":    true,
+	}
+	if !allowedCommands[command] {
+		return false
+	}
+	if command == "git" && len(args) > 0 {
+		return gitReadSubcommands[args[0]]
 	}
-	return allowedCommands[command]
+	return true
 }
 
 func summarizeChat(args map[string]string) []byte {
@@ -1303,14 +1322,14 @@ var baseTools = []models.Tool{
 		Type: "function",
 		Function: models.ToolFunc{
 			Name:        "execute_command",
-			Description: "Execute a shell command safely. Use when you need to run system commands like grep sed awk find cat head tail sort uniq wc ls echo cut tr cp mv rm mkdir rmdir pwd df free ps top du whoami date uname",
+			Description: "Execute a shell command safely. Use when you need to run system commands like grep sed awk find cat head tail sort uniq wc ls echo cut tr cp mv rm mkdir rmdir pwd df free ps top du whoami date uname. Git is allowed for read-only operations: status, log, diff, show, branch, reflog, rev-parse, shortlog, describe.",
 			Parameters: models.ToolFuncParams{
 				Type:     "object",
 				Required: []string{"command"},
 				Properties: map[string]models.ToolArgProps{
 					"command": models.ToolArgProps{
 						Type:        "string",
-						Description: "command to execute (only commands from whitelist are allowed: grep sed awk find cat head tail sort uniq wc ls echo cut tr cp mv rm mkdir rmdir pwd df free ps top du whoami date uname",
+						Description: "command to execute (only commands from whitelist are allowed: grep sed awk find cat head tail sort uniq wc ls echo cut tr cp mv rm mkdir rmdir pwd df free ps top du whoami date uname; git allowed for reads: status log diff show branch reflog rev-parse shortlog describe)",
 					},
 					"args": models.ToolArgProps{
 						Type:        "string",