This is pretty rad, just installed it. Ironically I'm not sure it handles the initial use case in the github: `git push`. I don't see a control for that (force push has a control).
The way it works, since I don't see it here, is if the agent tries something you marked as 'nah?' in the config, accessing sensitive_paths:~/.aws/ then you get this:
Hook PreToolUse:Bash requires confirmation for this command: nah? Bash: targets sensitive path: ~/.aws
Which is pretty great imo.
thx! yeah git push is intentionally allowed, it's normal dev workflow operation. but git push --force on the other hand gets flagged as 'git_history_rewrite = ask'.
if you want regular push to also require approval you can set that in your config with nah deny git_write and you get other 'git_writes = ask' for free.