How does reviewqueue exec decide what to queue?
The risk classifier inspects argv before subprocess execution. Patterns like git push, recursive deletes, and deploy commands are flagged as risky and written to `~/.reviewqueue/pending/<id>.json` with cwd and optional git diff context. Ben…
How does reviewqueue exec decide what to queue?
Answer
The risk classifier inspects argv before subprocess execution. Patterns like git push, recursive deletes, and deploy commands are flagged as risky and written to `~/.reviewqueue/pending/<id>.json` with cwd and optional git diff context. Benign commands run immediately. Queued commands wait until `reviewqueue approve <id>` runs them or `reviewqueue reject <id>` denies with exit code 2. Every transition appends to audit.jsonl.
Related workflows
Pair ReviewQueue approvals with DestructGuard blocklists for known-bad patterns and IncidentScribe timelines when something still goes wrong. The classifier flags git push, recursive deletes, and deploy commands; humans decide approve or reject before execution.
Next steps
Run `reviewqueue init`, wrap agent shell access with `reviewqueue exec -- <command>`, and open https://reviewqueue.hermesplant.com to paste queue or audit JSON for review. Upgrade to the Team Pack for Slack/Telegram notification scripts and shared-queue rollout guides.
FAQ
How does reviewqueue exec decide what to queue?
The risk classifier inspects argv before subprocess execution. Patterns like git push, recursive deletes, and deploy commands are flagged as risky and written to `~/.reviewqueue/pending/<id>.json` with cwd and optional git diff context. Benign commands run immediately. Queued commands wait until `reviewqueue approve <id>` runs them or `reviewqueue reject <id>` denies with exit code 2. Every transition appends to audit.jsonl.