📊 Status bar — shows current state and approved/blocked counts
How It Works
Polls Kiro's internal execution queue. If a pending execution doesn't match any denylist pattern, it auto-approves. If it matches, it blocks and logs the reason.
Commands
Command
Description
Kiro Yolo: Toggle ON/OFF
Enable/disable auto-approval
Kiro Yolo: Toggle Sound on Idle
Toggle sound notification
Kiro Yolo: Toggle Flash on Idle
Toggle taskbar flash
Kiro Yolo: Toggle Auto-Decline Spec Sessions
Auto-answer "No" to spec prompts
Kiro Yolo: Dump Kiro Commands
List all Kiro commands (debug)
Settings
Setting
Default
Description
kiroAutorun.enabled
true
Enable/disable auto-approval
kiroAutorun.pollIntervalSeconds
2
Seconds between polls
kiroAutorun.soundOnIdle
true
Play sound when agent finishes
kiroAutorun.flashOnIdle
true
Flash taskbar when agent finishes
kiroAutorun.autoDeclineSpec
false
Auto-decline spec session prompts
kiroAutorun.denylist
(see below)
Blocked command patterns
Default Denylist
The extension ships with a sensible default denylist that blocks:
Destructive file ops (rm -rf, del /f /s /q)
Privilege escalation (sudo rm, chmod 777)
Pipe-to-shell (curl | sh, wget | bash)
Database destruction (drop table, drop database, truncate table)
System commands (shutdown, reboot, mkfs)
Reverse shells and fork bombs
Force pushes (git push --force)
You can customize the denylist in VS Code settings.
