apm approve / apm deny
Synopsis
Section titled “Synopsis”apm approve [PACKAGE_REF...] [OPTIONS]apm deny [PACKAGE_REF...] [OPTIONS]Description
Section titled “Description”APM blocks executable primitives (hooks, bin/ executables) from
dependency packages by default. The allowExecutables block in
apm.yml records which packages have been explicitly approved to
deploy executables.
apm approve adds a package to the allowlist. apm deny removes it.
How the gate works
Section titled “How the gate works”When apm install encounters a dependency that ships hooks or bin/
executables:
- If
allowExecutablesis absent fromapm.yml, everything is approved (backward-compatible, no gate). - If
allowExecutablesis present (even empty{}), only listed packages may deploy executables. - In interactive mode,
apm installprompts for each unapproved package. In CI (non-interactive), unapproved executables cause a hard error.
Local project content (the root .apm/ directory) is always trusted.
What is gated
Section titled “What is gated”| Type | Gated | Notes |
|---|---|---|
Hooks (.apm/hooks/, hooks/) | Yes | Auto-fire in IDE on lifecycle events |
Bin executables (bin/) | Yes | Deployed to agent PATH via symlinks |
| MCP servers | No | Enforcement deferred to a future release |
| Text primitives (skills, agents, instructions) | No | No code execution risk |
Options
Section titled “Options”apm approve
Section titled “apm approve”| Flag | Description |
|---|---|
PACKAGE_REF | One or more packages to approve (e.g. ci-hooks@acme). |
--pending | List all packages with unapproved executables. |
--all | Approve all currently blocked packages. |
apm deny
Section titled “apm deny”| Flag | Description |
|---|---|
PACKAGE_REF | One or more packages to deny (removes from allowlist). |
Manifest format
Section titled “Manifest format”Approvals are stored in apm.yml under allowExecutables, keyed by
name#version with per-type boolean flags:
allowExecutables: "ci-hooks@acme#1.2.0": hooks: true bin: true "dev-tools@org#0.5.0": hooks: trueVersion pinning means approval must be renewed when a package updates.
Examples
Section titled “Examples”Approve a specific package:
apm approve ci-hooks@acmeShow all blocked packages:
apm approve --pendingApprove everything (migration helper):
apm approve --allRevoke approval:
apm deny ci-hooks@acmeNon-interactive / CI usage
Section titled “Non-interactive / CI usage”In CI environments (CI=true, APM_NON_INTERACTIVE=1, or when stdin
is not a TTY), apm install fails with exit code 1 if any dependency
has unapproved executables. Pre-approve packages in apm.yml before
CI runs:
# One-time setup: approve all current dependenciesapm approve --allgit add apm.ymlgit commit -m "Approve executable dependencies"See also
Section titled “See also”apm install— the install command that enforces the gateapm audit— audit installed packages