feature-request: provide a mechanism to control a URL domain allow-list for the `--detect-urls` feature.

[hrivera-ntap]

Issue

I'd love to use the detect urls feature, but am scared of the possibility of rogue URLs getting injected into the prompts somehow.

If we had a way to provide some sort of comma-separated list of allowed domains to let through, that would help make this a bit more secure perhaps.

Perhaps some sort of new flag like --allowed-domains <domain1>,[domain2,...] flag backed by an ENV CECLI_ALLOWED_DOMAINS=... or something better named.

Without it, my only option is to do some sort of URL redaction pass of the prompt message file to filter out domains i don't recognize before running cecli.

Version and model info

No response

[dwash96]

So the configuration in .cecli.conf.yml for this, documented at:

https://github.com/dwash96/cecli/blob/main/cecli/website/docs/config/security.md

security-config:
  allowed-domains:
    - github.com
    - example.com