diff --git a/nanobot/agent/loop.py b/nanobot/agent/loop.py
index ca9a06e..bf40214 100644
--- a/nanobot/agent/loop.py
+++ b/nanobot/agent/loop.py
@@ -117,12 +117,14 @@ class AgentLoop:
         allowed_dir = self.workspace if self.restrict_to_workspace else None
         for cls in (ReadFileTool, WriteFileTool, EditFileTool, ListDirTool):
             self.tools.register(cls(workspace=self.workspace, allowed_dir=allowed_dir))
-        self.tools.register(ExecTool(
-            working_dir=str(self.workspace),
-            timeout=self.exec_config.timeout,
-            restrict_to_workspace=self.restrict_to_workspace,
-            path_append=self.exec_config.path_append,
-        ))
+        if self.exec_config.enable:
+            self.tools.register(ExecTool(
+                working_dir=str(self.workspace),
+                timeout=self.exec_config.timeout,
+                restrict_to_workspace=self.restrict_to_workspace,
+                path_append=self.exec_config.path_append,
+                deny_patterns=self.exec_config.deny_patterns,
+            ))
         self.tools.register(WebSearchTool(api_key=self.brave_api_key, proxy=self.web_proxy))
         self.tools.register(WebFetchTool(proxy=self.web_proxy))
         self.tools.register(MessageTool(send_callback=self.bus.publish_outbound))
diff --git a/nanobot/config/schema.py b/nanobot/config/schema.py
index 8cfcad6..a1d6ed4 100644
--- a/nanobot/config/schema.py
+++ b/nanobot/config/schema.py
@@ -305,9 +305,10 @@ class WebToolsConfig(Base):
 class ExecToolConfig(Base):
     """Shell exec tool configuration."""
 
+    enable: bool = True
     timeout: int = 60
     path_append: str = ""
-
+    deny_patterns: list[str] | None = None
 
 class MCPServerConfig(Base):
     """MCP server connection configuration (stdio or HTTP)."""