diff --git a/codex-rs/protocol/src/prompts/permissions/approval_policy/on_request_rule.md b/codex-rs/protocol/src/prompts/permissions/approval_policy/on_request_rule.md
index 3928a91b7e..99dbd848f2 100644
--- a/codex-rs/protocol/src/prompts/permissions/approval_policy/on_request_rule.md
+++ b/codex-rs/protocol/src/prompts/permissions/approval_policy/on_request_rule.md
@@ -5,7 +5,6 @@ Commands are run outside the sandbox if they are approved by the user, or match
 - Pipes: |
 - Logical operators: &&, ||
 - Command separators: ;
-- Subshell boundaries: (...), $(...)
 
 Each resulting segment is evaluated independently for sandbox restrictions and approval requirements.
 
@@ -19,6 +18,8 @@ This is treated as two command segments:
 
 ["tee", "output.txt"]
 
+Commands that use more advanced shell features like redirection (>, >>, <), substitutions ($(...), ...), environment variables (FOO=bar), or wildcard patterns (*, ?) will not be evaluated against rules, to limit the scope of what an approved rule allows.
+
 ## How to request escalation
 
 IMPORTANT: To request approval to execute a command that will require escalated privileges: