feat(blacklist): added ability to blacklist models & providers

[waleedlatif1]

Summary

• added ability to blacklist models & providers

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
docs	Skipped		Jan 7, 2026 6:35pm

[greptile-apps]

Greptile Summary

This PR implements a flexible blacklist system for providers and models using environment variables BLACKLISTED_PROVIDERS and BLACKLISTED_MODELS. The implementation applies filtering at multiple layers: UI model selection (via getBaseModelProviders), runtime execution (via getProviderFromModel), and API endpoints (provider routes return empty lists when blacklisted).

Key changes:

• Added isProviderBlacklisted() and filterBlacklistedModels() utilities with support for exact model matches and wildcard prefixes (claude-*)
• Updated agent, evaluator, and router blocks to use getBaseModelProviders() instead of getAllModelProviders() to filter blacklisted items from UI
• Modified Ollama, vLLM, and OpenRouter API routes to check provider blacklist and filter models
• Added runtime enforcement in getProviderFromModel() that throws errors if blacklisted providers/models are used
• Removed hardcoded Deepseek blacklist (replaced with generic env-based approach)

Implementation notes:

• getAllModelProviders() remains unfiltered for internal lookups, with blacklist enforcement happening after provider resolution in getProviderFromModel()
• Logging includes filtered count to track blacklist effectiveness
• Tests added but only cover happy path (no blacklist configured)

Confidence Score: 4/5

• This PR is safe to merge with minor considerations for test coverage
• The implementation is well-structured with multi-layer filtering (UI, runtime, API), consistent error handling, and proper logging. The approach of keeping getAllModelProviders() unfiltered while enforcing blacklist at usage points is sound. However, tests only cover the happy path without actual blacklist scenarios, which reduces confidence in edge case handling. The removal of hardcoded Deepseek blacklist in favor of the generic system is a good architectural improvement.
• apps/sim/providers/utils.test.ts - Tests should be enhanced to cover actual blacklist scenarios with mocked environment variables

Important Files Changed

Filename	Overview
apps/sim/providers/utils.ts	Core blacklist implementation added with provider and model filtering, runtime enforcement in getProviderFromModel
apps/sim/lib/core/config/env.ts	Added BLACKLISTED_PROVIDERS and BLACKLISTED_MODELS environment variables with proper documentation
apps/sim/blocks/blocks/agent.ts	Changed from getAllModelProviders to getBaseModelProviders to apply blacklist filtering in UI
apps/sim/providers/utils.test.ts	Added basic tests for blacklist functions, but tests only cover happy path without actual blacklist scenarios

Sequence Diagram

sequenceDiagram
    participant User
    participant UI as UI/Block Config
    participant API as API Routes
    participant Utils as Provider Utils
    participant Env as Environment Config

    Note over Env: BLACKLISTED_PROVIDERS=openai<br/>BLACKLISTED_MODELS=gpt-4,claude-*

    User->>UI: Select model for workflow
    UI->>Utils: getBaseModelProviders()
    Utils->>Utils: filterBlacklistedModelsFromProviderMap()
    Utils->>Utils: isProviderBlacklisted(providerId)
    Utils->>Env: Check BLACKLISTED_PROVIDERS
    Env-->>Utils: Provider blacklist status
    Utils->>Utils: isModelBlacklisted(model)
    Utils->>Env: Check BLACKLISTED_MODELS
    Env-->>Utils: Model blacklist status
    Utils-->>UI: Filtered model list (blacklisted removed)
    UI-->>User: Display available models

    User->>UI: Execute workflow with model
    UI->>Utils: getProviderFromModel(model)
    Utils->>Utils: Lookup provider in getAllModelProviders()
    Utils->>Utils: isProviderBlacklisted(providerId)
    Utils->>Env: Check BLACKLISTED_PROVIDERS
    Env-->>Utils: Provider status
    alt Provider is blacklisted
        Utils-->>UI: Error: Provider not available
        UI-->>User: Execution fails
    else Provider allowed
        Utils->>Utils: isModelBlacklisted(model)
        Utils->>Env: Check BLACKLISTED_MODELS
        Env-->>Utils: Model status
        alt Model is blacklisted
            Utils-->>UI: Error: Model not available
            UI-->>User: Execution fails
        else Model allowed
            Utils-->>UI: Return providerId
            UI->>API: Execute with provider
        end
    end

    User->>API: GET /api/providers/ollama/models
    API->>Utils: isProviderBlacklisted('ollama')
    Utils->>Env: Check BLACKLISTED_PROVIDERS
    Env-->>Utils: Provider status
    alt Provider is blacklisted
        API-->>User: Return empty models []
    else Provider allowed
        API->>API: Fetch models from provider
        API->>Utils: filterBlacklistedModels(allModels)
        Utils->>Utils: isModelBlacklisted(each model)
        Utils->>Env: Check BLACKLISTED_MODELS
        Env-->>Utils: Model status for each
        Utils-->>API: Filtered model list
        API-->>User: Return filtered models
    end

Loading

[greptile-apps]

Additional Comments (1)

1. apps/sim/providers/utils.ts, line 144-154 (link)

   logic: getAllModelProviders() doesn't filter blacklisted models/providers, but is used by getProviderFromModel() on line 158. If a blacklisted model is passed directly to execution logic, it could bypass the blacklist. Consider filtering here too, or document why this is intentional (e.g., for backward compatibility with saved workflows). Is this intentional to allow saved workflows with blacklisted models to still execute, or should getAllModelProviders() also filter blacklisted items?

_{9 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[waleedlatif1]

@greptile

[greptile-apps]

_{10 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}