--allow-tool='shell(docker ps)' doesn't work

[lzref]

Describe the bug

https://docs.github.com/en/copilot/reference/copilot-cli-reference/cli-command-reference#tool-permission-patterns - documentation mentions shell(git push) as an example pattern for --allow-tool. This seems to imply that there's a flexible mechanism for allowing subcommands (we don't have to allow all git commands, we can pick specific subcommands like git push to allow).

This does work for git (I tested it with git status) but doesn't work for other commands. For example:
copilot --model gpt-5-mini --allow-tool='shell(docker ps)' -p 'Run this command in Bash: `docker ps`'

This doesn't work. Same with shell(docker ps:*)

Affected version

GitHub Copilot CLI 1.0.21.

Steps to reproduce the behavior

copilot --model gpt-5-mini --allow-tool='shell(docker ps)' -p 'Run this command in Bash: `docker ps`'

Expected behavior

Expected the docker ps command to be allowed to run, without asking for permissions. But instead seeing "Permission denied and could not request permission from user"

Additional context

No response