diff --git a/tests/integration.rs b/tests/integration.rs
index edcb9da..5719b14 100644
--- a/tests/integration.rs
+++ b/tests/integration.rs
@@ -407,6 +407,20 @@ fn blacklist_runuser_is_tmpfs() {
     );
 }
 
+#[test]
+fn blacklist_dev_input_hidden() {
+    let output = sandbox(&[])
+        .args(["--", "bash", "-c", "ls /dev/input/ 2>/dev/null | wc -l"])
+        .output()
+        .expect("agent-sandbox binary failed to execute");
+
+    let stdout = String::from_utf8_lossy(&output.stdout).trim().to_string();
+    assert_eq!(
+        stdout, "0",
+        "expected /dev/input/ to be empty in blacklist mode, got {stdout} entries"
+    );
+}
+
 #[test]
 fn rw_missing_path_errors() {
     let output = sandbox(&["--rw", "/nonexistent/xyz"])