| ▲ | LuD1161 4 days ago | |||||||
With agentjail ( https://github.com/LuD1161/agentjail ), I've tried to contain coding agents in os-native sandboxes (sbpl for macos and similarly for linux, <4ms start time) + policy guardrails evaluated by Open Policy Agent (OPA), policies written in rego. Protocol aware network proxy coming soon Then you can match a DSL and block particular network requests. This ensures you no longer fear --dangerously-skip-permissions and stop babysitting agents What else would you want to see in this project? Please star the repo, if you like the idea :) | ||||||||
| ▲ | janalsncm 4 days ago | parent | next [-] | |||||||
It seems like your approach depends on figuring out what the command is doing, classifying it into three tiers (deny/ask/approve) and then letting the agent run its command depending on that classification. Is that right? | ||||||||
| ||||||||
| ▲ | yencabulator 4 days ago | parent | prev | next [-] | |||||||
> What else would you want to see in this project? Absence of spamming mentions of it everywhere. | ||||||||
| ||||||||
| ▲ | pshirshov 4 days ago | parent | prev [-] | |||||||
[flagged] | ||||||||