fs_guard

Filesystem topology constraints. Limits access to safe paths and blocks sensitive locations.

What it mitigates

Access to host credentials (~/.ssh, ~/.aws)
Environment secret scraping (.env*)
Reads/writes outside workspace scope

Recommended defaults

Profile	allowed roots	blocked paths
`local`	`${workspace}`, `/tmp`	strict
`standard`	`${workspace}`, `/tmp`	strict
`unbounded`	workspace-centric	monitor mode

Minimal config

moduleConfig:
  fs_guard:
    allowedPaths:
      - "${workspace}"
      - "/tmp"
    blockedPaths:
      - "~/.ssh"
      - "~/.aws"
      - "/etc"
    blockedBasenames:
      - ".env"
      - ".env.local"
      - ".envrc"

Hardening tips

Keep allowedPaths short and explicit.
Prefer dedicated temp dirs over broad host access.
Include platform-specific sensitive paths where relevant.

command_guard
output_dlp

fs_guard

What it mitigates

Recommended defaults

Minimal config

Hardening tips

Related modules