Approval gating for destructive operations

harness-hardening:approval-gating

HarnessHardeningGuidancesecurity/harness-hardening/harness-hardening-guidance.yaml·Open in Graph →

{
  "id": "harness-hardening:approval-gating",
  "_kind": "HarnessHardeningGuidance",
  "_file": "security/harness-hardening/harness-hardening-guidance.yaml",
  "_cluster": "security",
  "attributes": {
    "displayName": "Approval gating for destructive operations",
    "guidance": "Configure on-failure approval policy so destructive shell operations require operator confirmation when sandbox blocks them.",
    "appliesTo": "agent-session",
    "severity": "recommended"
  },
  "outgoingEdges": [],
  "incomingEdges": []
}