displayName
Permissive developer sandbox
filesystemPolicy
read-write
networkPolicy
full
description
Loose policy used for trusted local developer execution. Captures
audit telemetry but does not gate calls.
fsAllowList
[]
fsDenyList
- **/.ssh/**
- **/.aws/credentials
netAllowList
[]
netDenyList
[]
execAllowedBinaries
[]
execDeniedBinaries
[]
envVarScope
inherit-all
secretAccessScope
all
auditLogPolicy
structured-jsonl
policyEvaluationPoint
post-call-attestation