I built this tool recently to help make CLI LLM agents safer. For example, I imagine users allowing <code>claude</code> to access <code>github.com</code> but nothing else, or prompting the user for confirmation whenever <code>claude</code> tries to access a new host, or denying all methods other than <code>GET</code> (prevent destructive actions). The js/script-based RuleEngine has unlimited flexibility. Curious for feedback on it’s broader utility Comments
You must log in or register to comment.
When a utility is so sketchy I have to sandbox it for safety, I don’t use it.
