AI coding agents need a local safety boundary before they touch files or run commands
I’ve been testing a local safety layer for AI coding agents.
The problem I kept running into: agents can write files and run terminal commands, but most workflows still rely on prompts, trust, or manual review. That works until the agent edits the wrong file, touches .env, writes outside the workspace, or runs a command that should have required approval.
The approach I’m testing is simple:
- agent proposes an action
- local boundary checks it
- safe actions continue
- risky actions are denied or require approval
- every decision is logged
This is not meant to replace coding agents. It sits between the agent and file/shell execution.
Example rules:
- allow normal source edits
- block .env writes
- block private keys
- block workspace escape
- audit terminal commands
I’m still validating the design, but the goal is to make agentic coding safer without needing a cloud service.
Curious if others here are solving this with policy files, sandboxing, approval flows, or custom wrappers.