Expand description
Path allowlist guard – deny by default when enabled.
Adapted from ClawdStrike’s guards/path_allowlist.rs. If a path is NOT in
the allowlist, the guard denies the request. Separate allowlists for file
access, file write, and patch operations. When patch_allow is empty, it
falls back to file_write_allow.
Structs§
- Path
Allowlist Config - Configuration for
PathAllowlistGuard. - Path
Allowlist Guard - Guard that restricts filesystem access to explicitly allowed paths.