Jason Woltje 8c8d065cc2 feat(arch): Add Guard Rails capability-based permission system design ...

Guard Rails complement Quality Rails by controlling what agents can do:
- Capability-based permissions (resource:action pattern)
- Read/organize/draft allowed by default
- Execute/admin require explicit grants
- Human-in-the-loop approval for sensitive actions

Examples: email (read/draft ✅, send ❌), git (commit ✅, force push ❌)

Also:
- Add .admin-credentials and .env.bak.* to .gitignore

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-01 00:25:53 -06:00

684 B

Raw Blame History

View Raw