feat: frictionless sandboxing

app/layout.tsx

@@ -20,7 +20,7 @@ export const metadata: Metadata = {
   metadataBase: new URL('https://greywall.io'),
   title: 'Greywall: Sandbox for AI Agents',
   description:
-    'Container-free, default-deny sandboxing with real-time observability for AI agents on Linux and macOS. Five kernel-enforced security layers in one command. Open source.',
+    'Frictionless, default-deny sandboxing with real-time observability for AI agents on Linux and macOS. One command, nothing to configure. Open source.',
   icons: {
     icon: [
       { url: '/icon.svg', type: 'image/svg+xml' },
@@ -31,7 +31,7 @@ export const metadata: Metadata = {
   },
   openGraph: {
     title: 'Greywall: Sandbox for AI Agents',
-    description: 'Container-free, default-deny sandboxing with real-time observability for AI agents. Five kernel-enforced security layers in one command.',
+    description: 'Frictionless, default-deny sandboxing with real-time observability for AI agents. One command, nothing to configure.',
     url: 'https://greywall.io',
     siteName: 'Greywall',
     type: 'website',
@@ -40,7 +40,7 @@ export const metadata: Metadata = {
   twitter: {
     card: 'summary_large_image',
     title: 'Greywall: Sandbox for AI Agents',
-    description: 'Container-free, default-deny sandboxing with real-time observability for AI agents. Five kernel-enforced security layers in one command.',
+    description: 'Frictionless, default-deny sandboxing with real-time observability for AI agents. One command, nothing to configure.',
     images: ['/og-image.png'],
   },
   alternates: {
@@ -71,7 +71,7 @@ const jsonLd = {
       '@id': 'https://greywall.io/#software',
       name: 'Greywall',
       description:
-        'Container-free, default-deny sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.',
+        'Frictionless, default-deny sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.',
       applicationCategory: 'SecurityApplication',
       operatingSystem: 'Linux, macOS',
       url: 'https://greywall.io',

components/comparison.tsx

@@ -148,8 +148,7 @@ export function Comparison() {
             Not all sandboxes are equal.
           </h2>
           <p className="text-muted-foreground font-serif text-lg leading-relaxed">
-            Greywall combines filesystem isolation, network control, syscall filtering,
-            and real-time monitoring in a single tool. Here&apos;s how it stacks up.
+            Security that adds friction doesn&apos;t get used. Here&apos;s how Greywall compares to the alternatives.
           </p>
         </div>
 

components/control.tsx

@@ -239,8 +239,8 @@ export function Control() {
             </div>
             <p className="text-xs text-muted-foreground font-serif leading-relaxed">
               {platform === 'linux'
-                ? 'Uses strace to trace filesystem access. No special permissions needed. Auto-generates a template from observed paths.'
-                : 'Uses macOS Endpoint Security (eslogger) to trace access. Auto-generates a least-privilege template from observed paths.'}
+                ? 'No need to figure out which paths to allow. Traces what your agent accesses via strace and generates a least-privilege policy automatically. No special permissions needed.'
+                : 'No need to figure out which paths to allow. Traces what your agent accesses via macOS eslogger and generates a least-privilege policy automatically.'}
             </p>
           </div>
         </div>

components/faq.tsx

@@ -17,7 +17,7 @@ const faqs = [
   {
     question: 'How is Greywall different from running agents in Docker?',
     answer:
-      'Containers were designed to ship software, not to babysit it. When you run an AI agent inside Docker, you get isolation, but you lose access to your local tools, editor integrations, and filesystem. Every dependency change means rebuilding an image. Greywall takes a different approach: the agent runs natively on your machine with full access to your toolchain, but the kernel enforces boundaries around what it can reach. Think of it as the difference between locking someone in a room versus letting them walk around the house with certain doors locked. You also get real-time visibility into what the agent is doing, which Docker does not offer.',
+      'Containers were designed to ship software, not to babysit it. When you run an AI agent inside Docker, you get isolation, but you lose access to your local tools, editor integrations, and filesystem. Every dependency change means rebuilding an image. That friction is why most people just don\'t bother. Greywall takes a different approach: the agent runs natively on your machine with full access to your toolchain, but the kernel enforces boundaries around what it can reach. Think of it as the difference between locking someone in a room versus letting them walk around the house with certain doors locked. You also get real-time visibility into what the agent is doing, which Docker does not offer.',
   },
   {
     question: 'Does Greywall work on macOS?',

components/hero.tsx

@@ -18,7 +18,7 @@ export function Hero() {
           <em className="italic text-primary">Greywall</em> your agent &amp; let it cook.
         </h1>
         <p className="text-lg text-muted-foreground leading-relaxed max-w-2xl mx-auto font-serif mb-6">
-          Container-free sandboxing with real-time observability & dynamic controls, for Linux & MacOS.
+          Frictionless sandboxing with real-time observability & dynamic controls, for Linux & macOS.
         </p>
         <div className="inline-flex items-center gap-2 flex-wrap justify-center">
           <a href="https://github.com/GreyhavenHQ/greywall" target="_blank" rel="noopener noreferrer">

components/problem.tsx

@@ -119,14 +119,17 @@ export function Problem() {
 
         {/* Resolution: Verification creates trust */}
         <div className="text-center max-w-3xl mx-auto">
-          <blockquote className="font-serif text-xl sm:text-2xl md:text-3xl font-semibold tracking-tight leading-snug mb-6">
+          <p className="font-serif text-xl sm:text-2xl md:text-3xl font-semibold tracking-tight leading-snug mb-6">
+            Run in <span className="text-primary">YOLO mode</span> without risking anything outside your project.
+          </p>
+          <p className="text-muted-foreground font-serif text-base sm:text-lg leading-relaxed max-w-2xl mx-auto mb-4">
+            The security layer around your tools should be independent of the company selling you the AI.
+            Greywall gives you complete <span className="text-foreground font-medium">observability</span> into
+            what your agent touches and full <span className="text-foreground font-medium">control</span> over what it can reach.
+          </p>
+          <blockquote className="font-serif text-lg sm:text-xl text-muted-foreground italic mb-10">
             <span className="text-primary">&ldquo;</span>The act of verification creates trust.<span className="text-primary">&rdquo;</span>
           </blockquote>
-          <p className="text-muted-foreground font-serif text-base sm:text-lg leading-relaxed max-w-2xl mx-auto mb-10">
-            Greywall gives you complete <span className="text-foreground font-medium">observability</span> into
-            every interaction between a model and your system, as well as an
-            ergonomic mechanism for <span className="text-foreground font-medium">control</span>.
-          </p>
           <div className="mx-auto max-w-3xl rounded-lg border border-border/40 overflow-hidden">
             <div className="relative w-full" style={{ paddingBottom: '56.25%' }}>
               <iframe

public/llms.txt

@@ -1,6 +1,6 @@
 # Greywall
 
-> Container-free, default-deny sandboxing with real-time observability for AI agents on Linux and macOS.
+> Frictionless, default-deny sandboxing with real-time observability for AI agents on Linux and macOS.
 
 Greywall is an open-source CLI tool that wraps any AI agent (Claude Code, Codex, Cursor, Aider, and others) in a kernel-enforced sandbox. It uses five security layers on Linux (Bubblewrap namespaces, Landlock filesystem, Seccomp BPF syscall filtering, eBPF monitoring, and TUN+SOCKS5 network proxy) and four on macOS (Seatbelt sandbox, filesystem policy, log stream monitor, and proxy-based network control). Default-deny policy means nothing is accessible unless explicitly granted. Built by Greyhaven, licensed Apache 2.0.