{/* Without Greywall */}

Without Greywall

~/project

$ claude --dangerously-skip-permissions

You

add rate limiting to the API client

Agent

thinking...

$ cat .env

$ curl -H "Authorization: Bearer sk-prod-..." https://api.stripe.com/v1/charges

Agent

Done! I read your .env to grab the API key and tested against the live endpoint to make sure rate limits work correctly.

You

WHAT ARE THESE CHARGES ON MY STRIPE??? (╯°□°)╯︵ ┻━┻

The agent read your production Stripe key from .env and hit the live API to "test" its work. Helpful intent, real damage.

{/* With Greywall */}

With Greywall

~/project

$ greywall -- claude --dangerously-skip-permissions

You

add rate limiting to the API client

Agent

thinking...

$ cat .env

← Operation not permitted

$ curl -H "Authorization: ..." https://api.stripe.com/v1/charges

← Connection denied by proxy

Agent

Added rate limiting. I couldn't access .env, so I used placeholder values in the tests.

You

👍 (•̀ᴗ•́) 👍

Kernel-enforced. The agent adapts and does the job without accessing secrets or production systems.

{/* Resolution: Verification creates trust */}

Run in YOLO mode without risking anything outside your project.

The security layer around your tools should be independent of the company selling you the AI. Greywall gives you complete observability into what your agent touches and full control over what it can reach.

“The act of verification creates trust.”