31 lines
1.7 KiB
Plaintext
31 lines
1.7 KiB
Plaintext
# Greywall
|
|
|
|
> Container-free, default-deny sandboxing with real-time observability for AI agents on Linux and macOS.
|
|
|
|
Greywall is an open-source CLI tool that wraps any AI agent (Claude Code, Codex, Cursor, Aider, and others) in a kernel-enforced sandbox. It uses five security layers on Linux (Bubblewrap namespaces, Landlock filesystem, Seccomp BPF syscall filtering, eBPF monitoring, and TUN+SOCKS5 network proxy) and four on macOS (Seatbelt sandbox, filesystem policy, log stream monitor, and proxy-based network control). Default-deny policy means nothing is accessible unless explicitly granted. Built by Greyhaven, licensed Apache 2.0.
|
|
|
|
## Key Features
|
|
- Filesystem isolation (kernel-enforced read/write/deny per path)
|
|
- Network isolation (all traffic routed through GreyProxy)
|
|
- Command blocking (detects blocked commands in pipes, chains, nested shells)
|
|
- Real-time violation monitoring (every denial captured with full context)
|
|
- Learning mode (auto-generates least-privilege templates from observed access)
|
|
- Syscall filtering (blocks 27+ dangerous system calls via Seccomp BPF)
|
|
- Dynamic allow/deny controls (adjust policies live without restarting)
|
|
|
|
## Links
|
|
- [Homepage](https://greywall.io)
|
|
- [Documentation](https://docs.greywall.io/)
|
|
- [GitHub](https://github.com/GreyhavenHQ/greywall)
|
|
- [Greyhaven (parent company)](https://greyhaven.co)
|
|
|
|
## Install
|
|
- Homebrew: `brew tap greyhavenhq/tap && brew install greywall`
|
|
- Curl: `curl -fsSL https://raw.githubusercontent.com/GreyhavenHQ/greywall/main/install.sh | sh`
|
|
- Go: `go install github.com/GreyhavenHQ/greywall/cmd/greywall@latest`
|
|
|
|
## Compatibility
|
|
Works with: Claude Code, Codex, Cursor, Aider, Goose, Amp, Gemini CLI, Cline, OpenCode, Copilot.
|
|
Platforms: Linux (3.8+), macOS.
|
|
License: Apache 2.0.
|