monadical/greywall
Archived
13
0
Fork 0
Code Issues Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

chore: update code template for OpenCode and Gemini CLI (#20)

Browse Source
This commit is contained in:
JY Tan
2026-01-22 15:41:30 -08:00
committed by GitHub
parent 5b57527a83
commit 9bb11a2f40
2 changed files with 24 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/agents.md
View File

@@ -45,18 +45,21 @@ We provide these template for guardrailing CLI coding agents:
You can use it like `fence -t code -- claude`. You can use it like `fence -t code -- claude`.
However, not all coding agent CLIs work with Fence at the moment.
| Agent | Works with template | Notes | | Agent | Works with template | Notes |
|-------|--------| ----- | |-------|--------| ----- |
| Claude Code | `code` | - | | Claude Code | `code` | - |
| Codex | `code` | | | Codex | `code` | - |
| Cursor Agent | `code-relaxed` | Node.js/undici doesn't respect HTTP_PROXY | | Cursor Agent | `code-relaxed` | Node.js/undici doesn't respect HTTP_PROXY |
| OpenCode | - | TUI hangs. Bun runtime doesn't respect HTTP_PROXY; architectural limitation | | Gemini CLI | `code` | - |
| OpenCode | `code` | - |
These configs can drift as agents evolve. If you encounter false positives on blocked requests or want a CLI agent listed, please open an issue or PR.
Note: On Linux, if OpenCode or Gemini CLI is installed via Linuxbrew, Landlock can block the Linuxbrew node binary unless you widen filesystem access. Installing OpenCode/Gemini under your home directory (e.g., via nvm or npm prefix) avoids this without relaxing the template.
## Protecting your environment ## Protecting your environment
Fence includes additional "dangerous file protection (writes blocked regardless of config) to reduce persistence and environment-tampering vectors like: Fence includes additional "dangerous file protection" (writes blocked regardless of config) to reduce persistence and environment-tampering vectors like:
- `.git/hooks/*` - `.git/hooks/*`
- shell startup files (`.zshrc`, `.bashrc`, etc.) - shell startup files (`.zshrc`, `.bashrc`, etc.)

23
internal/templates/code.json
View File

@@ -14,6 +14,10 @@
"api.together.xyz", "api.together.xyz",
"openrouter.ai", "openrouter.ai",
// OpenCode
"opencode.ai",
"api.opencode.ai",
// Cursor API // Cursor API
"*.cursor.sh", "*.cursor.sh",
@@ -23,6 +27,7 @@
"raw.githubusercontent.com", "raw.githubusercontent.com",
"codeload.github.com", "codeload.github.com",
"objects.githubusercontent.com", "objects.githubusercontent.com",
"release-assets.githubusercontent.com",
"gitlab.com", "gitlab.com",
// Package registries // Package registries
@@ -62,16 +67,23 @@
// Local cache, needed by tools like `uv` // Local cache, needed by tools like `uv`
"~/.cache/**", "~/.cache/**",
// Claude Code state/config // Claude Code
"~/.claude*", "~/.claude*",
"~/.claude/**", "~/.claude/**",
// Codex state/config // Codex
"~/.codex/**", "~/.codex/**",
// Cursor state/config // Cursor
"~/.cursor/**", "~/.cursor/**",
// OpenCode
"~/.opencode/**",
"~/.local/state/**",
// Gemini CLI
"~/.gemini/**",
// Package manager caches // Package manager caches
"~/.npm/_cacache", "~/.npm/_cacache",
"~/.cache", "~/.cache",
@@ -87,10 +99,7 @@
// XDG directories for app configs/data // XDG directories for app configs/data
"~/.local/share/**", "~/.local/share/**",
"~/.config/**", "~/.config/**"
// OpenCode state
"~/.opencode/**"
], ],
"denyWrite": [ "denyWrite": [