Security

Jump to bottom

dj edited this page Mar 1, 2026 · 2 revisions

Security

Prompt Injection Shield

Detects and blocks injection attempts:

Pattern matching for known techniques (ignore instructions, DAN, base64)
Keyword density analysis (strict mode)

{ "security": { "shield": { "enabled": true, "mode": "standard" } } }

Sandbox Modes

Mode	Description
`host`	Direct execution (default)
`docker`	Docker container isolation
`none`	No sandboxing

Autonomy Modes

Mode	Description
`supervised`	Approval required for dangerous tools (default)
`autonomous`	All tools auto-approved
`locked`	No tool execution

Tool Access Control

{
  "security": {
    "allowedTools": ["shell", "read_file", "web_search"],
    "deniedTools": [],
    "networkAllowlist": ["api.github.com"]
  }
}

Gateway Hardening

Rate limiting (30 req/min API, 5 req/min login)
CORS (localhost only)
Security headers (XSS, frame, content-type)
24h token TTL
Timing-safe password comparison
AES-256-GCM encryption utilities
SSRF protection on web_fetch
HMAC-SHA256 mesh authentication