THE VAULT
FORGE uses a multi-layered security architecture to ensure your system remains secure while the agent works.
Level 1
Static Analysis
Every command is scanned for dangerous patterns before execution.
Level 2
Runtime Protection
Real-time monitoring of shell pipes and unexpected child processes.
Level 3
User Guardrails
Configurable safety policies via .forge/safety.toml.
Level 4
Air-Gap Ready
Run local models for zero-data-leak environments.
Security Classifier
Active
POLICY: strict-v1 ENGINE: forge-guard-0.4
Safety Policy Editor
Configure .forge/safety.toml visually
Filesystem Read
Allow reading files in project directory
Filesystem Write
Ask before overwriting existing files
Shell Execution
Ask before running shell commands
Network Access
Block all outbound network requests
Changes will be written to .forge/safety.toml