Guardrails, audit trails, and defense in depth
Pattern matching blocks rm -rf, fork bombs, disk overwrites before execution
Write to temp file, fsync, rename. No partial writes. No corruption.
Timestamped backups for every modified file. Last 3 versions kept.
API key stored with 0600 permissions in XDG config directory
Every operation logged with timestamp, prompt, file, and checksum
60s default timeout on all tool executions. Configurable per-command.