此内容尚未提供您的语言版本,正在以英文显示。

Project Boundary

插件已验证活跃

Blocks destructive commands outside the project directory. Allows file operations within the project (refactoring, cleanup) but prevents accidental damage outside it.

目的

To provide a robust safety net for AI agents by preventing accidental damage to the user's filesystem outside the project scope, even when permissions are bypassed.

功能

Blocks destructive commands outside project directory
Allows file operations within the project
Validates paths against $CLAUDE_PROJECT_DIR
Handles symlinks, path traversal, and `~` expansion
Supports configurable path allowlist

使用场景

Protecting sensitive system files when using AI agents in `--dangerously-skip-permissions` mode
Ensuring refactoring or cleanup operations stay within the intended project scope
Preventing accidental deletion or modification of files outside the current working directory
Safely using AI agents for code modification without fear of external data loss

非目标

Allowing destructive operations outside the project directory
Permitting execution of uninspectable code like `bash -c` or command substitution
Blocking all file operations (allows operations within the project)
Replacing the need for user discretion when executing commands