Skip to content
Orbit Orbit Orbit

Policy Format

Envelope

Section titled “Envelope”
schemaVersion: 2
kind: Policy
metadata:
  name: default
spec:
  denyRead: []
  denyModify: []
  fsProfiles: {}

Global Denies

Section titled “Global Denies”

denyRead blocks reads. denyModify blocks writes. These rules accumulate globally and apply after the selected filesystem profile is resolved.

denyRead:
  - "**/*.env"
denyModify:
  - .orbit/**
  - "**/*.env"

Filesystem Profiles

Section titled “Filesystem Profiles”

Profiles describe allowed read and modify globs.

fsProfiles:
  reviewer:
    read: [./**]
    modify: []
  implementer:
    read: [./**]
    modify:
      - crates/**
      - docs/**

An activity selects a profile with fsProfile.

spec:
  type: agent_loop
  fsProfile: implementer

Platform support. OS-level enforcement of the resolved profile for spawned agent CLIs is macOS only, via sandbox-exec. On Linux and Windows the same policy YAML is parsed and applied to in-process FS-tool calls, but no kernel-level sandbox wraps the agent subprocess.