OpenCode Worktree-Relative Deny Rules in OpenCode: Stop Child Agents From Escaping Project Boundaries Parallel agent workflows often use Git worktrees: one checkout per task, one branch per agent. That improves isolation, but it also creates a subtle permissions problem. A child agent running in one worktree may still try to read or edit sibling worktrees, parent directories, or shared files outside its assigned
OpenCode OpenCode Permission Events: Build a Mobile Approval Queue Instead of Polling Session Permissions OpenCode permissions are useful when you are driving agents from a terminal. They become awkward when the human approver is not sitting at that terminal. A better shape for remote approval is event-driven: subscribe to permission.asked, send the request to a mobile queue, then handle permission.replied as the
agent-oversight Inside-the-Loop vs. Outside-the-Loop: Evaluating Agent Architectures Your agent ran. You have no idea what decisions it made along the way. That's not a trust problem — it's an architecture problem.
ai-dev-environments Daytona vs AgentBox vs DIY: Sandbox Runtime for AI Agents Three sandbox runtimes, one painful decision: Daytona (90ms, production-grade, $24M funded), AgentBox (Docker-simple, just launched), or DIY (full control, full maintenance burden). Here's how to actually choose.
agent-oversight The Permission Layer Is 98% of Agent Engineering Only 1–2% of agent code is actual AI logic. The other 98% — permission systems, hook composition, sandboxing, context management, subagent delegation — is what determines whether your agent is safe to run in production.
agent-oversight How to Audit What Your AI Agent Actually Did After the Session Your AI agent finished the session. But did it stay on task? Here's the post-run audit to catch silent scope creep — before it compounds into something you can't easily reverse.