Diff before write
write_file and edit_file always print a diff before asking for
approval.
Safety Model
OpenMind is built around explicit local approval. The agent can request tools, but the CLI enforces policy.
Confirm commands
run_command, git status, git diff, and git commit prompt before running.
Protected paths
.env, private keys, certificates, and credentials are blocked by path
checks.
Dangerous commands
sudo, filesystem formatting, reboot, shutdown, and registry deletion are
blocked.
Important Boundary
OpenMind is not an OS sandbox. Approved commands run with your shell user's permissions.