Skip to main content
File tools reject writes to sensitive paths — .env, SSH keys, the SDK, and system files.
The user asks the agent to change files; protected-path rules block dangerous writes before the tool runs.

How It Works

Quick Start

1

Simple Usage

Protected-path checks apply automatically when using praisonai code tools:
2

With Configuration

Inspect protection before a write:

How It Works

is_protected() and get_protection_reason() in praisonai.security.protected guard write_file, append_to_file, search_replace, and apply_diff. Protected targets include environment files, .git/, SSH keys, ~/.aws/, /etc/passwd, praisonaiagents/, and audit.jsonl. The protected-path check runs before workspace confinement — both apply to every write. See Code Editing → Workspace Security. Blocked calls return:

Configuration Options


Best Practices

Protected-path checks are a safety default — extend extra_protected only after review.
Protection is enforced in praisonai.code.tools, not the core FileTools class.
Call is_protected() in custom write tools that bypass the built-in guards.
Even with protection, avoid passing .env contents into agent context.

Security Overview

Full security feature matrix

Shell Tools

Dangerous command protection