Guardrails before autonomy.
Forgewarden is built around scoped credentials, small automations, visible logs and human approval for dangerous actions.
Credential posture
- Scoped API tokens instead of global account keys
- Wrangler/Cloudflare secrets instead of committed env files
- GitHub secret scanning and gitleaks workflows
- Redaction before logs, reports and model context
Operational posture
- Read-only first when exploring unknown systems
- Approval gates for production changes
- Rollback notes before deploys
- Separate local, staging and production assumptions
| Risk | Default action | Reason |
|---|---|---|
| DNS / nameservers | Ask first | Can break domains, email and production services. |
| Billing resources | Ask first | Can create unexpected cost. |
| Secrets | Never print, never commit | Leaked credentials remain dangerous in history. |
| Local tunnels | Ask first | Can expose private machines or services. |
| Routine reports | Auto | Safe, useful and reversible. |