Skip to content

docs: add OpenShell description and deny-by-default security model#42

Merged
robbycochran merged 2 commits into
mainfrom
rc-readme-openshell
Jun 6, 2026
Merged

docs: add OpenShell description and deny-by-default security model#42
robbycochran merged 2 commits into
mainfrom
rc-readme-openshell

Conversation

@robbycochran

Copy link
Copy Markdown
Collaborator

Summary

  • Adds a "What is OpenShell?" section to the README explaining what OpenShell is, its deny-by-default security posture, and why that model is the right approach for AI agent sandboxing
  • Covers L7 network policies, binary-scoped credentials, proxy-side credential injection, hot-reloadable policies, immutable deny rules, and the four policy layers (filesystem, network, process, inference)
  • Updates the Architecture section to reference deny-by-default L7 enforcement

Test plan

  • Verify README renders correctly on GitHub
  • Confirm all links resolve

🤖 Generated with Claude Code

robbycochran and others added 2 commits June 5, 2026 19:10
… README

Adds a "What is OpenShell?" section explaining the project, its deny-by-default
security posture, and why that model matters for AI agents. Covers L7 network
policies, binary-scoped credentials, proxy-side credential injection,
hot-reloadable policies, and immutable deny rules.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@robbycochran robbycochran merged commit 0c6f2cb into main Jun 6, 2026
3 checks passed
@robbycochran robbycochran deleted the rc-readme-openshell branch June 13, 2026 14:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant