Sandboxing
How Hanzo Dev sandboxes command execution for safety.
Sandbox & Approvals
Hanzo Dev enforces sandboxing to prevent unintended side effects when the agent executes commands.
Sandbox Modes
| Mode | Description |
|---|---|
off | No sandboxing (commands run directly) |
workspace-read | Read-only access to workspace |
workspace-write | Read/write access to workspace (default for full-auto) |
network-off | Disable network access |
danger-full-access | Full access (use with caution) |
Approval Policies
| Policy | Description |
|---|---|
always | Always ask for approval |
on-failure | Ask only on command failure |
on-request | Ask when model requests approval |
never | Never ask for approval |
Usage
# Read-only mode (safest)
dev --sandbox workspace-read "analyze this codebase"
# Write mode with approval on failure
dev --sandbox workspace-write --ask-for-approval on-failure "refactor"
# Full auto (sandboxed writes, auto-approve)
dev --full-auto "fix all linting errors"
# Bypass all safety (DANGEROUS)
dev --dangerously-bypass-approvals-and-sandbox "your prompt"Mid-Session Changes
Change approval level during a conversation with /approvals in the TUI.