{ "$ref": "#/definitions/GuardrailsConfig", "$schema": "http://json-schema.org/draft-07/schema#", "definitions": { "DangerousPattern": { "additionalProperties": false, "description": "Permission gate pattern. When regex is false (default), the pattern is matched as substring against the raw command string. When regex is true, uses full regex against the raw string.", "properties": { "description": { "description": "Optional description surfaced to the agent when the pattern triggers (e.g. auto-deny reason).", "type": "string" }, "pattern": { "type": "string" }, "regex": { "type": "boolean" } }, "required": [ "description", "pattern" ], "type": "object" }, "GuardrailsConfig": { "additionalProperties": false, "properties": { "$schema": { "description": "JSON Schema URL for editor autocomplete and validation. Added automatically when Guardrails writes the file.", "type": "string" }, "applyBuiltinDefaults": { "description": "When true, include Guardrails built-in policy rules before user rules are merged.", "type": "boolean" }, "enabled": { "description": "Enable or disable all Guardrails checks.", "type": "boolean" }, "envFiles": { "additionalProperties": false, "properties": { "allowedPatterns": { "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "blockMessage": { "type": "string" }, "onlyBlockIfExists": { "type": "boolean" }, "protectedDirectories": { "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "protectedPatterns": { "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "protectedTools": { "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "features": { "additionalProperties": false, "description": "Enable or disable individual Guardrails feature extensions.", "properties": { "pathAccess": { "type": "boolean" }, "permissionGate": { "type": "boolean" }, "policies": { "type": "boolean" }, "protectEnvFiles": { "type": "boolean" } }, "type": "object" }, "onboarding": { "additionalProperties": false, "description": "Tracks whether the setup wizard has been completed. Usually managed by Guardrails.", "properties": { "completed": { "description": "Whether onboarding is complete.", "type": "boolean" }, "completedAt": { "description": "ISO timestamp for when onboarding completed.", "type": "string" }, "version": { "description": "Guardrails config schema marker used when onboarding completed.", "type": "string" } }, "type": "object" }, "pathAccess": { "$ref": "#/definitions/PathAccessConfig", "description": "Outside-workspace path access settings." }, "permissionGate": { "additionalProperties": false, "description": "Dangerous bash command detection and confirmation settings.", "properties": { "allowedPatterns": { "description": "Command patterns that bypass dangerous command prompts.", "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "autoDenyPatterns": { "description": "Command patterns that are always blocked without prompting.", "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "customPatterns": { "description": "If set, replaces the default dangerous command patterns entirely.", "items": { "$ref": "#/definitions/DangerousPattern" }, "type": "array" }, "patterns": { "description": "Additional dangerous command patterns.", "items": { "$ref": "#/definitions/DangerousPattern" }, "type": "array" }, "requireConfirmation": { "description": "When true, prompt before running dangerous commands. When false, only warn.", "type": "boolean" } }, "type": "object" }, "policies": { "additionalProperties": false, "description": "File protection policies.", "properties": { "rules": { "description": "Named policy rules. Rules with the same id override earlier rules across scopes.", "items": { "$ref": "#/definitions/PolicyRule" }, "type": "array" } }, "type": "object" }, "version": { "description": "Internal config schema marker for migration/debugging. Not tied to the package version.", "type": "string" } }, "type": "object" }, "PathAccessConfig": { "additionalProperties": false, "properties": { "allowedPaths": { "items": { "type": "string" }, "type": "array" }, "mode": { "$ref": "#/definitions/PathAccessMode" } }, "type": "object" }, "PathAccessMode": { "enum": [ "allow", "ask", "block" ], "type": "string" }, "PatternConfig": { "additionalProperties": false, "description": "A pattern with explicit matching mode. Default: glob for files, substring for commands. regex: true means full regex matching.", "properties": { "description": { "description": "Optional description surfaced to the agent when the pattern triggers (e.g. auto-deny reason).", "type": "string" }, "pattern": { "type": "string" }, "regex": { "type": "boolean" } }, "required": [ "pattern" ], "type": "object" }, "PolicyRule": { "additionalProperties": false, "description": "A named policy rule. Matches files by patterns and enforces a protection level.", "properties": { "allowedPatterns": { "description": "Optional exceptions.", "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "blockMessage": { "description": "Message shown when blocked; supports {file} placeholder.", "type": "string" }, "description": { "description": "Human-readable description.", "type": "string" }, "enabled": { "description": "Per-rule toggle. Default true.", "type": "boolean" }, "id": { "description": "Stable identifier used for deduplication across scopes.", "type": "string" }, "name": { "description": "Optional display name for settings/UI.", "type": "string" }, "onlyIfExists": { "description": "Block only when file exists on disk. Default true.", "type": "boolean" }, "patterns": { "description": "File patterns to protect.", "items": { "$ref": "#/definitions/PatternConfig" }, "type": "array" }, "protection": { "$ref": "#/definitions/Protection", "description": "Protection level." } }, "required": [ "id", "patterns", "protection" ], "type": "object" }, "Protection": { "description": "Protection level for a policy rule.", "enum": [ "none", "readOnly", "noAccess" ], "type": "string" } } }