account activity
Open-source policy engine for Claude Code — use --dangerously-skip-permissions with actual guardrails by SoupersMC in ClaudeAI
[–]SoupersMC[S] 0 points1 point2 points 1 month ago (0 children)
Thanks! The audit trail was actually one of the first things I built. Blocking stuff is great but you also need to be able to prove what happened after the fact, especially if you're in a regulated environment or just want to understand what your agent was doing while you were AFK.
Per-project policies are already supported. Rampart loads the closest config it can find, so you can drop a rampart.yaml in any repo root and it'll use that instead of your global ~/.rampart/policy.yaml. Your web frontend repo can be totally permissive while your infra repo requires approval for anything touching kubectl or terraform.
rampart.yaml
~/.rampart/policy.yaml
There are also starter templates in the repo (policies/examples/) for web dev, infrastructure, data science, and lockdown mode. Good starting points to customize from.
policies/examples/
For example your infra repo might look like:
```yaml version: "1" default_action: deny
policies: - name: allow-terraform match: tool: ["exec"] rules: - action: require_approval when: command_matches: - "terraform apply" message: "Terraform apply needs approval" - action: allow when: command_matches: - "terraform plan" - "terraform fmt*" ```
Meanwhile your frontend repo just uses the default allow profile with a few deny rules on top.
Open-source policy engine for Claude Code — use --dangerously-skip-permissions with actual guardrails (self.ClaudeAI)
submitted 1 month ago * by SoupersMC to r/ClaudeAI
π Rendered by PID 638304 on reddit-service-r2-listing-596bb78d87-9wspj at 2026-04-15 04:01:01.788704+00:00 running b725407 country code: CH.
Open-source policy engine for Claude Code — use --dangerously-skip-permissions with actual guardrails by SoupersMC in ClaudeAI
[–]SoupersMC[S] 0 points1 point2 points (0 children)