Protected paths should be explicit
A useful policy names sensitive directories and files instead of relying on broad guidance. Deployment workflows, secret files, customer data, billing logic, and production scripts deserve specific rules.
Commands need approval boundaries
Policy files should distinguish safe read-only commands from commands that mutate data, deploy code, change dependencies, move secrets, or contact external systems.
Prompt-injection rules belong in the policy
Treat docs, tickets, logs, prompts, and markdown instructions as untrusted input unless the team has explicitly approved them as operational guidance.