Terminal authority changes the risk model
An agent that can read files and run commands can affect dependencies, workflows, deployments, data, and external services. High-impact actions need explicit human approval.
Context can expose more than code
Configuration, customer exports, support logs, internal docs, and personal details can enter the agent context even when the requested task appears harmless.
Policies must be installable
CapitalGuard generates blocked paths, protected paths, approval gates, redaction rules, and untrusted-instruction controls that teams can inspect and version.
