Skip to content

Strict Mode

Fresh

Strict Mode provides enhanced security controls for agent operation. When enabled, it enforces restrictive defaults that cannot be overridden at the conversation level.

Browser Controls

URL Allowlist / Denylist

  • Controls which URLs the browser subagent can access
  • Restricts external markdown images loaded by the agent
  • Controls the Read URL tool's access

Enforced Settings

When Strict Mode is active, the following settings are forced regardless of user preferences:

SettingEnforced Value
Terminal Auto ExecutionRequest Review (allowlist is ignored)
Browser JS ExecutionRequest Review
Artifact ReviewRequest Review

File System Restrictions

  • The agent respects .gitignore -- ignored files are invisible to the agent
  • Workspace isolation -- the agent cannot access files outside the current workspace directory

WARNING

Strict Mode is designed for environments where security is paramount. It significantly limits the agent's autonomy. Use it when working with sensitive codebases or in shared environments.

SOP Documentation Site