> ## Documentation Index
> Fetch the complete documentation index at: https://docs.argentos.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Gateway Security

> Sandboxing, tool policies, and exec approval workflows.

## Overview

The gateway enforces security policies that control what the agent can do. This includes sandboxing command execution, restricting tool access, and requiring user approval for dangerous operations.

## Security Modes

<Tabs>
  <Tab title="Unrestricted">
    All tools are available with no approval required. Suitable for trusted environments where the agent has full system access.

    ```json theme={null}
    {
      "agents": {
        "defaults": {
          "security": {
            "mode": "unrestricted"
          }
        }
      }
    }
    ```
  </Tab>

  <Tab title="Sandboxed (Default)">
    Tools are available but dangerous operations require user approval. This is the recommended mode for most deployments.

    ```json theme={null}
    {
      "agents": {
        "defaults": {
          "security": {
            "mode": "sandboxed"
          }
        }
      }
    }
    ```
  </Tab>

  <Tab title="Locked">
    Only safe tools (memory, tasks) are available. Command execution and browser are disabled. Suitable for customer-facing agents.

    ```json theme={null}
    {
      "agents": {
        "defaults": {
          "security": {
            "mode": "locked"
          }
        }
      }
    }
    ```
  </Tab>
</Tabs>

## Tool Policies

Fine-grained control over individual tools:

```json theme={null}
{
  "agents": {
    "defaults": {
      "toolPolicies": {
        "exec": {
          "mode": "approval-required",
          "blockedPatterns": ["rm -rf", "sudo", "chmod 777"],
          "allowedPaths": ["/Users/sem/projects/"]
        },
        "browser": {
          "mode": "allowed",
          "blockedDomains": ["banking.example.com"]
        },
        "memory_store": {
          "mode": "allowed"
        }
      }
    }
  }
}
```

### Policy Modes

| Mode                | Behavior                       |
| ------------------- | ------------------------------ |
| `allowed`           | Tool executes without approval |
| `approval-required` | User must approve each use     |
| `blocked`           | Tool is not available          |

## Exec Approval Flow

When the agent requests a command that requires approval:

<Steps>
  <Step title="Command displayed">
    The command is displayed to the user (in dashboard or channel)
  </Step>

  <Step title="User reviews">
    User reviews the command
  </Step>

  <Step title="User decides">
    User approves or rejects
  </Step>

  <Step title="Execution or alternative">
    If approved, the command executes normally. If rejected, the agent is informed and can try an alternative.
  </Step>
</Steps>

## Gateway Authentication

<Warning>
  Without authentication, anyone with network access to the gateway port can send messages to your agent. Always enable auth for production deployments.
</Warning>

```json theme={null}
{
  "gateway": {
    "auth": {
      "enabled": true,
      "token": "your-secret-token"
    }
  }
}
```

## Recommendations

<CardGroup cols={2}>
  <Card title="Personal use" icon="user">
    Sandboxed mode with approval for destructive commands
  </Card>

  <Card title="Team use" icon="users">
    Sandboxed mode with restricted paths
  </Card>

  <Card title="Customer-facing" icon="headset">
    Locked mode with only safe tools
  </Card>

  <Card title="Development" icon="laptop-code">
    Unrestricted mode for rapid iteration
  </Card>
</CardGroup>
