Document and expand test coverage of config file feature

2026-04-04 07:46:28 +02:00
parent db60fb9ddb
commit 8958f79ece
3 changed files with 30 additions and 5 deletions
--- a/README.md
+++ b/README.md
@@ -16,6 +16,25 @@ The threat model is prompt injection and accidental damage, not a determined att

 **Not protected in blacklist mode:** arbitrary readable files outside the sensitive paths list, and D-Bus method calls (access control is daemon-side).

+## Configuration file
+
+Settings can be stored in a TOML config file at `$XDG_CONFIG_HOME/agent-sandbox/config.toml` (or pass `--config <path>`). Use `--no-config` to skip loading it. The config file accepts the same options as the corresponding CLI flags.
+
+Top-level keys set defaults; `[profile.<name>]` sections define named presets selectable with `--profile <name>`. CLI flags always take highest precedence, followed by the active profile, then top-level defaults.
+
+```toml
+# Global defaults
+whitelist = true
+no-net = true
+ro = ["~/.aws"]
+
+# Named profile
+[profile.docker]
+blacklist = true
+rw = ["/var/run/docker.sock"]
+command = ["claude", "--dangerously-skip-permissions"]
+```
+
 ## Escape hatches

 When the agent needs access to something the sandbox blocks, use `--rw` or `--ro`: