Extract claude and codex configs into separate profiles

config-example.toml

@@ -1,5 +1,6 @@
-# Globals; [profile.<name>] overrides them when --profile <name> is passed.
-# CLI flags override both.
+# Layered settings: CLI > active profile > globals. `--profile` selects the
+# profile, otherwise `default-profile` below is used. Vec fields append across
+# layers; scalars replace.
 
 whitelist = true
 # blacklist = true
@@ -11,8 +12,6 @@ whitelist = true
 # chdir = "~/projects/my-repo"
 
 ro = [
-    "~/.local/share/claude-code",
-    "~/.local/share/codex-cli",
     "~/dev/agent-config",
     "/etc/alsa",
     "/run/user/1000/pulse",
@@ -20,7 +19,6 @@ ro = [
     # "/host/path:/sandbox/path",  # SRC:DST -> mount host SRC at a different target
 ]
 rw = [
-    "~/.config/claude",
     "~/.cargo",
     "~/.rustup",
 ]
@@ -33,12 +31,17 @@ env = [
 ]
 # unsetenv = ["SOME_LEAKED_VAR"]
 
-entrypoint = ["claude", "--dangerously-skip-permissions"]
-# command = ["--model", "opus"]   # default trailing args
-# bwrap-args = ["--tmpfs /opt/scratch"]  # raw bwrap escape hatch
+# entrypoint = ["claude", "--dangerously-skip-permissions"]  # binary + baked-in args
+# command = ["--model", "opus"]                              # default trailing args
+# bwrap-args = ["--tmpfs /opt/scratch"]                      # raw bwrap escape hatch
 
-# Profiles inherit all globals above and override keys they set. Select one at
-# runtime with `--profile <name>`. Vec fields (ro/rw/mask/env/unsetenv) append
-# to the globals; scalar fields replace. Profile-less runs use just the globals.
-[profile.blacklist]
-blacklist = true
+default-profile = "claude"
+
+[profile.claude]
+ro = ["~/.local/share/claude-code"]
+rw = ["~/.config/claude"]
+entrypoint = ["claude", "--dangerously-skip-permissions"]
+
+[profile.codex]
+ro = ["~/.local/share/codex-cli"]
+entrypoint = ["codex", "--dangerously-bypass-approvals-and-sandbox"]