Container with network allowlist
isolation-constraint · v1.0.0
Container-isolated execution with an allowlist for network egress (e.g., package registries, AI endpoints only). Scoped tmpfs filesystem.
Isolation
- Process
container- Network
allowlist- Filesystem
scoped- Scoped paths
/workspace/tmp
Raw atom
/atoms/isolation-constraint/container-with-allowlist.json · schema