> Safehouse automatically grants read/write access to the selected workdir (git root by default) and read access to your installed toolchains. Most of your home directory — SSH keys, other repos, personal files — is denied by the kernel. https://agent-safehouse.dev/ It is supposed to let agents "dangerously-skip-permissions", but in a sandbox you control.