core/protected-path — block edits to certain paths

Forbid hand-edits to files that shouldn’t be touched by hand at all — generated output, vendored code, anything machine-owned. The simplest rule: it only looks at the path.

What it catches

Any attempt to edit or commit a file under a protected glob. It reads no content — the path alone decides — so it’s instant and unambiguous.

Config

rules:
  - id: no-edit-generated
    use: core/protected-path
    deny: ["**/*.generated.ts", "vendor/**"]
    message: "Generated / vendored — change the source it derives from, then regenerate."
Field What it does
deny Glob(s) for the protected paths. Editing or committing a matching file is blocked. (Uses deny: instead of on: — the path is the whole rule.)
message The reason, shown on a block.
src/app/page.ts            ✓ passes
src/api.generated.ts       ✗ blocked
vendor/lib/thing.js        ✗ blocked

This is the rule used in the two-triggers demo: one line, default when, blocks the agent pre-emptively and blocks a plain git commit. It’s also the kind of rule behind the first-run demo (signposts-is-bad.yaml).