This commit completes the "Strictly Local" journey by adding several key features: - Permanent `security.strictLocal` configuration key. - Hardened Docker sandbox isolation (enforces `network: "none"`). - Local compliance checks in `moltbot security audit`. - Ollama health and model checks in `moltbot doctor`. - Local CLI-based TTS support (offline speech). - Skill vetting to prevent external URL leakage in strict mode. - Documentation and unit tests for all new functionality. Co-authored-by: samibs <1743891+samibs@users.noreply.github.com>
13 lines
407 B
TypeScript
13 lines
407 B
TypeScript
export type SecurityConfig = {
|
|
/**
|
|
* If true, hardens the configuration for strictly local usage.
|
|
* - Disables update checks on start.
|
|
* - Disables diagnostics.
|
|
* - Clears model fallbacks.
|
|
* - Denies external tools (web_search, web_fetch, browser).
|
|
* - Enforces Docker network isolation for sandboxes.
|
|
* - Refuses to use cloud-based model providers.
|
|
*/
|
|
strictLocal?: boolean;
|
|
};
|