I've been hesitant to let autonomous agents run wild in my local repo because of the risk of accidental rm -rf or messing up config files. Being able to set path-based rules (e.g., allow write to /tests but read-only for /src) and block specific bash commands makes this much more viable for production codebases than just a wrapper around an API.