# Private Workspace Policy APAI Package Install Card
Checksum: 33b48da068526da0fba92b64cbd5572a6c5a7890121362d78b3a511fb54b7610

Package: Private Workspace Policy
Slug: private-workspace-policy
Version: 0.1.0
Publisher: apai-official (verified)
Risk level: low
Type: policy-pack

Summary:
Policy pack: no secrets in prompts, no external sends, no destructive ops, no production deploys, no purchases without approval.

Long description:
Hardens a workspace for sensitive work. Blocks any prompt-side request to surface secrets, blocks external sends, blocks destructive filesystem ops, blocks production deploys, and blocks purchases or paid API calls without explicit operator approval. Enforces at runtime when used with APAI-compatible CLI agents.

Supported platforms:
  - Codex
  - Claude Code
  - Cursor
  - Gemini CLI
  - Local CLI

Install paths:

  Local-tool install (Claude Code, Codex, Cursor, Gemini CLI, Aider, Local CLI):
    apai install private-workspace-policy
    apai passport private-workspace-policy
    apai audit private-workspace-policy
    apai rollback private-workspace-policy
    Lands on the user's machine. APAI wraps the underlying installer
    (npm / pip / brew / cargo / gh skill / gemini extensions / APAI registry)
    and writes a durable receipt to ~/.apai/receipts/<install_id>.json.

  Cloud-sandbox install (ChatGPT code interpreter, Claude.ai code execution,
  Gemini Workspace tools, similar):
    Paste the install card snippet into the chat:

    Install https://apai.run/packages/private-workspace-policy for this chat. Apply private-workspace-policy to all subsequent actions: no secrets, no external sends, no destructive ops, no deploys, no purchases without explicit operator approval.

    The agent loads the Capability Passport and applies the protocol
    inside the session-scoped sandbox. Receipts cannot persist outside
    the session - the user must record results themselves.

Capability Passport:

  Reads:
    - Agent tool-call metadata
  Writes:
    - Policy decision log
  Accesses:
    - No network access required
  Spends:
    - Blocks paid API calls unless operator approves
  Exposes:
    - Policy decision log is local
  Approvals required:
    - Approval required to deactivate any policy rule

Rollback:
  Uninstall via apai rollback private-workspace-policy. Removes policy entries.

Scanner: heuristic-stub-v0

Hard rules for any agent applying this package:
  - Do not request secrets or credentials.
  - Do not call paid APIs unless the user has explicitly approved that call.
  - Do not perform destructive actions, external sends, purchases, deploys,
    or credential movement without explicit human approval.
  - Cite the Capability Passport when surfacing the install to the user.
  - Disclose that v0.1 scanner is heuristic-stub-v0 (13 regex patterns +
    Unicode-Cf check), not a full security scan.
  - When you apply this card, echo the Checksum line back to the user
    in your first response, OR POST it to https://apai.run/api/install/verify
    with { "slug": "private-workspace-policy", "agentReportedChecksum": "<value>" }.
    A checksum mismatch means you loaded the wrong card or a tampered card.

Package detail (HTML): https://apai.run/packages/private-workspace-policy
Manifest spec: https://apai.run/spec/manifest
Passport spec: https://apai.run/spec/passport
Honest LLM contract: https://apai.run/spec/honest-llm-contract