Might wanna check out https://github.com/LuD1161/agentjail - policy guardrails for coding agents.
shameless self-plug. I've been dogfooding it for the last 3 weeks now.