Safety First

Antigravity is an Autonomous Agent. Unlike VS Code, it can execute terminal commands and delete files without explicit confirmation if not configured correctly.

⚠️ Critical Warning

Never run Antigravity in your root directory (e.g., `C:\` or `/`). Always open a specific project subfolder. There have been reports of agents recursively deleting parent directories when trying to "clean up".

1. Configure the Sandbox

Create a file named .antigravity/config.json in your project root to limit the agent's capabilities.

{
  "sandbox": {
    "allowNetwork": true,
    "allowFileWrite": true,
    "fileWriteMode": "prompt", // Options: "always", "prompt", "never"
    "protectedPaths": [
      ".git",
      ".env",
      "**/*.lock"
    ],
    "maxFileChangesPerAction": 10
  }
}

2. Use Docker Mode

For risky refactors, run the agent inside a Docker container. This ensures that even if it goes rogue, your host system remains untouched.

antigravity start --isolation=docker

3. Recovery

If files are deleted, check the detailed Agent History logs. Antigravity keeps a local cache of modified files for 24 hours.

antigravity restore --last-session

4. Advanced Safety Configuration

Permission Levels

Antigravity operates with different permission levels. Understanding these levels is crucial for maintaining control over what the AI can and cannot do in your environment.

🟢 Safe Mode (Recommended)

The AI can read files and suggest changes but cannot write or execute commands without explicit user approval.

"permissions": {
  "fileWrite": "prompt",
  "terminalAccess": "prompt",
  "networkAccess": "blocked",
  "systemCommands": "blocked"
}

🟡 Development Mode

Allows file writing and basic terminal commands but blocks system-level operations and network access.

"permissions": {
  "fileWrite": "allowed",
  "terminalAccess": "limited",
  "allowedCommands": ["npm", "yarn", "git", "python", "node"],
  "networkAccess": "localhost-only"
}

🔴 Full Access (Dangerous)

Complete system access. Only use in isolated environments like Docker containers or disposable VMs.

"permissions": {
  "fileWrite": "allowed",
  "terminalAccess": "full",
  "networkAccess": "allowed",
  "systemCommands": "allowed"
}

File Protection Strategies

Protect critical files and directories from accidental modification or deletion with granular path-based rules.

Protected Paths Configuration

"protectedPaths": [
  ".git/**",              // Git repository data
  ".env*",               // Environment variables
  "**/*.lock",           // Package lock files
  "node_modules/**",     // Dependencies
  "dist/**",             // Build outputs
  "**/*.key",            // Private keys
  "**/*.pem",            // Certificates
  "config/production.*", // Production configs
  "**/*.bak",            // Backup files
  "**/.secrets/**"       // Secret directories
]

Use glob patterns for flexible path matching. Paths are relative to your project root.

Monitoring and Audit Trail

Antigravity maintains detailed logs of all AI actions. Enable comprehensive logging to track what changes are made and when.

Audit Configuration

"audit": {
  "enabled": true,
  "logLevel": "detailed",
  "logPath": ".antigravity/audit.log",
  "retention": "30 days",
  "includeFileContents": true,
  "alertOnDangerousOperations": true,
  "backupBeforeChanges": true,
  "maxBackupSize": "100MB"
}
✓ File Changes

Every file modification with diff

✓ Terminal Commands

All executed commands and output

✓ Network Requests

API calls and web browsing

✓ Permission Requests

User approval interactions

5. Emergency Procedures

🛑 Emergency Stop

If the AI is performing unwanted actions, immediately stop all agent processes:

Ctrl+C # Stop current operation
antigravity kill --all-agents # Terminate all agents

Use the task manager to forcefully terminate the process if unresponsive.

🔄 File Recovery

Antigravity automatically creates backups before major changes when audit mode is enabled:

# View available backups
antigravity backup --list

# Restore specific files
antigravity restore --files "src/**" --from-backup 2024-12-15-14:30

# Full session rollback
antigravity restore --session-rollback --confirm

🔍 Incident Analysis

After an incident, review the audit logs to understand what happened:

# View recent dangerous operations
antigravity audit --filter "dangerous" --last 1h

# Export incident report
antigravity audit --export --session [session-id]

6. Best Practices for Teams

👥 Team Configuration

  • • Standardize safety configs across the team
  • • Use `.antigravity/` in version control
  • • Document approved AI operations
  • • Regular safety training sessions
  • • Shared backup and recovery procedures

🏢 Enterprise Settings

  • • Centralized policy management
  • • LDAP integration for user permissions
  • • Automated compliance reporting
  • • Network segmentation for AI traffic
  • • Regular security audits

🔒 Security Hardening

  • • Use dedicated service accounts
  • • Implement principle of least privilege
  • • Monitor for privilege escalation
  • • Encrypt sensitive configuration data
  • • Regular permission review cycles

Complete Sample Configuration

Here's a comprehensive safety configuration that balances functionality with security:

{
  "version": "1.0",
  "environment": "development",
  
  "permissions": {
    "fileWrite": "prompt",
    "fileRead": "allowed",
    "terminalAccess": "limited",
    "networkAccess": "localhost-only",
    "systemCommands": "blocked"
  },
  
  "allowedCommands": [
    "npm", "yarn", "pnpm",
    "git", "svn", "hg",
    "python", "pip", "poetry",
    "node", "deno", "bun",
    "cargo", "rustc",
    "go", "mvn", "gradle",
    "docker", "docker-compose"
  ],
  
  "protectedPaths": [
    ".git/**",
    ".env*",
    "**/*.lock",
    "node_modules/**",
    "dist/**", "build/**",
    "**/*.key", "**/*.pem",
    "config/production.*",
    "**/.secrets/**",
    "**/*.bak", "**/*.backup"
  ],
  
  "sandbox": {
    "enabled": true,
    "maxFileChangesPerAction": 10,
    "maxFileSize": "10MB",
    "maxSessionDuration": "4 hours",
    "alertOnLargeOperations": true,
    "requireConfirmationFor": [
      "file_deletion",
      "directory_creation",
      "package_installation",
      "git_operations"
    ]
  },
  
  "audit": {
    "enabled": true,
    "logLevel": "detailed",
    "logPath": ".antigravity/audit.log",
    "retention": "30 days",
    "includeFileContents": true,
    "backupBeforeChanges": true,
    "maxBackupSize": "100MB",
    "alertOnDangerousOperations": true
  },
  
  "notifications": {
    "email": "admin@yourcompany.com",
    "slack": "#antigravity-alerts",
    "alertThreshold": "medium"
  }
}

🛡️ Remember: Safety is Your Responsibility

Antigravity is a powerful tool that can significantly accelerate development, but with great power comes great responsibility. Always test configurations in non-production environments first, maintain regular backups, and never grant more permissions than necessary.