permissionBoundary. The default posture is
read-only, no BudsCollab filesystem access, no network access, and only
declared exported data classes.
Required fields:
budscollabLocalFilesystemAccess: alwaysfalse.externalAppLocalFilesystemAccess:noneoruser-selected-repo.exportedDataClasses: sanitized data classes the package may return to the host.networkAccess:noneordeclared-origins.writePolicy:read-onlyorconfirmed-writes-with-audit.auditLog:requiredornot-required.
writePolicy: "read-only". Packages with write or
mutating tools must use confirmed-writes-with-audit and auditLog: "required".
Custom renderers also need a renderer boundary. Use json-render-only for the
safe default lane. Use isolated-external-renderer only when the artifact needs
custom rendering and has declared origins plus sandbox isolation.