Shorts: What Your Agent Shouldn't Read
Stop feeding it lockfiles
An easy thing to overlook when setting up a coding agent is what files it can read. Two categories matter, for different reasons. Secrets are the obvious one: don’t let the agent read .env, private keys, or encrypted credentials. Noise is less obvious. Minified JS, source maps, lockfiles, node_modules, build output, images, PDFs. None of that is sensitive, but it pollutes the context. An agent that reads package-lock.json to “understand dependencies” has burned its working memory on 40k lines of nothing. You want it thinking about your code. Deny both at the config level and you’ll do just that.
Here’s a Claude Code example you can drop in. The shape transfers to other agents with glob-based permissions, though the syntax varies.
{
"permissions": {
"deny": [
"Read(**/.env*)",
"Read(**/*.pem)",
"Read(**/*.key)",
"Read(**/master.key)",
"Read(**/*.yml.enc)",
"Read(**/secrets/**)",
"Read(**/credentials/**)",
"Read(**/*token*)",
"Read(**/node_modules/**)",
"Read(**/dist/**)",
"Read(**/build/**)",
"Read(**/_build/**)",
"Read(**/deps/**)",
"Read(**/vendor/bundle/**)",
"Read(**/ios/Pods/**)",
"Read(**/android/.gradle/**)",
"Read(**/log/**)",
"Read(**/tmp/**)",
"Read(**/coverage/**)",
"Read(**/*.min.js)",
"Read(**/*.min.css)",
"Read(**/*.bundle.js)",
"Read(**/*.map)",
"Read(**/*.sqlite3)",
"Read(**/*.db)",
"Read(**/*.log)",
"Read(**/*.apk)",
"Read(**/*.ipa)",
"Read(**/*.aab)",
"Read(**/*.pdf)",
"Read(**/*.png)",
"Read(**/*.jpg)",
"Read(**/*.mp4)",
"Read(**/package-lock.json)",
"Read(**/yarn.lock)",
"Read(**/Gemfile.lock)"
]
}
}