Add Greywall to Supply Chain Security

nikitalokhmachev-ai · claude · nikitalokhmachev-ai · commit 9211c58c446e · 2026-03-13T14:36:01.000-04:00
Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/readme.md b/readme.md
@@ -318,6 +318,7 @@ Static Analysis Security Testing (SAST) tools scan software for vulnerabilities
 
 Supply chain attacks come in different forms, targeting parts of the SDLC that are inherently 3rd party: tools in CI, external code that's been executed, and more. Supply chain security tooling can defend against these kinds of attacks.
 
+- [Greywall](https://github.com/GreyhavenHQ/greywall) - _GreyhavenHQ_ - Deny-by-default command sandbox for AI coding agents and CLI tools with filesystem isolation, network control, and built-in profiles for agents like Claude Code or OpenCode.
 - [Harden Runner GitHub Action](https://github.com/step-security/harden-runner) - _StepSecurity_ - installs a security agent on the GitHub-hosted runner (Ubuntu VM) to prevent exfiltration of credentials, detect compromised dependencies and build tools, and detect tampering of source code during the build.
 - [Overlay](https://github.com/os-scar/overlay) - _SCAR_ - a browser extension helping developers evaluate open source packages before picking them.
 - [Preflight](https://github.com/spectralops/preflight) - _Spectral_ - helps you verify scripts and executables to mitigate supply chain attacks in your CI and other systems, such as in the recent [Codecov hack](https://spectralops.io/blog/credentials-risk-supply-chain-lessons-from-the-codecov-breach/).
