Luke Hinds lukehinds

RFC: Nonofile

Problem

Users frequently hit issues because a path unique to their environment isn't covered by a built-in profile. Today, fixing this requires a code change to policy.json, a new release, and users to upgrade. This feedback loop is too slow for something that's inherently environment-specific.

While nono does support some customization today — users can place a profile JSON file in ~/.config/nono/profiles/ to fully replace a built-in profile, pass --profile /path/to/custom.json for an arbitrary profile, use --allow/--read/--write CLI flags to add paths, and use profile inheritance via "extends" — the policy primitives themselves are not editable. Specifically:

Group definitions (policy.json): The actual paths inside groups like deny_credentials, python_runtime, system_read_macos are embedded in the binary. If a group has the wrong path for your system (e.g., Homebrew installed at /opt/homebrew instead of /usr/local/Homebrew), you cannot fix it withou

Design: Network Filtering Proxy and Credential Management

Status: Proposed Date: 2026-02-17

Problem

The current network control is binary: --allow-net grants full internet access, --block-net (default) blocks everything. This is insufficient for AI agents that need controlled network access:

Primary problem - No host filtering: An agent with --allow-net can:

Design: Instruction File Attestation and Integrity Verification

Status: Proposed Date: 2026-02-20

Problem

AI agent instruction files (SKILLS.md, CLAUDE.md, AGENT.MD) are natural language that the LLM trusts as legitimate instructions. A developer clones a repo or installs a package, the LLM reads the instruction file at session start, and now it's following attacker-controlled directives. This is a supply chain attack that operates at the semantic layer.

nono QA Test Plan

Comprehensive manual verification procedures for all nono subsystems across macOS and Linux.

Prerequisites: A built nono binary (make build).

Important: /tmp is in the base system groups with read+write access. All "outside" test paths must use locations NOT in any system group. $HOME/nono-qa/ works because $HOME itself is not in any allow group (only specific subdirs like ~/.claude, ~/.cargo, etc.).

DeepFabric Dataset Tools

Utility scripts for analyzing, filtering, and cleaning synthetic datasets generated by DeepFabric.

Scripts

filter_tool_dataset.py

Generic quality filter for tool-calling datasets. Removes problematic patterns that can cause models to develop bad habits during training.

	{
	"meta": {
	"version": 3,
	"schema_version": "3.0"
	},
	"base_groups": [
	"deny_credentials",
	"deny_keychains_macos",
	"deny_keychains_linux",
	"deny_browser_data_macos",

	#!/usr/bin/env python3
	"""
	Generic Dataset Quality Filter for Tool-Calling Datasets

	This script filters out problematic patterns from ANY synthetic tool-calling dataset
	that can cause models to develop bad habits during training.

	Key features:
	1. Auto-detection mode: Discovers problematic patterns from the data itself
	2. Schema-agnostic: Works with any tool-calling dataset (Blender, Kubernetes, GitHub, etc.)

	#!/usr/bin/env python3
	"""
	Script to detect and optionally remove duplicate topics in JSON graph files.

	Uses SHA256 checksums (already computed in node metadata) and other matching
	strategies to identify duplicate topics.

	Example usage:
	# Report duplicates using exact hash matching
	python tools/dedupe_graph.py --input examples/basic-graph-topics.jsonl

	#####################################################################
	# Spin Blender Tools Dataset Configuration
	#####################################################################
	# This configuration demonstrates using Blender MCP tools via Spin
	# for generating synthetic 3D design assistant training data.
	#
	# Prerequisites:
	# 1. Start the Spin service:
	# cd tools-sdk
	# spin build && spin up