clawdie-ai/docs/WARDEN.md

Warden Runtime

Warden is the Clawdie name for its isolated execution layer.

It is not a replacement for FreeBSD jails or Bastille. It is the project-level name for how Clawdie runs agent work safely.

Definition

• FreeBSD jail: the operating-system isolation primitive
• Bastille: the host-side jail manager
• Warden runtime: Clawdie's isolated agent execution layer built on top of jails

In practice:

• Bastille creates and manages the jails
• FreeBSD enforces the isolation
• Clawdie dispatches agent work into the Warden runtime

Why Use the Name

Warden gives the runtime a project-specific identity without hiding the underlying tooling.

That keeps operations clear:

• use standard Bastille docs and commands when managing jails
• use Warden when describing Clawdie's execution model

Recommended Usage

Use Warden in:

• architecture docs
• operator language
• future helper scripts and wrapper commands
• future jail names such as warden-worker or warden-browser

Do not use Warden to rename:

• bastille.conf keys
• Bastille's default path layout
• FreeBSD jail terminology itself

Long-Term Direction

The intended model is:

• Warden jail runtime for PI, coding, CLI work, and low-overhead task execution
• optional Warden browser VM later via bhyve for Linux desktop and browser automation workloads

That keeps the lightweight path lightweight while still leaving room for a heavier GUI executor later.