Vouch request: travisbreaks

[travisbreaks]

What do you want to work on?

I'd like to build the OPA/Rego policy template proposed in #755: detecting destructive command chaining within a single exec. I filed the issue after experiencing this failure mode firsthand while running an AI agent that composed a shell string combining rm -rf chained via &&. Each binary was individually permitted; the damage came from their combination in one exec.

I also filed #745 (security layer visibility), where @johntmyers scoped a plan for exposing Landlock degradation states. Available to contribute there as well.

Why this change?

Binary-level allow/deny can't distinguish legitimate single-binary use from catastrophic chaining. The policy layer has access to the full command string pre-exec. A loadable template that enforces "one destructive primitive per exec" fills a real gap between what Seccomp/Landlock enforce and what agents actually do.

My background is systems engineering (Dell, Army), and I'm currently building AI agent safety tooling. This contribution comes from direct operational experience, not a hypothetical.

Checklist

• I wrote this request myself (not AI-generated)
• I have read CONTRIBUTING.md