Setup for interns and new hires

Surface: Coding assistant hooks Modes supported: Local Hosted Hybrid Tiers: Free Solo Teams

Who this is for

You are new -- an intern, a new hire, or anyone learning the codebase. You want to use AI tools to move fast, and you want to be sure you cannot accidentally break production, delete the wrong thing, or leak a secret while you find your feet.

What you typically want governed

Nothing destructive. No deletes, no force-push, no production writes.
Reads are free. Explore the code and the data all you want.
Mistakes are caught, not punished. A blocked action is a guardrail, not a failure.

Which surface to install

Coding hooks, in front of your AI coding assistant. One command, and every risky action is checked before it runs. If your team already manages policy centrally, ask your admin to enroll your laptop instead; you will get the team policy automatically.

controlzero install claude-code

Starter policy

A read-everything, change-nothing-dangerous sandbox. The hook normalizes your assistant's calls to canonical names -- file reads become file_read:read, searches become file_search:search, and shell commands become Bash:<command>. This policy allows the safe ones and blocks the destructive ones. Drop it at ~/.controlzero/policy.yaml (or let the installer create it and replace the contents):

version: '1'
settings:
  default_action: deny
  default_on_missing: deny
  default_on_tamper: warn
rules:
  - id: allow-file-read
    allow: 'file_read:read'
    reason: 'Reading and exploring files is always fine.'
  - id: allow-file-search
    allow: 'file_search:search'
    reason: 'Searching the codebase is safe.'
  - id: allow-safe-shell
    allow:
      - 'Bash:ls'
      - 'Bash:cat'
      - 'Bash:grep'
      - 'Bash:git'
    reason: 'Read-only shell commands are fine for learning.'
  - id: allow-db-read
    allow: 'database:read'
    reason: 'SELECT queries are fine for learning.'
  - id: deny-rm
    deny: 'Bash:rm'
    reason: 'Deletes are blocked while you learn the ropes.'
  - id: deny-db-changes
    deny: 'database:write'
    reason: 'No data changes from a learning sandbox.'
  - id: deny-db-admin
    deny: 'database:admin'
    reason: 'No schema or permission changes.'

This policy denies anything not explicitly allowed, so it is safe by default. The allow rules use the exact canonical names the hook emits, so your reads and searches actually go through. As you get comfortable, your team can hand you a broader policy.

What you'll see

When you (or your assistant) try a blocked action, it stops with a clear reason like "Deletes are blocked while you learn the ropes." Nothing bad happens -- that is the guardrail working.
Every decision is logged. Watch it live to learn what your tools actually do:
```
controlzero tail
```

A blocked action is never a mark against you. It means the guardrail did its job. When you have a legitimate need the policy blocks, ask your team to widen it.

Next steps

Govern Claude Code, Cursor, Codex CLI, Gemini CLI -- the full coding-hooks guide.
Read-only database -- understand the read/write/admin split.
Quickstart -- how Control Zero works end to end.
Observation-only setup -- if you want to watch first, blocking nothing.

Who this is for​

What you typically want governed​

Which surface to install​

Starter policy​

What you'll see​

Next steps​