Prevents agents from reading or editing .env files and other sensitive configuration.
agex add @agex-community/env-guard-hook
