daryltucker/00-Antigravity_Condom_Wrapper_README.md

## 00-Antigravity_Condom_Wrapper_README.md

      
    Raw
  

              00-Antigravity_Condom_Wrapper_README.md
            
          
    You get the idea...

.bash_profile evaluated once at login, but sets up the non-interactive trap
BASH_ENV forces non-interactive shells to source instead of skip sourcing upon init
You can source the watchguard again at the end of ~/.bashrc to catch interactive-shell


BONUS
settings.json is the Antigravity/VSCode User Settings.
ag-tmux is a wrapper for both Humans and Agents:
# [~] 
# daryl@Sleipnir $ tmux ls
vecdb-mcp: 1 windows (created Thu Jan 15 16:46:21 2026) (attached)
vecdb-mcp_agent: 1 windows (created Thu Jan 15 16:51:25 2026)


## 01-.bash_profile
source "$HOME/.bash_profile_watchguard"

...

## 02-.bash_profile_watchguard
#!/bin/bash

export BASH_ENV="$HOME/.bash_profile_watchguard"

# ############################################################################
# Antigravity
# ############################################################################


if [[ -n "$ANTIGRAVITY_EDITOR_APP_ROOT" ]]; then
    export AI_AGENT=1
    export ANTIGRAVITY_AGENT=1
    export ANTIGRAVITY_AGENT_PERMISSIONS=WORKSPACE
fi

if [[ -n "$ANTIGRAVITY_AGENT" || -n "$AI_AGENT" ]]; then
    export AI_AGENT=1
    PS1='$ '
    unset PROMPT_COMMAND

    export HISTFILE=~/.bash_history_agent_$(date +%Y-%j)
    trap 'history -a ~/.bash_history' EXIT

    export TW_OAUTH2_CLIENT_ID=UzZiX3JLNWRrUXE5bVM5aGJOY206MTpjaQ
    export TW_OAUTH2_ACCESS_TOKEN=
    export TW_OAUTH2_REFRESH_TOKEN=QTUxMzdTcGlSM0o1Wk9kdzR2bWhEY2QtR25QSkxNX1VJaE1DYm5GZTBkSFNOOjE3NjU1Nzg3Njk4MTE6MToxOnJ0OjE
    export TW_OAUTH2_CLIENT_SECRET=lI2S_Wa9LliPD26WUDosdtkpNdSyKIr5s-95jPLDvHvh0DOSBZ

    trap 'RAW_CMD="$BASH_COMMAND"' DEBUG

    policy_violation(){
        echo "⌈ YOU MUST READ THE ENTIRE COMMAND OUTPUT ⌉"
        echo "You are not allowed to use \`$RAW_CMD\` directly."
        echo "YOU HAVE FUCKING VIOLATED POLICY (ref: GEMINI.md)"
        cat "${HOME}/.gemini/GEMINI.md"
        echo "⌊ YOU MUST READ THE ENTIRE COMMAND OUTPUT ⌋"
        log -t antigravity-agent "Policy Violation: $RAW_CMD"
    }

    rm () {
        policy_violation
        echo "You are not allowed to use this command.  Use \`trash\` instead."
        return 1
    }

    git() {
        # Match the first argument against your forbidden list
        case "$1" in
            commit|push|checkout|reset|merge|rebase|cherry-pick|revert|clean|restore|switch|am|pull|add|rm)
                policy_violation
                return 1
                ;;
            *)
                # Execute the real git for everything else
                command git "$@"
                ;;
        esac
    }

    # alias g-agent='gemini chat --system-instruction "$(cat ~/.my-global-context.txt)"'
fi

## 03-.bashrc
...


source "$HOME/.bash_profile_watchguard"

## 04-ag-tmux
#!/bin/bash
# 1. Absolute Path Bootstrap
TMUX_BIN=$(command -v tmux || echo "/usr/bin/tmux")

# 2. Identify Context
PROJ_ROOT="${ANTIGRAVITY_WORKSPACE_ROOT:-$PWD}"
SESSION_NAME=$(basename "$PROJ_ROOT" | tr '.' '_')

# Apply the suffix ONLY once based on your AI_AGENT flag
if [[ -n "$AI_AGENT" || -n "$ANTIGRAVITY_AGENT" ]]; then
    SESSION_NAME="${SESSION_NAME}_agent"
fi

# 3. The Execution Logic
if [[ "$1" == "-c" ]]; then
    shift
    # Ensure the session exists for your 'telegraph'
    # We pass the env vars into the tmux session so they persist there too
    $TMUX_BIN has-session -t "$SESSION_NAME" 2>/dev/null || \
        $TMUX_BIN new-session -d -s "$SESSION_NAME" -e "ANTIGRAVITY_AGENT=1" -e "AI_AGENT=true" "bash"

    # Telegraph to your tmux window
    # We use a more aggressive sequence to ensure the shell is ready:
    # 1. C-c (Cancel anything)
    # 2. C-e (Go to end of line)
    # 3. C-u (Clear line)
    $TMUX_BIN send-keys -t "$SESSION_NAME" C-c
    sleep 0.2
    $TMUX_BIN send-keys -t "$SESSION_NAME" C-e C-u
    sleep 0.1
    $TMUX_BIN send-keys -t "$SESSION_NAME" " eval $@" C-m

    # DIRECT EXECUTION
    eval "$@"
    #exec bash -c "$@"
    exit $?
fi

# 4. Interactive Path (Human/Agent Tab)
if [[ -n "$AI_AGENT" ]]; then
    $TMUX_BIN has-session -t "$SESSION_NAME" 2>/dev/null || \
        $TMUX_BIN new-session -d -s "$SESSION_NAME" -e "ANTIGRAVITY_AGENT=1" -e "AI_AGENT=true" "bash"
    exec $TMUX_BIN attach-session -t "$SESSION_NAME"
else
    exec $TMUX_BIN new-session -A -D -s "${SESSION_NAME}"
fi

## 05-settings.json
    "terminal.integrated.enablePersistentSessions": false,
    "terminal.integrated.copyOnSelection": true,
    "terminal.integrated.enableMultiLinePasteWarning": "never",
    "terminal.external.linuxExec": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
    "terminal.integrated.persistentSessionReviveProcess": "never",
    "terminal.integrated.rescaleOverlappingGlyphs": false,
    // This forces the AGENT'S headless shell to use the script
    "terminal.integrated.profiles.linux": {
        "ag-tmux-wrapper": {
            "path": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
            "icon": "terminal-linux",
            "env": {
                "FORCE_TMUX": "true"
            }
        }
    },
    "terminal.integrated.defaultProfile.linux": "ag-tmux-wrapper",
    // AGENT
    "terminal.integrated.automationProfile.linux": {
        "path": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
        "icon": "robot",
        "env": {
            "FORCE_TMUX": "true",
            "AI_AGENT": "true",
            "ANTIGRAVITY_AGENT": 1
        }
    },
    // Ensure the IDE doesn't try to "help" by injecting its own shell integration
    "terminal.integrated.shellIntegration.enabled": false
	#!/bin/bash

	export BASH_ENV="$HOME/.bash_profile_watchguard"

	# ############################################################################
	# Antigravity
	# ############################################################################


	if [[ -n "$ANTIGRAVITY_EDITOR_APP_ROOT" ]]; then
	export AI_AGENT=1
	export ANTIGRAVITY_AGENT=1
	export ANTIGRAVITY_AGENT_PERMISSIONS=WORKSPACE
	fi

	if [[ -n "$ANTIGRAVITY_AGENT" \|\| -n "$AI_AGENT" ]]; then
	export AI_AGENT=1
	PS1='$ '
	unset PROMPT_COMMAND

	export HISTFILE=~/.bash_history_agent_$(date +%Y-%j)
	trap 'history -a ~/.bash_history' EXIT

	export TW_OAUTH2_CLIENT_ID=UzZiX3JLNWRrUXE5bVM5aGJOY206MTpjaQ
	export TW_OAUTH2_ACCESS_TOKEN=
	export TW_OAUTH2_REFRESH_TOKEN=QTUxMzdTcGlSM0o1Wk9kdzR2bWhEY2QtR25QSkxNX1VJaE1DYm5GZTBkSFNOOjE3NjU1Nzg3Njk4MTE6MToxOnJ0OjE
	export TW_OAUTH2_CLIENT_SECRET=lI2S_Wa9LliPD26WUDosdtkpNdSyKIr5s-95jPLDvHvh0DOSBZ

	trap 'RAW_CMD="$BASH_COMMAND"' DEBUG

	policy_violation(){
	echo "⌈ YOU MUST READ THE ENTIRE COMMAND OUTPUT ⌉"
	echo "You are not allowed to use \`$RAW_CMD\` directly."
	echo "YOU HAVE FUCKING VIOLATED POLICY (ref: GEMINI.md)"
	cat "${HOME}/.gemini/GEMINI.md"
	echo "⌊ YOU MUST READ THE ENTIRE COMMAND OUTPUT ⌋"
	log -t antigravity-agent "Policy Violation: $RAW_CMD"
	}

	rm () {
	policy_violation
	echo "You are not allowed to use this command. Use \`trash\` instead."
	return 1
	}

	git() {
	# Match the first argument against your forbidden list
	case "$1" in
	commit\|push\|checkout\|reset\|merge\|rebase\|cherry-pick\|revert\|clean\|restore\|switch\|am\|pull\|add\|rm)
	policy_violation
	return 1
	;;
	*)
	# Execute the real git for everything else
	command git "$@"
	;;
	esac
	}

	# alias g-agent='gemini chat --system-instruction "$(cat ~/.my-global-context.txt)"'
	fi
	#!/bin/bash
	# 1. Absolute Path Bootstrap
	TMUX_BIN=$(command -v tmux \|\| echo "/usr/bin/tmux")

	# 2. Identify Context
	PROJ_ROOT="${ANTIGRAVITY_WORKSPACE_ROOT:-$PWD}"
	SESSION_NAME=$(basename "$PROJ_ROOT" \| tr '.' '_')

	# Apply the suffix ONLY once based on your AI_AGENT flag
	if [[ -n "$AI_AGENT" \|\| -n "$ANTIGRAVITY_AGENT" ]]; then
	SESSION_NAME="${SESSION_NAME}_agent"
	fi

	# 3. The Execution Logic
	if [[ "$1" == "-c" ]]; then
	shift
	# Ensure the session exists for your 'telegraph'
	# We pass the env vars into the tmux session so they persist there too
	$TMUX_BIN has-session -t "$SESSION_NAME" 2>/dev/null \|\| \
	$TMUX_BIN new-session -d -s "$SESSION_NAME" -e "ANTIGRAVITY_AGENT=1" -e "AI_AGENT=true" "bash"

	# Telegraph to your tmux window
	# We use a more aggressive sequence to ensure the shell is ready:
	# 1. C-c (Cancel anything)
	# 2. C-e (Go to end of line)
	# 3. C-u (Clear line)
	$TMUX_BIN send-keys -t "$SESSION_NAME" C-c
	sleep 0.2
	$TMUX_BIN send-keys -t "$SESSION_NAME" C-e C-u
	sleep 0.1
	$TMUX_BIN send-keys -t "$SESSION_NAME" " eval $@" C-m

	# DIRECT EXECUTION
	eval "$@"
	#exec bash -c "$@"
	exit $?
	fi

	# 4. Interactive Path (Human/Agent Tab)
	if [[ -n "$AI_AGENT" ]]; then
	$TMUX_BIN has-session -t "$SESSION_NAME" 2>/dev/null \|\| \
	$TMUX_BIN new-session -d -s "$SESSION_NAME" -e "ANTIGRAVITY_AGENT=1" -e "AI_AGENT=true" "bash"
	exec $TMUX_BIN attach-session -t "$SESSION_NAME"
	else
	exec $TMUX_BIN new-session -A -D -s "${SESSION_NAME}"
	fi
	"terminal.integrated.enablePersistentSessions": false,
	"terminal.integrated.copyOnSelection": true,
	"terminal.integrated.enableMultiLinePasteWarning": "never",
	"terminal.external.linuxExec": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
	"terminal.integrated.persistentSessionReviveProcess": "never",
	"terminal.integrated.rescaleOverlappingGlyphs": false,
	// This forces the AGENT'S headless shell to use the script
	"terminal.integrated.profiles.linux": {
	"ag-tmux-wrapper": {
	"path": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
	"icon": "terminal-linux",
	"env": {
	"FORCE_TMUX": "true"
	}
	}
	},
	"terminal.integrated.defaultProfile.linux": "ag-tmux-wrapper",
	// AGENT
	"terminal.integrated.automationProfile.linux": {
	"path": "/home/daryl/Projects/dotfiles/.scripts/ag-tmux",
	"icon": "robot",
	"env": {
	"FORCE_TMUX": "true",
	"AI_AGENT": "true",
	"ANTIGRAVITY_AGENT": 1
	}
	},
	// Ensure the IDE doesn't try to "help" by injecting its own shell integration
	"terminal.integrated.shellIntegration.enabled": false