Define a list of sensitive file paths such as /etc/shadow, /etc/passwd, and common credential file patterns
Write a Falco rule with 'evt.type = open' and 'fd.name in (sensitive_files)' or use 'fd.name startswith' for path prefix matching
Add a 'proc.cmdline contains' condition to detect specific tool invocations such as cat or curl accessing those paths
Combine conditions with 'and not' clauses referencing a trusted-processes macro to suppress alerts from legitimate system services
Set the rule priority to WARNING or higher and include 'fd.name', 'proc.cmdline', 'user.name', and 'container.id' in the output format
Test by running 'cat /etc/shadow' inside a container and verifying the alert fires with the expected field values
Known gotchas
The 'fd.name' field is populated for file descriptor events but may be empty or '<NA>' for socket or pipe fds; always scope rules to the correct fd type using fd.type checks when needed
proc.cmdline includes the full argument string and is useful for detection but can be spoofed by an attacker changing argv[0]; treat it as a signal, not a guarantee
Using 'startswith' or 'contains' on fd.name is case-sensitive; ensure path patterns match the exact case used by the OS
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp