Skip to content

Add safe execution workspace primitive#314

Merged
chubes4 merged 3 commits into
mainfrom
safe-execution-workspace
Jun 6, 2026
Merged

Add safe execution workspace primitive#314
chubes4 merged 3 commits into
mainfrom
safe-execution-workspace

Conversation

@chubes4

@chubes4 chubes4 commented Jun 6, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds an opt-in Agents API safe execution workspace target for host-approved, site-isolated filesystem workspaces.
  • Registers scoped workspace prepare/list/read/write abilities only when the feature is enabled and a valid isolated root is configured.
  • Adds pure-PHP smoke coverage for default-off behavior, target/ability registration, contained file access, traversal rejection, and site-root isolation rejection.

Verification

  • homeboy lint --changed-only
  • php tests/safe-execution-workspace-smoke.php
  • php tests/task-execution-smoke.php
  • git diff --check

AI assistance

  • AI assistance: Yes
  • Tool(s): OpenCode (GPT-5.5)
  • Used for: Drafted the safe workspace primitive, smoke coverage, and verification workflow; Chris remains responsible for review and final acceptance.

@chubes4 chubes4 merged commit 8833275 into main Jun 6, 2026
2 checks passed
@chubes4 chubes4 deleted the safe-execution-workspace branch June 6, 2026 22:06
@chubes4 chubes4 mentioned this pull request Jun 6, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chubes4