Summary
To feel like a first-class coding agent, deepseek-tui needs stronger safety controls around shell execution, sandbox behavior, approvals, and runtime server exposure.
Scope
- Improve sandbox parity across platforms, especially outside macOS
- Add clearer per-tool and per-MCP approval control where appropriate
- Strengthen audit trails for approvals, denials, auto-approvals, and safety escalations
- Make server safety clearer for real-world use, including guarded or authenticated deployment patterns where feasible
- Tighten docs around trust mode, approval policy, and sandbox expectations
Acceptance Criteria
- Approval behavior is easier to reason about for built-in and MCP tools
- Sandbox behavior is more consistent across supported platforms
- Runtime/API/server safety story is clearly documented
- Safety-related regressions are covered by tests where practical
Starting Points
docs/MODES.mddocs/RUNTIME_API.mddocs/CONFIGURATION.mdcrates/execpolicy/crates/tui/src/sandbox/crates/mcp/src/lib.rs
Summary
To feel like a first-class coding agent,
deepseek-tuineeds stronger safety controls around shell execution, sandbox behavior, approvals, and runtime server exposure.Scope
Acceptance Criteria
Starting Points
docs/MODES.mddocs/RUNTIME_API.mddocs/CONFIGURATION.mdcrates/execpolicy/crates/tui/src/sandbox/crates/mcp/src/lib.rs