fix(permissions): move scratch edits from deny to ask in recommended …

[dkn16]

…tier

The recommended permission tier blanket-denied Edit(//scratch/) and Edit(//pscratch/), which made the agent unable to touch any file in projects rooted under $SCRATCH — exactly the layout NERSC users want because the home quota is small and DVS-mounted home doesn't honor flock(). The denies came from the Prism era when projects always lived under $HOME and scratch was just temp storage.

Move both patterns from deny to ask so the agent has to prompt the user before writing into scratch (rather than being silently blocked), and add Write(//*scratch/**) to ask too — the original deny only covered Edit, leaving Write auto-allowed which was inconsistent.

The other denies (~/.ssh, ~/.aws, ~/.gnupg, sudo, rm -rf, git push) remain — those are sensitive across all contexts.

Verified by lc init on a project rooted in $SCRATCH: generated settings.json puts the four scratch patterns under "ask" while keeping the SSH/AWS/sudo guards under "deny".

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	lightcone-cli	15cb46a	May 07 2026, 03:52 PM

[github-actions]

✅ Eval Results

Metric	Value
Score	1.00
Build complete	✅
Cost	$0.70
Turns	27
Duration	384s
lightcone-cli	0.3.5.dev4+g93fb4caa3 (93fb4caa)
Results	Download

Graders

✅ spec_valid (1.00)
✅ all_materialized (1.00)

Full output

15:52:28 lightcone.eval.build Building lightcone-cli wheel from /home/runner/work/lightcone-cli/lightcone-cli ...
15:52:34 lightcone.eval.build Built lightcone_cli-0.3.5.dev4+g93fb4caa3-py3-none-any.whl (commit 93fb4caa)
15:52:37 lightcone.eval.sandbox Created sandbox 49ebf0fe-5e6a-40cc-a9be-ea6111844199 for trial build-snae-0
15:52:38 httpx HTTP Request: POST https://proxy.app.daytona.io/toolbox/49ebf0fe-5e6a-40cc-a9be-ea6111844199/files/bulk-upload "HTTP/1.1 200 OK"
15:52:39 lightcone.eval.sandbox Installed wheels: ['lightcone_cli-0.3.5.dev4+g93fb4caa3-py3-none-any.whl']
15:52:40 httpx HTTP Request: POST https://proxy.app.daytona.io/toolbox/49ebf0fe-5e6a-40cc-a9be-ea6111844199/files/bulk-upload "HTTP/1.1 200 OK"
15:52:40 httpx HTTP Request: POST https://proxy.app.daytona.io/toolbox/49ebf0fe-5e6a-40cc-a9be-ea6111844199/files/bulk-upload "HTTP/1.1 200 OK"
15:52:40 httpx HTTP Request: POST https://proxy.app.daytona.io/toolbox/49ebf0fe-5e6a-40cc-a9be-ea6111844199/files/bulk-upload "HTTP/1.1 200 OK"
15:52:41 httpx HTTP Request: POST https://proxy.app.daytona.io/toolbox/49ebf0fe-5e6a-40cc-a9be-ea6111844199/files/bulk-upload "HTTP/1.1 200 OK"
15:59:07 lightcone.eval.sandbox Deleted sandbox for trial build-snae-0
  snae trial 0: score=1.00 complete

lightcone-cli: 0.3.5.dev4+g93fb4caa3 (HEAD 93fb4caa)
ASTRA: 0.2.7

  Eval Results: Scores  
┏━━━━━━┳━━━━━━━━━━━━━━━┓
┃ Task ┃     Score     ┃
┡━━━━━━╇━━━━━━━━━━━━━━━┩
│ snae │ 1.00 +/- 0.00 │
│      │ pass@k: 100%  │
└──────┴───────────────┘

   Eval Results: Cost &   
         Duration         
┏━━━━━━┳━━━━━━━━━━━━━━━━━┓
┃ Task ┃ Cost / Duration ┃
┡━━━━━━╇━━━━━━━━━━━━━━━━━┩
│ snae │      $0.70      │
│      │      384s       │
└──────┴─────────────────┘

Total: 1 trials, $0.70, 384s

Results saved to: eval-results/build-93fb4caa/results.json

[EiffL]

LGTM

[github-actions]

Developer Certificate of Origin

This PR has been approved. Before it can be merged, all contributors must sign the Developer Certificate of Origin.

Status

none yet

• ❌ @dkn16

How to sign

Post the following comment exactly as written:

I have read the Developer Certificate of Origin and I hereby sign the DCO for this PR