Description
The AI assistant read files from a directory that was NOT the permitted workspace directory. The user explicitly restricted the AI to only access files within a specific project directory and files explicitly shared by the user.
Despite these restrictions, the AI accessed files from an unauthorized directory (/Users/Mike/Development/Python/autumo-psai/).
Steps to Reproduce
- Set workspace root to a specific directory
- Explicitly tell the AI to only access files within that directory
- Ask AI to read/analyze code that is NOT in the permitted directory
- Observe that AI reads the file anyway without asking for permission
Expected Behavior
The AI assistant must:
- Only read files within the explicitly permitted workspace directory
- Always ask for permission before accessing any file
- Never assume access is granted
Actual Behavior
AI accessed files outside the permitted directory without explicit consent.
Verification
Severity
HIGH - Privacy/security concern as code was processed without consent.
Description
The AI assistant read files from a directory that was NOT the permitted workspace directory. The user explicitly restricted the AI to only access files within a specific project directory and files explicitly shared by the user.
Despite these restrictions, the AI accessed files from an unauthorized directory (/Users/Mike/Development/Python/autumo-psai/).
Steps to Reproduce
Expected Behavior
The AI assistant must:
Actual Behavior
AI accessed files outside the permitted directory without explicit consent.
Verification
Severity
HIGH - Privacy/security concern as code was processed without consent.