-
Notifications
You must be signed in to change notification settings - Fork 148
[Tracking] Cowork hardening — exit criteria for promoting cowork out of experimental #933
Copy link
Copy link
Open
2 / 42 of 4 issues completedOpen
2 / 42 of 4 issues completed
Copy link
Labels
area/docs-sitedocs/src/content (Starlight), README, doc generation.docs/src/content (Starlight), README, doc generation.area/multi-targetMulti-target deploy spec, target directory creation, agent surface routing.Multi-target deploy spec, target directory creation, agent surface routing.experimentalstatus/acceptedDirection approved, safe to start work.Direction approved, safe to start work.status/triagedInitial agentic triage complete; pending maintainer ratification (silence = approval).Initial agentic triage complete; pending maintainer ratification (silence = approval).theme/securitySecure by default. Content scanning, lockfile integrity, MCP trust boundaries.Secure by default. Content scanning, lockfile integrity, MCP trust boundaries.trackingtype/featureNew capability, new flag, new primitive.New capability, new flag, new primitive.
Description
Metadata
Metadata
Assignees
Labels
area/docs-sitedocs/src/content (Starlight), README, doc generation.docs/src/content (Starlight), README, doc generation.area/multi-targetMulti-target deploy spec, target directory creation, agent surface routing.Multi-target deploy spec, target directory creation, agent surface routing.experimentalstatus/acceptedDirection approved, safe to start work.Direction approved, safe to start work.status/triagedInitial agentic triage complete; pending maintainer ratification (silence = approval).Initial agentic triage complete; pending maintainer ratification (silence = approval).theme/securitySecure by default. Content scanning, lockfile integrity, MCP trust boundaries.Secure by default. Content scanning, lockfile integrity, MCP trust boundaries.trackingtype/featureNew capability, new flag, new primitive.New capability, new flag, new primitive.
Type
Projects
Status
Todo
Tracking issue grouping all follow-ups required to promote the
coworkexperimental flag to GA. Spun out of #913 (cowork-skills experimental support) following the APM Expert Review Panel verdict.The PR for #913 (#926) ships behind
experimental.cowork=falseby default. CEO arbitration accepted the items below as follow-ups behind the flag, but all security items in #925 are hard gates on flipping the flag default totrueor removing it fromFLAGS.Exit criteria for GA
Security (BLOCKING)
coworkout of experimental #925 — Cowork security follow-ups (orphan cleanup on uninstall, NUL-byte / traversal validation inset_cowork_skills_dir, replace ad-hoc..substring withvalidate_path_segments)Security (tracking, non-blocking)
%2e%2eURL-encoded traversal in lockfile-path handling #924 —%2e%2eURL-encoded traversal in lockfile-path handling (mitigated today byensure_path_within; cleaner fix is to reject at parse time)Maintainability (non-blocking, recommended)
SkillIntegratorthroughtarget.deploy_path(), dedupe hot-pathresolve_cowork_skills_dir()calls, consolidateunset_*_dirhelpers behindupdate_config()cowork-skills-dirin_valid_config_keys(), fix verbose target log to print resolved root instead of placeholderDocumentation gate
Before flipping the flag default:
docs/src/content/docs/security-model.mdxto reflect thatcoworkwrites into a surface ingested by M365 Copilot.docs/src/content/docs/reference/experimental-flags.mdxinto the standard install/targets reference.Out of scope for this tracker
How to close
Close this issue once #925 is closed, the documentation gate items are checked, and the
coworkentry is removed fromFLAGSinsrc/apm_cli/core/experimental.py. #922, #923, #924 do not block closure but should be linked in the closing comment with their final state./cc panel review: #913, PR: #926