3a8ce83234
Worker-3's path-scope regression showed outside read_file paths were blocked by the workspace wrapper after dispatch instead of by the permission enforcer. File, glob, and grep tools now classify path scope before dispatch and require danger-full-access for paths that resolve outside the current workspace. Constraint: G002-alpha-security requires permission-mode event/status visibility for blocked file and shell paths Rejected: relying only on runtime wrapper errors | it hides the active permission-mode denial contract from callers Confidence: high Scope-risk: narrow Directive: keep path-sensitive tool permission classification aligned with workspace wrapper resolution Tested: cargo test -p tools --test path_scope_enforcement --manifest-path rust/Cargo.toml --quiet; cargo test -p tools given_workspace_write_enforcer_when_bash --manifest-path rust/Cargo.toml --quiet; cargo check --manifest-path rust/Cargo.toml --workspace; cargo fmt --all --manifest-path rust/Cargo.toml -- --check Not-tested: full workspace test suite after this small permission-classification follow-up Co-authored-by: OmX <omx@oh-my-codex.dev> |
||
|---|---|---|
| .. | ||
| api | ||
| commands | ||
| compat-harness | ||
| mock-anthropic-service | ||
| plugins | ||
| runtime | ||
| rusty-claude-cli | ||
| telemetry | ||
| tools | ||