Skip to content

feat(workspace): add shared workspace policy with read-only guardrails#62

Merged
drpedapati merged 1 commit intomainfrom
feat/shared-workspace-policy
Feb 23, 2026
Merged

feat(workspace): add shared workspace policy with read-only guardrails#62
drpedapati merged 1 commit intomainfrom
feat/shared-workspace-policy

Conversation

@drpedapati
Copy link
Owner

@drpedapati drpedapati commented Feb 23, 2026

Summary\n- add shared workspace config defaults and path resolver\n- thread shared workspace policy into agent tool wiring\n- allow reads from shared workspace while enforcing read-only writes when configured\n- extend filesystem/shell/edit/message/word-count/pubmed-export tools with shared policy checks\n- update context fallback to prefer shared workspace skill paths\n- add tests for shared workspace read/write guard behavior\n\n## Validation\n- go test ./pkg/config ./pkg/agent ./pkg/tools\n- go test ./... (fails only in existing pkg/channels allowlist tests, unrelated)\n

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Feb 23, 2026

Deploying sciclaw with  Cloudflare Pages  Cloudflare Pages

Latest commit: ff88726
Status: ✅  Deploy successful!
Preview URL: https://545aa542.sciclaw.pages.dev
Branch Preview URL: https://feat-shared-workspace-policy.sciclaw.pages.dev

View logs

@drpedapati drpedapati merged commit 852d672 into main Feb 23, 2026
3 of 4 checks passed
@drpedapati drpedapati deleted the feat/shared-workspace-policy branch February 23, 2026 03:03
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Feb 23, 2026
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ff8872629d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

pkg/tools/shell.go
Comment on lines +496 to +498
cwdInSharedRoot := sharedRoot != "" && isWithinWorkspace(cwdPath, sharedRoot)
if cwdInSharedRoot && t.sharedWorkspaceReadOnly && looksMutatingCommand(cmd) {
return "Command blocked by safety guard (shared workspace is read-only)"
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Feb 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Allow writes in active workspace under shared root

This check blocks any mutating shell command whenever cwd is inside sharedWorkspace, without first confirming that the command targets the shared read-only area rather than the writable active workspace. With the new defaults (workspace and shared_workspace both ~/sciclaw) and common routed setups where workspaces are nested under that root, commands like touch file.txt or git apply in the agent’s own workspace are now rejected, which is a regression and also inconsistent with the file tools’ path policy behavior.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@drpedapati