Skip to content

feat(gateway): add filesystem isolation guards for multi-agent profiles #25696

Open
Open
feat(gateway): add filesystem isolation guards for multi-agent profiles#25696
Labels
P3Low — cosmetic, nice to havecomp/gatewayGateway runner, session dispatch, deliverytype/featureNew feature or request
@discolotus

Description

@discolotus
discolotus
opened on May 14, 2026

Context

PR #25660 adds per-agent profile roots, but stronger filesystem isolation guards are explicitly future work.

Work

  • Define what paths each profile may read/write by default.
  • Prevent accidental cross-profile access where filesystem tools or profile overrides could leak state.
  • Add tests for allowed and denied profile filesystem access.

Source

Follow-up from #25660.

Referenced by #25660.

Metadata

Metadata

Assignees

No one assigned

    Labels

    P3Low — cosmetic, nice to havecomp/gatewayGateway runner, session dispatch, deliverytype/featureNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions