13 lines
766 B
Markdown
13 lines
766 B
Markdown
# User File System Tooling Boundary
|
|
|
|
The `personal-user-filesystem` change adds `user_files_*` tools for files that users can upload, inspect, and receive from agents. These tools enforce the same virtual roots as the web API:
|
|
|
|
- `uploads/`
|
|
- `outputs/`
|
|
- `shared/`
|
|
- `tasks/`
|
|
|
|
The existing local workspace filesystem tools remain registered for internal runtime and development workflows. They are workspace-scoped, but they are not the user-visible file boundary. Agents should use `user_files_*` tools when reading user-provided files or writing user-facing outputs.
|
|
|
|
Follow-up for stronger isolation: add a runtime policy switch that disables or narrows local workspace filesystem tools for ordinary personal-agent tasks, while keeping `user_files_*` available.
|