diff --git a/nanobot/agent/tools/filesystem.py b/nanobot/agent/tools/filesystem.py
index d4094e7f3..a0e470fa9 100644
--- a/nanobot/agent/tools/filesystem.py
+++ b/nanobot/agent/tools/filesystem.py
@@ -21,7 +21,9 @@ def _resolve_path(
         p = workspace / p
     resolved = p.resolve()
     if allowed_dir:
-        all_dirs = [allowed_dir] + (extra_allowed_dirs or [])
+        from nanobot.config.paths import get_runtime_subdir
+        media_path = get_runtime_subdir("media").resolve()
+        all_dirs = [allowed_dir] + [media_path] + (extra_allowed_dirs or []) 
         if not any(_is_under(resolved, d) for d in all_dirs):
             raise PermissionError(f"Path {path} is outside allowed directory {allowed_dir}")
     return resolved