mirror/nanobot
1
0
Fork 0
mirror of https://github.com/HKUDS/nanobot.git synced 2026-05-01 23:35:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(shell): allow media directory access when restrict_to_workspace is enabled

Browse Source
This commit is contained in:
Shiniese 2026-04-01 15:45:02 +08:00 committed by Xubin Ren
parent ca3b918cf0
commit bc879386fe
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
nanobot/agent/tools/shell.py
View File

@ -183,7 +183,16 @@ class ExecTool(Tool):
p = Path(expanded).expanduser().resolve() p = Path(expanded).expanduser().resolve()
except Exception: except Exception:
continue continue
if p.is_absolute() and cwd_path not in p.parents and p != cwd_path:
from nanobot.config.paths import get_runtime_subdir
media_path = get_runtime_subdir("media").resolve()
if (p.is_absolute()
and cwd_path not in p.parents
and p != cwd_path
and media_path not in p.parents
and p != media_path
):
return "Error: Command blocked by safety guard (path outside working dir)" return "Error: Command blocked by safety guard (path outside working dir)"
return None return None