Fork: 0
root / navi-1
Browse code
Add multi-user sandbox: filesystem, terminal, code_exec, security policy
- filesystem, share_file: sandbox non-admin users to user_data/<user_id>/
- terminal: working_dir sandbox + allowlist + dangerous pattern block for users
- code_exec: sandbox CWD and temp files to user_data/<user_id>/ for users
- context_builder: inject dynamic security policy into LLM context (user/admin)
- config: terminal_user_allowed_commands setting
- agent: wire user_id/user_role through ContextBuilder.build()
- base: add current_user_role ContextVar; run_ephemeral inherits role

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
feature/navi-code master vmkdemo
1 parent df61f76 commit db0261bf40639e116e19adacb4cfa3b1d1a802a1
@Eugene Sukhodolskiy Eugene Sukhodolskiy authored on 8 May
Patch
Unified Split
Showing 10 changed files
View
navi/api/routes/messages.py
View
navi/api/websocket.py
View
navi/config.py
View
navi/core/agent.py
View
navi/core/context_builder.py
View
navi/tools/base.py
View
navi/tools/code_exec.py
View
navi/tools/filesystem.py
View
navi/tools/share_file.py
View
navi/tools/terminal.py