feat: enhance user authorization checks in GatewayRunner

- Updated the authorization logic to include a per-platform allow-all flag for improved flexibility. - Revised the order of checks to prioritize platform-specific allow-all settings, followed by environment variable allowlists and DM pairing approvals. - Added global allow-all configuration for broader access control. - Improved handling of allowlists by stripping whitespace and ensuring valid entries are processed.
2026-04-25 00:51:20 +00:00 · 2026-02-22 16:32:08 -08:00 · 2026-02-22 16:32:08 -08:00 · e1604b2b4a
commit e1604b2b4a
parent db23f51bc6
3 changed files with 42 additions and 24 deletions
--- a/tools/terminal_tool.py
+++ b/tools/terminal_tool.py
@ -348,7 +348,14 @@ from tools.environments.modal import ModalEnvironment as _ModalEnvironment


 # Tool description for LLM
-TERMINAL_TOOL_DESCRIPTION = """Execute commands on a Linux environment. Filesystem persists between calls.
+TERMINAL_TOOL_DESCRIPTION = """Execute shell commands on a Linux environment. Filesystem persists between calls.
+
+Do NOT use cat/head/tail to read files — use read_file instead.
+Do NOT use grep/rg/find to search — use search_files instead.
+Do NOT use ls to list directories — use search_files(target='files') instead.
+Do NOT use sed/awk to edit files — use patch instead.
+Do NOT use echo/cat heredoc to create files — use write_file instead.
+Reserve terminal for: builds, installs, git, processes, scripts, network, package managers, and anything that needs a shell.

 Background processes: Set background=true to get a session_id, then use the 'process' tool to poll/wait/kill/write.
 Working directory: Use 'workdir' for per-command cwd.