fix: describe sandboxed elevated in prompt

2026-05-10 04:12:44 +00:00 · 2026-01-10 21:37:04 +01:00
parent 3389231ecb
commit 46e00ad5e7
6 changed files with 101 additions and 3 deletions
--- a/src/agents/system-prompt.ts
+++ b/src/agents/system-prompt.ts
@@ -31,6 +31,10 @@ export function buildAgentSystemPrompt(params: {
    agentWorkspaceMount?: string;
    browserControlUrl?: string;
    browserNoVncUrl?: string;
+    elevated?: {
+      allowed: boolean;
+      defaultLevel: "on" | "off";
+    };
  };
 }) {
  const toolSummaries: Record<string, string> = {
@@ -219,7 +223,7 @@ export function buildAgentSystemPrompt(params: {
    params.sandboxInfo?.enabled ? "## Sandbox" : "",
    params.sandboxInfo?.enabled
      ? [
-          "Tool execution is isolated in a Docker sandbox.",
+          "You are running in a sandboxed runtime (tools execute in Docker).",
          "Some tools may be unavailable due to sandbox policy.",
          params.sandboxInfo.workspaceDir
            ? `Sandbox workspace: ${params.sandboxInfo.workspaceDir}`
@@ -237,6 +241,20 @@ export function buildAgentSystemPrompt(params: {
          params.sandboxInfo.browserNoVncUrl
            ? `Sandbox browser observer (noVNC): ${params.sandboxInfo.browserNoVncUrl}`
            : "",
+          params.sandboxInfo.elevated?.allowed
+            ? "Elevated bash is available for this session."
+            : "",
+          params.sandboxInfo.elevated?.allowed
+            ? "User can toggle with /elevated on|off."
+            : "",
+          params.sandboxInfo.elevated?.allowed
+            ? "You may also send /elevated on|off when needed."
+            : "",
+          params.sandboxInfo.elevated?.allowed
+            ? `Current elevated level: ${
+                params.sandboxInfo.elevated.defaultLevel
+              } (on runs bash on host; off runs in sandbox).`
+            : "",
        ]
          .filter(Boolean)
          .join("\n")