github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-04-18 06:07:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix (agents/sandbox): clarify container-vs-host workspace paths in prompt

Browse Source
This commit is contained in:
Vignesh Natarajan
2026-02-15 19:15:57 -08:00
parent ab1dc89a2d
commit 799049f586
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/agents/system-prompt.e2e.test.ts
View File

@@ -454,10 +454,12 @@ describe("buildAgentSystemPrompt", () => {
expect(prompt).toContain("Your working directory is: /workspace");
expect(prompt).toContain(
"For read/write/edit/apply_patch, file paths resolve against host workspace: /tmp/openclaw.",
"For read/write/edit/apply_patch, file paths resolve against host workspace: /tmp/openclaw. For bash/exec commands, use sandbox container paths under /workspace (or relative paths from that workdir), not host paths.",
);
expect(prompt).toContain("Sandbox container workdir: /workspace");
expect(prompt).toContain("Sandbox host workspace: /tmp/sandbox");
expect(prompt).toContain(
"Sandbox host mount source (file tools bridge only; not valid inside sandbox exec): /tmp/sandbox",
);
expect(prompt).toContain("You are running in a sandboxed runtime");
expect(prompt).toContain("Sub-agents stay sandboxed");
expect(prompt).toContain("User can toggle with /elevated on|off|ask|full.");

4
src/agents/system-prompt.ts
View File

@@ -366,7 +366,7 @@ export function buildAgentSystemPrompt(params: {
: sanitizedWorkspaceDir;
const workspaceGuidance =
params.sandboxInfo?.enabled && sanitizedSandboxContainerWorkspace
? `For read/write/edit/apply_patch, file paths resolve against host workspace: ${sanitizedWorkspaceDir}. Prefer relative paths so both sandboxed exec and file tools work consistently.`
? `For read/write/edit/apply_patch, file paths resolve against host workspace: ${sanitizedWorkspaceDir}. For bash/exec commands, use sandbox container paths under ${sanitizedSandboxContainerWorkspace} (or relative paths from that workdir), not host paths. Prefer relative paths so both sandboxed exec and file tools work consistently.`
: "Treat this directory as the single global workspace for file operations unless explicitly instructed otherwise.";
const safetySection = [
"## Safety",
@@ -488,7 +488,7 @@ export function buildAgentSystemPrompt(params: {
? `Sandbox container workdir: ${sanitizeForPromptLiteral(params.sandboxInfo.containerWorkspaceDir)}`
: "",
params.sandboxInfo.workspaceDir
? `Sandbox host workspace: ${sanitizeForPromptLiteral(params.sandboxInfo.workspaceDir)}`
? `Sandbox host mount source (file tools bridge only; not valid inside sandbox exec): ${sanitizeForPromptLiteral(params.sandboxInfo.workspaceDir)}`
: "",
params.sandboxInfo.workspaceAccess
? `Agent workspace access: ${params.sandboxInfo.workspaceAccess}${