Thales Maciel
d0cf6d8f21
Introduce explicit repro-fix, inspect, cold-start, and review-eval modes across the MCP server, CLI, and host helpers, with canonical mode-to-tool mappings, narrowed schemas, and mode-specific tool descriptions on top of the existing workspace runtime. Reposition the docs, host onramps, and use-case recipes so named modes are the primary user-facing startup story while the generic no-mode workspace-core path remains the escape hatch, and update the shared smoke runner to validate repro-fix and cold-start through mode-backed servers. Validation: UV_OFFLINE=1 UV_CACHE_DIR=.uv-cache uv run pytest --no-cov tests/test_api.py tests/test_server.py tests/test_host_helpers.py tests/test_public_contract.py tests/test_cli.py tests/test_workspace_use_case_smokes.py; UV_OFFLINE=1 UV_CACHE_DIR=.uv-cache make check; UV_OFFLINE=1 UV_CACHE_DIR=.uv-cache make dist-check; real guest-backed make smoke-repro-fix-loop smoke-cold-start-validation outside the sandbox.
813 B
813 B
Unsafe Or Untrusted Code Inspection
Recommended mode: inspect
Recommended startup:
pyro host connect codex --mode inspect
Smoke target:
make smoke-untrusted-inspection
Use this flow when the agent needs to inspect suspicious code or an unfamiliar repo without granting more capabilities than necessary.
Chat-host recipe:
- Create one workspace from the suspicious repo seed.
- Inspect the tree with structured file listing and file reads.
- Run the smallest possible command that produces the inspection report.
- Export only the report the agent chose to materialize.
- Delete the workspace when inspection is complete.
This recipe stays offline-by-default, uses only explicit file reads and execs, and exports only the inspection report the agent chose to materialize.