put workspace roots in the environment context (#3375)

to keep the tool description constant when the writable roots change.
2025-09-10 15:10:52 -07:00
parent 8d766088e6
commit f69f07b028
3 changed files with 112 additions and 16 deletions
--- a/codex-rs/core/src/openai_tools.rs
+++ b/codex-rs/core/src/openai_tools.rs
@@ -240,17 +240,20 @@ fn create_shell_tool_for_sandbox(sandbox_policy: &SandboxPolicy) -> OpenAiTool {
    let description = match sandbox_policy {
        SandboxPolicy::WorkspaceWrite {
            network_access,
-            writable_roots,
            ..
        } => {
+            let network_line = if !network_access {
+                "\n    - Commands that require network access"
+            } else {
+                ""
+            };
+
            format!(
                r#"
 The shell tool is used to execute shell commands.
 - When invoking the shell tool, your call will be running in a sandbox, and some shell commands will require escalated privileges:
  - Types of actions that require escalated privileges:
-    - Writing files other than those in the writable roots
-      - writable roots:
-{}{}
+    - Writing files other than those in the writable roots (see the environment context for the allowed directories){network_line}
  - Examples of commands that require escalated privileges:
    - git commit
    - npm install or pnpm install
@@ -259,12 +262,6 @@ The shell tool is used to execute shell commands.
 - When invoking a command that will require escalated privileges:
  - Provide the with_escalated_permissions parameter with the boolean value true
  - Include a short, 1 sentence explanation for why we need to run with_escalated_permissions in the justification parameter."#,
-                writable_roots.iter().map(|wr| format!("        - {}", wr.to_string_lossy())).collect::<Vec<String>>().join("\n"),
-                if !network_access {
-                    "\n    - Commands that require network access\n"
-                } else {
-                    ""
-                }
            )
        }
        SandboxPolicy::DangerFullAccess => {
@@ -1105,11 +1102,8 @@ mod tests {
 The shell tool is used to execute shell commands.
 - When invoking the shell tool, your call will be running in a sandbox, and some shell commands will require escalated privileges:
  - Types of actions that require escalated privileges:
-    - Writing files other than those in the writable roots
-      - writable roots:
-        - workspace
+    - Writing files other than those in the writable roots (see the environment context for the allowed directories)
    - Commands that require network access
-
  - Examples of commands that require escalated privileges:
    - git commit
    - npm install or pnpm install