Maintainer backlog item
WebMuse has sandbox path policy foundations, but public documentation needs clearer examples of allowed and forbidden write targets.
Why this matters
The project exists to make AI-assisted construction safer. Reviewers and contributors should understand what paths are considered unsafe.
Proposed scope
Document examples for:
- allowed project workspace paths
- Codex write-root boundaries
- forbidden system directories
- credential directories
- installation directories
- source roots outside the selected project
- Windows reparse point checks
Acceptance criteria
- Add examples to
docs/ARCHITECTURE.md or a dedicated sandbox document.
- Do not expose local private paths.
- Keep examples generic and safe.
Maintainer backlog item
WebMuse has sandbox path policy foundations, but public documentation needs clearer examples of allowed and forbidden write targets.
Why this matters
The project exists to make AI-assisted construction safer. Reviewers and contributors should understand what paths are considered unsafe.
Proposed scope
Document examples for:
Acceptance criteria
docs/ARCHITECTURE.mdor a dedicated sandbox document.