I'm reading through the 0.4/0.5 changelog and i've seen the changes. I agree and like almost everything.
Tho, i kinda don't like this user's shell with full process.env. While i get it, i still think we should have some sort of option like init({ processEnv: 'limited' }) which would restrict it to just $PATH and $HOME. Eventho it's "local" i don't necessarily want to expose the entirety of my env.
Also, if it's sandbox: local and init({ processEnv: { something } }) the env to be ONLY the thing passed things, no merge.
I mean, it's kinda nitpick but.. make sense.
Okay, the 0.4.1 kinda adds that session.shell() now redacts env values in transcript history. too which is good. But still, that applies only to shell() calls, not per-agent/skill?
I'm reading through the 0.4/0.5 changelog and i've seen the changes. I agree and like almost everything.
Tho, i kinda don't like this
user's shell with full process.env. While i get it, i still think we should have some sort of option likeinit({ processEnv: 'limited' })which would restrict it to just$PATHand$HOME. Eventho it's "local" i don't necessarily want to expose the entirety of my env.Also, if it's
sandbox: localandinit({ processEnv: { something } })the env to be ONLY the thing passed things, no merge.I mean, it's kinda nitpick but.. make sense.
Okay, the 0.4.1 kinda adds that
session.shell() now redacts env values in transcript history.too which is good. But still, that applies only toshell()calls, not per-agent/skill?