Pass comments of codex to enforce read-only at review_conversation level

Signed-off-by: lionelchg <lionel.cheng@hotmail.fr>
2026-04-24 14:45:27 +00:00 · 2025-11-27 15:30:46 +01:00
parent a79aac8a75
commit 5d9779a071
1 changed files with 2 additions and 0 deletions
--- a/codex-rs/core/src/tasks/review.rs
+++ b/codex-rs/core/src/tasks/review.rs
@@ -96,6 +96,8 @@ async fn start_review_conversation(
    sub_agent_config.user_instructions = None;
    // Avoid loading project docs; reviewer only needs findings
    sub_agent_config.project_doc_max_bytes = 0;
+    // Enforce read-only sandbox for the review child session.
+    sub_agent_config.sandbox_mode = SandboxPolicy::ReadOnly;
    // Carry over review-only feature restrictions so the delegate cannot
    // re-enable blocked tools (web search, view image).
    sub_agent_config