refactor(sandbox): drop legacy memory shorthand

2026-01-12 22:42:57 +00:00
parent ec5099db89
commit 72100ba3ab
4 changed files with 2 additions and 9 deletions
--- a/docs/gateway/sandbox-vs-tool-policy-vs-elevated.md
+++ b/docs/gateway/sandbox-vs-tool-policy-vs-elevated.md
@@ -79,8 +79,6 @@ Available groups:
 - `group:sessions`: `sessions_list`, `sessions_history`, `sessions_send`, `sessions_spawn`, `session_status`
 - `group:memory`: `memory_search`, `memory_get`

-Legacy shorthand: `memory` expands to `group:memory`.
-
 ## Elevated: exec-only “run on host”

 Elevated does **not** grant extra tools; it only affects `exec`.
--- a/docs/multi-agent-sandbox-tools.md
+++ b/docs/multi-agent-sandbox-tools.md
@@ -182,8 +182,6 @@ Sandbox tool policy supports `group:*` entries that expand to multiple concrete
 - `group:sessions`: `sessions_list`, `sessions_history`, `sessions_send`, `sessions_spawn`, `session_status`
 - `group:memory`: `memory_search`, `memory_get`

-Legacy shorthand: `memory` expands to `group:memory`.
-
 ### Elevated Mode
 `tools.elevated` is the global baseline (sender-based allowlist). `agents.list[].tools.elevated` can further restrict elevated for specific agents (both must allow).

--- a/src/agents/sandbox-explain.test.ts
+++ b/src/agents/sandbox-explain.test.ts
@@ -65,7 +65,7 @@ describe("sandbox explain helpers", () => {
    ]);
  });

-  it("supports legacy 'memory' shorthand and deny wins after expansion", () => {
+  it("denies still win after group expansion", () => {
    const cfg: ClawdbotConfig = {
      agents: {
        defaults: {
@@ -75,7 +75,7 @@ describe("sandbox explain helpers", () => {
      tools: {
        sandbox: {
          tools: {
-            allow: ["memory"],
+            allow: ["group:memory"],
            deny: ["memory_get"],
          },
        },
--- a/src/agents/sandbox.ts
+++ b/src/agents/sandbox.ts
@@ -269,9 +269,6 @@ function expandToolGroupEntry(entry: string): string[] {
  if (!raw) return [];
  const lower = raw.toLowerCase();

-  // Back-compat shorthand: "memory" => "group:memory"
-  if (lower === "memory") return TOOL_GROUPS["group:memory"];
-
  const group = TOOL_GROUPS[lower];
  if (group) return group;
  return [raw];