From f3ba34083d2136e96cad0336752d29cf9ff321ac Mon Sep 17 00:00:00 2001 From: Jason Mulligan Date: Fri, 3 Jul 2026 14:27:51 -0400 Subject: [PATCH 1/3] feat: split filesystem backend into core and DMZ backends - Sandboxed core backend to current working directory with virtual mode - New DMZ backend for unrestricted root access (context directory) - Refactor deepAgents to wire both backends via CompositeBackend --- src/agent/coreBackend.js | 7 +++---- src/agent/deepAgents.js | 4 +++- src/agent/dmzBackend.js | 12 ++++++++++++ 3 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 src/agent/dmzBackend.js diff --git a/src/agent/coreBackend.js b/src/agent/coreBackend.js index d2b3f30..4400acf 100644 --- a/src/agent/coreBackend.js +++ b/src/agent/coreBackend.js @@ -1,13 +1,12 @@ import { FilesystemBackend } from "deepagents"; /** - * Create a FilesystemBackend rooted at the filesystem root. + * Create a FilesystemBackend sandboxed to the current working directory. * @returns {FilesystemBackend} */ export function createCoreBackend() { - const baseDir = '/'; return new FilesystemBackend({ - rootDir: baseDir, - virtualMode: false, + rootDir: process.cwd(), + virtualMode: true, }); } diff --git a/src/agent/deepAgents.js b/src/agent/deepAgents.js index ea78586..9621a06 100644 --- a/src/agent/deepAgents.js +++ b/src/agent/deepAgents.js @@ -9,6 +9,7 @@ import { createChatModel } from "../provider/openai.js"; import { buildToolConfig } from "../tools/index.js"; import { createCoreBackend } from "./coreBackend.js"; import { createContextBackend } from "./contextBackend.js"; +import { createDmzBackend } from "./dmzBackend.js"; // Skill classification map — classifies each skill by agent type. // Skills are discovered dynamically; this map provides the classification // for filtering. Initially, all skills are classified as "subagent" since @@ -96,8 +97,8 @@ export async function createDeepAgentsOrchestrator(checkpointer = null) { }); const coreBackend = createCoreBackend(); + const dmzBackend = createDmzBackend(); const contextBackend = createContextBackend(); - const contextRoute = "/" + config.memory.contextDir.replace(/^\.?\//, ""); // Filter skill paths by agent type @@ -111,6 +112,7 @@ export async function createDeepAgentsOrchestrator(checkpointer = null) { store: new InMemoryStore(), backend: new CompositeBackend(coreBackend, { [contextRoute]: contextBackend, + "/": dmzBackend, }), subagents: [ { diff --git a/src/agent/dmzBackend.js b/src/agent/dmzBackend.js new file mode 100644 index 0000000..6782cd4 --- /dev/null +++ b/src/agent/dmzBackend.js @@ -0,0 +1,12 @@ +import { FilesystemBackend } from "deepagents"; + +/** + * Create a FilesystemBackend sandboxed to the current working directory. + * @returns {FilesystemBackend} + */ +export function createDmzBackend() { + return new FilesystemBackend({ + rootDir: '/', + virtualMode: false, + }); +} From 999e32faa41b70085c9401efcbf4b8cee066c2d0 Mon Sep 17 00:00:00 2001 From: Jason Mulligan Date: Fri, 3 Jul 2026 14:31:03 -0400 Subject: [PATCH 2/3] fix: correct docblock for createDmzBackend --- src/agent/dmzBackend.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/agent/dmzBackend.js b/src/agent/dmzBackend.js index 6782cd4..b397002 100644 --- a/src/agent/dmzBackend.js +++ b/src/agent/dmzBackend.js @@ -1,7 +1,8 @@ import { FilesystemBackend } from "deepagents"; /** - * Create a FilesystemBackend sandboxed to the current working directory. + * Create a FilesystemBackend with unrestricted root access. + * Used for context directory operations where sandboxing is not required. * @returns {FilesystemBackend} */ export function createDmzBackend() { From 3fef035b9bdbbfe40176904d58f73cec96883bf4 Mon Sep 17 00:00:00 2001 From: Jason Mulligan Date: Fri, 3 Jul 2026 14:40:58 -0400 Subject: [PATCH 3/3] fix: sandbox dmzBackend to /tmp instead of / --- src/agent/dmzBackend.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/agent/dmzBackend.js b/src/agent/dmzBackend.js index b397002..0ce92d5 100644 --- a/src/agent/dmzBackend.js +++ b/src/agent/dmzBackend.js @@ -1,13 +1,13 @@ import { FilesystemBackend } from "deepagents"; /** - * Create a FilesystemBackend with unrestricted root access. - * Used for context directory operations where sandboxing is not required. + * Create a FilesystemBackend sandboxed to /tmp. + * Used as a fallback backend for operations that don't fit other routes. * @returns {FilesystemBackend} */ export function createDmzBackend() { return new FilesystemBackend({ - rootDir: '/', + rootDir: '/tmp', virtualMode: false, }); }