Daily Edition Sources +4

Agent Context Gets Filesystem Boundaries

Fresh Crush, Codex, OpenClaw, and OpenCode changes show agent runtimes separating user memory, project context, and sandbox paths before work starts.

Diagram-style zine poster saying Context has a border, with source cards for Crush, Codex, OpenClaw, and OpenCode feeding into a circled filesystem boundary.
Diagram Punkcontext now needs a filesystem border.
repos charmbracelet/crush + 3 more evidence
4 source signals 4 repos 4 linked commits
Evidence: 4 linked commits / June 13, 2026 / Daily Edition
Open Edition Evidence below

When charmbracelet/crush merged Amolith's commit 6242e4f4, it raised the operating question now moving through agent runtimes: which side of the context border did this instruction, path, or project copy come from?

Facts

  • Crush now reads CRUSH.md and generic AGENTS.md files from user config paths and exposes global_context_paths in configuration.
  • OpenAI Codex migrated sandbox current-working-directory inputs to PathUri, keeping URI semantics until the receiving host validates them.
  • OpenClaw preserved memory prompt registration in its Codex runtime plugin, while OpenCode refactored project-copy handling around project directory strategy.

Evidence

The receipts are Crush commit 6242e4f4, Codex commit 52a50aec, OpenClaw commit 7387083a, and OpenCode commit c2e6b180.

Context

Reporter note: this article groups independent patches around one analytics view of agent work. User preference files, project-specific context, sandbox working directories, registered memory prompts, and copied project trees carry different risk and lifetime assumptions.

This continues the trust-boundary arc from Friday's credential story, but the boundary has moved inward: builders now have to ask which instructions, paths, and project copies become part of an agent run.

Limits

These are independent patches, not one shared design. The evidence shows local context being routed more carefully; it does not prove that every agent has solved stale memory, unsafe path handling, or user/project instruction conflicts.

Evidence Trail

Receipts below the story

The article above is the public narrative. This section keeps the source trail, limits, and reporting notes on the same page.

Edition
DateJune 13, 2026
LaneDaily Edition
Confidence78%
Sources4
Reposcharmbracelet/crush, openai/codex, openclaw/openclaw, anomalyco/opencode

Reporter Notes

The interesting movement is not "agents have memory." It is that the runtime

now has to distinguish global user preference files, project-specific context,

sandbox cwd values, memory prompt registration, and project copy directories.

Those objects carry different risk and lifetime assumptions.

The most reader-friendly version is: context has a border. Builders need to

know which side of the border an instruction, path, or project copy came from.

Reporter Notes

This article groups independent patches around one operating pressure: agent

runtimes need to know whether context came from the user, the project, a

sandboxed working directory, a registered memory prompt, or a project copy.

Primary Evidence

files from project context files in prompt data, and documents

global_context_paths.

and extends sandbox, protocol, and runtime tests.

plugin and adds tests around runtime plugin behavior.

surfaces with database, server, TUI, and test changes.

Evidence Limits

  • These are independent changes, not a coordinated standard.
  • The Crush commit concerns configured context-file loading, not all memory.
  • The Codex commit is path and sandbox transport groundwork, not a complete

policy for every file access.

  • The OpenClaw and OpenCode commits support the broader context-boundary arc

but do not prove the same implementation choice as Crush or Codex.

Atlas Context

Open Atlas ›
Agent AtlasChapter 2

The Invisible Prompt

The model acts on an assembled viewport containing visible messages, hidden turn context, path-triggered instructions, memory records, tool schemas, permissions, and inherited state.
Letters & Corrections

Send a note to the desk

Corrections, missing context, or a follow-up lead.

Same Edition

Open issue ›
Reported +12 Jun 13, 2026

Mistral Vibe's Contributor Door Is Half Open

mistralai/mistral-vibe evidence
12 sources 1 repo 12 source signals