chore(core): add build script for Windows sandbox helper

packages/cli/src/config/sandboxConfig.ts

@@ -131,8 +131,26 @@ export async function loadSandboxConfig(
     process.env['GEMINI_SANDBOX_IMAGE_DEFAULT'] ??
     packageJson?.config?.sandboxImageUri;
 
+  const networkAccess =
+    process.env['GEMINI_SANDBOX_NETWORK'] === 'true' ||
+    settings.tools?.sandboxNetworkAccess === true;
+
+  const allowedPathsEnv = process.env['GEMINI_SANDBOX_ALLOWED_PATHS']
+    ?.split(',')
+    .map((p) => p.trim())
+    .filter((p) => p.length > 0);
+
+  const allowedPaths =
+    allowedPathsEnv ?? settings.tools?.sandboxAllowedPaths ?? [];
+
   return command &&
     (image || command === 'sandbox-exec' || command === 'windows-native')
-    ? { enabled: true, allowedPaths: [], networkAccess: false, command, image }
+    ? {
+        enabled: true,
+        allowedPaths,
+        networkAccess,
+        command,
+        image,
+      }
     : undefined;
 }

packages/cli/src/config/settingsSchema.ts

@@ -1261,6 +1261,26 @@ const SETTINGS_SCHEMA = {
         `,
         showInDialog: false,
       },
+      sandboxNetworkAccess: {
+        type: 'boolean',
+        label: 'Sandbox Network Access',
+        category: 'Tools',
+        requiresRestart: true,
+        default: false,
+        description: 'Whether the sandbox has outbound network access.',
+        showInDialog: true,
+      },
+      sandboxAllowedPaths: {
+        type: 'array',
+        label: 'Sandbox Allowed Paths',
+        category: 'Tools',
+        requiresRestart: true,
+        default: [] as string[],
+        description: 'Additional host paths to allow the sandbox to access.',
+        showInDialog: true,
+        items: { type: 'string' },
+        mergeStrategy: MergeStrategy.UNION,
+      },
       shell: {
         type: 'object',
         label: 'Shell',

packages/cli/src/utils/sandbox.ts

@@ -211,6 +211,28 @@ export async function start_sandbox(
       });
     }
 
+    if (config.command === 'windows-native') {
+      debugLogger.log('using native windows sandboxing ...');
+      // process.argv is [node, script, ...args]
+      // We want to skip the first element (node) when calling spawn(process.execPath, ...)
+      const finalArgv = cliArgs.slice(1);
+      
+      const child = spawn(process.execPath, finalArgv, {
+        stdio: 'inherit',
+        env: {
+          ...process.env,
+          SANDBOX: 'windows-native',
+        },
+      });
+
+      return await new Promise((resolve, reject) => {
+        child.on('error', reject);
+        child.on('close', (code) => {
+          resolve(code ?? 1);
+        });
+      });
+    }
+
     if (config.command === 'lxc') {
       return await start_lxc_sandbox(config, nodeArgs, cliArgs);
     }