mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-05-18 07:43:00 -07:00
Christian Gunderman
44d8db20c8
When `security.toolSandboxing` is enabled, the CLI now excludes the lower-fidelity tools (`grep_search`, `replace`, `write_file`, `read_file`) from the main agent. Instead, it relies on `run_shell_command` (e.g. `sed`, `grep`, `cat`, `echo >`) to perform these actions. To maintain UX and telemetry parity, `run_shell_command` now infers common file operations. When detected: - The UI title is updated to a high-fidelity display (e.g. "Shell (Read File)", "Shell (Replace)"). - File editing/writing commands (like `sed -i` or `echo >`) generate a predicted diff view for the user during confirmation. - The execution emits the standard `FileOperationEvent` telemetry using the canonical tool names, ensuring metrics consistency.