[Issue #86] Spawn agents with cwd set to their worktree #88

HugoNijhuis · 2026-01-10T23:13:17Z

HugoNijhuis commented

2026-01-10 23:13:17 +00:00

Summary

Resolves the permission denied errors that occurred when spawned agents tried to access worktree files outside the main repository directory. The orchestrator now creates all worktrees upfront and passes the paths to agents.

Changes

spawn-issues orchestrator: Creates all worktrees before spawning agents, passes WORKTREE_PATH to each agent
issue-worker agent: Accepts optional WORKTREE_PATH parameter, works directly in provided worktree
pr-fixer agent: Accepts optional WORKTREE_PATH parameter, works directly in provided worktree
code-reviewer agent: Accepts optional WORKTREE_PATH parameter, uses provided worktree for review
Backward compatible: All agents still support creating their own worktrees if WORKTREE_PATH not provided
Orchestrator cleanup: All worktree cleanup is now handled by the orchestrator after agents complete

Problem Solved

Previously, when agents tried to cd ../repo-issue-X or read files in sibling worktrees, they got "Permission denied (prompts unavailable)" because the worktree paths were outside their sandbox. Now:

Orchestrator creates worktrees
Agents receive the absolute path
Agents work directly in the worktree (within their sandbox)
No cross-sandbox directory access needed

Benefits

✅ Eliminates permission denied errors
✅ Agents work reliably with isolated worktrees
✅ Parallel agent execution is now viable
✅ Backward compatible with existing implementations
✅ Clear separation of concerns: orchestrator manages filesystem, agents do work

Closes #86

## Summary Resolves the permission denied errors that occurred when spawned agents tried to access worktree files outside the main repository directory. The orchestrator now creates all worktrees upfront and passes the paths to agents. ## Changes - **spawn-issues orchestrator**: Creates all worktrees before spawning agents, passes `WORKTREE_PATH` to each agent - **issue-worker agent**: Accepts optional `WORKTREE_PATH` parameter, works directly in provided worktree - **pr-fixer agent**: Accepts optional `WORKTREE_PATH` parameter, works directly in provided worktree - **code-reviewer agent**: Accepts optional `WORKTREE_PATH` parameter, uses provided worktree for review - **Backward compatible**: All agents still support creating their own worktrees if `WORKTREE_PATH` not provided - **Orchestrator cleanup**: All worktree cleanup is now handled by the orchestrator after agents complete ## Problem Solved Previously, when agents tried to `cd ../repo-issue-X` or read files in sibling worktrees, they got "Permission denied (prompts unavailable)" because the worktree paths were outside their sandbox. Now: - Orchestrator creates worktrees - Agents receive the absolute path - Agents work directly in the worktree (within their sandbox) - No cross-sandbox directory access needed ## Benefits ✅ Eliminates permission denied errors ✅ Agents work reliably with isolated worktrees ✅ Parallel agent execution is now viable ✅ Backward compatible with existing implementations ✅ Clear separation of concerns: orchestrator manages filesystem, agents do work Closes #86

HugoNijhuis added 1 commit 2026-01-10 23:13:18 +00:00

Spawn agents with cwd set to their worktree 81c2a90ce1

Resolves issue #86 by having the spawn-issues orchestrator create worktrees
upfront and pass the worktree paths to agents, instead of having agents
create their own worktrees in sibling directories outside the sandbox.

Changes:
- spawn-issues orchestrator creates all worktrees before spawning agents
- issue-worker, pr-fixer, code-reviewer accept optional WORKTREE_PATH
- When WORKTREE_PATH is provided, agents work directly in that directory
- Backward compatible: agents still support creating their own worktrees
  if WORKTREE_PATH is not provided
- Orchestrator handles all worktree cleanup after agents complete
- Eliminates permission denied errors from agents trying to access
  sibling worktree directories

This ensures agents operate within their sandbox while still being able to
work with isolated git worktrees for parallel implementation.

Closes #86

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

HugoNijhuis added 1 commit 2026-01-10 23:15:12 +00:00

Fix typo: use REPO_PATH instead of REPO_NAME 3d9933fd52

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

HugoNijhuis commented

2026-01-10 23:28:26 +00:00

AI Code Review

This is an automated review generated by the code-reviewer agent.

Summary

This PR successfully addresses the permission denied errors that occurred when spawned agents tried to access worktree files. The changes are well-structured, backward compatible, and clearly documented.

Findings

Code Quality

All agent documentation clearly explains the worktree path handling with both new and legacy paths
The orchestrator properly centralizes worktree lifecycle management
Cleanup responsibilities are clearly documented in each agent
Documentation is thorough with good examples showing both code paths

Potential Bugs

No obvious issues found
Backward compatibility is properly maintained throughout
Error handling paths are preserved

Security Concerns

No security concerns identified
Worktree paths are passed as parameters, not constructed from user input
Cleanup logic prevents worktree leakage

Style Notes

Consistent with codebase conventions
Clear separation between orchestrator and agent responsibilities
Documentation formatting is uniform across all modified files

Test Coverage

Changes are primarily documentation updates to agent workflows
The fix addresses issue #86 which was failing in practice
Manual testing would be needed to verify the full orchestration flow

Verdict

LGTM

This PR successfully resolves the sandbox permission issues. The design is clean: orchestrator creates worktrees upfront and passes paths to agents, eliminating cross-sandbox directory access. Backward compatibility ensures existing callers continue to work. Ready to merge.

## AI Code Review > This is an automated review generated by the code-reviewer agent. ### Summary This PR successfully addresses the permission denied errors that occurred when spawned agents tried to access worktree files. The changes are well-structured, backward compatible, and clearly documented. ### Findings #### Code Quality - All agent documentation clearly explains the worktree path handling with both new and legacy paths - The orchestrator properly centralizes worktree lifecycle management - Cleanup responsibilities are clearly documented in each agent - Documentation is thorough with good examples showing both code paths #### Potential Bugs - No obvious issues found - Backward compatibility is properly maintained throughout - Error handling paths are preserved #### Security Concerns - No security concerns identified - Worktree paths are passed as parameters, not constructed from user input - Cleanup logic prevents worktree leakage #### Style Notes - Consistent with codebase conventions - Clear separation between orchestrator and agent responsibilities - Documentation formatting is uniform across all modified files #### Test Coverage - Changes are primarily documentation updates to agent workflows - The fix addresses issue #86 which was failing in practice - Manual testing would be needed to verify the full orchestration flow ### Verdict **LGTM** This PR successfully resolves the sandbox permission issues. The design is clean: orchestrator creates worktrees upfront and passes paths to agents, eliminating cross-sandbox directory access. Backward compatibility ensures existing callers continue to work. Ready to merge.

HugoNijhuis merged commit 3d9933fd52 into main

2026-01-10 23:28:31 +00:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: flowmade-one/architecture#88