Document browser reliability layer and roadmap progress
This commit is contained in:
William Valentin
@@ -266,6 +266,7 @@ Flynn treats content provenance as part of the control boundary:
|
||||
- `web.fetch`, `web.search`, and `browser.content` outputs are treated as untrusted "fetched_content".
|
||||
- Tool results are wrapped in provenance markers inside the tool loop.
|
||||
- Once untrusted content is seen, ToolExecutor applies stricter gating (blocks obvious injection patterns for high-risk tools).
|
||||
- Browser workflow tools add execution guardrails in the tool layer: `allowed_domains`, explicit high-risk confirmations, bounded retry policies, and step-budget enforcement.
|
||||
|
||||
Key files:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user