fix(resolve-file-uri): remove project boundary check for prompt file:// URIs

Remove the `isWithinProject` boundary restriction from `resolvePromptAppend()`
so that `file://` prompt URIs behave as documented — supporting absolute,
home-relative (`~/`), and project-relative paths — instead of being silently
rejected with a warning placeholder.

Since commit 9865978 ("fix(security): confine file resolution to project
roots"), `resolvePromptAppend()` called `isWithinProject(filePath, configDir ??
process.cwd())` and rejected any path outside the current working directory or
config directory.  This contradicts the configuration reference which explicitly
lists absolute, relative, and home-relative forms as supported.  Users following
the documented examples receive a silent `[WARNING: Path rejected: ...]`
placeholder instead of their intended prompt content.

The boundary check was originally added for security, but `prompt` and
`prompt_append` are user-configured fields — the user is deliberately pointing
to a file they want loaded into the agent prompt.  The check prevents legitimate
cross-project prompt sharing, a use case the documentation describes as a
primary motivation for `file://` support.

Fixes the root cause behind #3554.

Changes:
- resolve-file-uri.ts: remove `isWithinProject` import, `log` import, and the
  boundary check block (projectRoot declaration + if-statement + log + return).
- resolve-file-uri.test.ts: remove 3 rejection tests that enforced the boundary;
  add a test verifying absolute paths load regardless of configDir; update the
  home-directory test to expect success; remove the now-unused symlink fixture.

Test: resolve-file-uri 8 pass / 0 fail, sisyphus-junior 47 pass / 0 fail.
Typecheck: clean.

Author: nerored

src/agents/builtin-agents/resolve-file-uri.test.ts

@@ -25,7 +25,6 @@ describe("resolvePromptAppend", () => {
   const spacedFilePath = join(fixtureRoot, "with space.txt")
   const homeFilePath = join(homeFixtureDir, "home.txt")
   const escapedFilePath = join(fixtureRoot, "escaped.txt")
-  const linkedAbsolutePath = join(configDir, "linked-absolute.txt")
 
   beforeAll(async () => {
     mockedHomeDir = homeFixtureRoot
@@ -38,7 +37,6 @@ describe("resolvePromptAppend", () => {
     writeFileSync(spacedFilePath, "encoded-content", "utf8")
     writeFileSync(homeFilePath, "home-content", "utf8")
     writeFileSync(escapedFilePath, "escaped-content", "utf8")
-    symlinkSync(absoluteFilePath, linkedAbsolutePath)
 
     moduleImportCounter += 1
     ;({ resolvePromptAppend } = await import(`./resolve-file-uri?test=${moduleImportCounter}`))
@@ -50,115 +48,41 @@ describe("resolvePromptAppend", () => {
   })
 
   test("returns non-file URI strings unchanged", () => {
-    //#given
-    const input = "append this text"
-
-    //#when
-    const resolved = resolvePromptAppend(input)
-
-    //#then
-    expect(resolved).toBe(input)
+    expect(resolvePromptAppend("append this text")).toBe("append this text")
   })
 
   test("resolves absolute file URI to file contents", () => {
-    //#given
-    const input = `file://${absoluteFilePath}`
-
-    //#when
-    const resolved = resolvePromptAppend(input, fixtureRoot)
+    expect(resolvePromptAppend(`file://${absoluteFilePath}`, fixtureRoot))
+      .toBe("absolute-content")
+  })
 
-    //#then
-    expect(resolved).toBe("absolute-content")
+  test("resolves absolute file URI regardless of project boundary", () => {
+    expect(resolvePromptAppend(`file://${absoluteFilePath}`, configDir))
+      .toBe("absolute-content")
   })
 
   test("resolves relative file URI using configDir", () => {
-    //#given
-    const input = "file://./relative.txt"
-
-    //#when
-    const resolved = resolvePromptAppend(input, configDir)
-
-    //#then
-    expect(resolved).toBe("relative-content")
+    expect(resolvePromptAppend("file://./relative.txt", configDir))
+      .toBe("relative-content")
   })
 
   test("resolves home directory URI path", () => {
-    //#given
-    const input = "file://~/fixture-home/home.txt"
-
-    //#when
-    const resolved = resolvePromptAppend(input, homeFixtureRoot)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Path rejected:")
+    expect(resolvePromptAppend(`file://${homeFilePath}`))
+      .toBe("home-content")
   })
 
   test("resolves percent-encoded URI path", () => {
-    //#given
-    const input = `file://${encodeURIComponent(spacedFilePath)}`
-
-    //#when
-    const resolved = resolvePromptAppend(input, fixtureRoot)
-
-    //#then
-    expect(resolved).toBe("encoded-content")
+    expect(resolvePromptAppend(`file://${encodeURIComponent(spacedFilePath)}`, fixtureRoot))
+      .toBe("encoded-content")
   })
 
   test("returns warning for malformed percent-encoding", () => {
-    //#given
-    const input = "file://%E0%A4%A"
-
-    //#when
-    const resolved = resolvePromptAppend(input)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Malformed file URI")
+    expect(resolvePromptAppend("file://%E0%A4%A"))
+      .toContain("[WARNING: Malformed file URI")
   })
 
   test("returns warning when file does not exist", () => {
-    //#given
-    const input = "file://./missing.txt"
-
-    //#when
-    const resolved = resolvePromptAppend(input, configDir)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Could not resolve file URI")
-  })
-
-  test("rejects absolute file URI outside configDir", () => {
-    //#given
-    const input = `file://${absoluteFilePath}`
-
-    //#when
-    const resolved = resolvePromptAppend(input, configDir)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Path rejected:")
-    expect(resolved).not.toContain("absolute-content")
-  })
-
-  test("rejects traversal file URI that escapes configDir", () => {
-    //#given
-    const input = "file://../escaped.txt"
-
-    //#when
-    const resolved = resolvePromptAppend(input, configDir)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Path rejected:")
-    expect(resolved).not.toContain("escaped-content")
-  })
-
-  test("rejects symlink file URI that escapes configDir", () => {
-    //#given
-    const input = "file://./linked-absolute.txt"
-
-    //#when
-    const resolved = resolvePromptAppend(input, configDir)
-
-    //#then
-    expect(resolved).toContain("[WARNING: Path rejected:")
-    expect(resolved).not.toContain("absolute-content")
+    expect(resolvePromptAppend("file://./missing.txt", configDir))
+      .toContain("[WARNING: Could not resolve file URI")
   })
 })

src/agents/builtin-agents/resolve-file-uri.ts

@@ -1,8 +1,6 @@
 import { existsSync, readFileSync } from "node:fs"
 import { homedir } from "node:os"
 import { isAbsolute, resolve } from "node:path"
-import { isWithinProject } from "../../shared/contains-path"
-import { log } from "../../shared/logger"
 
 export function resolvePromptAppend(promptAppend: string, configDir?: string): string {
   if (!promptAppend.startsWith("file://")) return promptAppend
@@ -20,16 +18,6 @@ export function resolvePromptAppend(promptAppend: string, configDir?: string): s
     return `[WARNING: Malformed file URI (invalid percent-encoding): ${promptAppend}]`
   }
 
-  const projectRoot = configDir ?? process.cwd()
-  if (!isWithinProject(filePath, projectRoot)) {
-    log("[resolve-file-uri] Rejected file URI outside project root", {
-      promptAppend,
-      filePath,
-      projectRoot,
-    })
-    return `[WARNING: Path rejected: ${promptAppend}]`
-  }
-
   if (!existsSync(filePath)) {
     return `[WARNING: Could not resolve file URI: ${promptAppend}]`
   }