feat(core): ExecutionContext abstraction for task isolation (#532)

## Summary

- New `codeframe/core/sandbox/` package with `IsolationLevel` enum (none|worktree|cloud) and `ExecutionContext` dataclass
- `create_execution_context()` factory using existing `TaskWorktree` for WORKTREE isolation
- `--isolation` flag wired into `cf work start` and `cf work batch run`
- `conductor.py` creates context before each task dispatch, cleans up in `finally`
- `runtime.execute_agent()` creates context, passes `effective_repo_path` to all adapters
- `BatchRun.isolation: str` field with DB schema migration (ALTER TABLE guarded by try/except)
- 16 new tests covering full lifecycle; default `none` preserves all existing behavior

## Validation
- Review feedback: All addressed
- Demo: All 6 acceptance criteria verified via Showboat
- Tests: 16 new passing + 63 existing conductor tests passing
- CI: All checks green
- Linting: Clean

Closes #532

Author: frankbria

codeframe/cli/app.py

@@ -2319,6 +2319,12 @@ def work_start(
         help="Recovery action on stall: 'blocker' (default), 'retry', or 'fail'",
         click_type=click.Choice(["blocker", "retry", "fail"], case_sensitive=False),
     ),
+    isolation: str = typer.Option(
+        "none",
+        "--isolation",
+        help="Task execution isolation: none (default), worktree, or cloud",
+        click_type=click.Choice(["none", "worktree", "cloud"], case_sensitive=False),
+    ),
 ) -> None:
     """Start working on a task.
 
@@ -2331,6 +2337,7 @@ def work_start(
         codeframe work start abc123 --execute --engine plan
         codeframe work start abc123 --execute --dry-run
         codeframe work start abc123 --execute --verbose
+        codeframe work start abc123 --execute --isolation worktree
     """
     from codeframe.core.workspace import get_workspace
     from codeframe.core import tasks as tasks_module, runtime
@@ -2398,7 +2405,7 @@ def work_start(
                 state = runtime.execute_agent(
                     workspace, run, dry_run=dry_run, debug=debug, verbose=verbose,
                     engine=engine, stall_timeout_s=stall_timeout,
-                    stall_action=stall_action,
+                    stall_action=stall_action, isolation=isolation,
                 )
 
                 if state.status == AgentStatus.COMPLETED:
@@ -3550,6 +3557,12 @@ def batch_run(
         help="Recovery action on stall: 'blocker' (default), 'retry', or 'fail'",
         click_type=click.Choice(["blocker", "retry", "fail"], case_sensitive=False),
     ),
+    isolation: str = typer.Option(
+        "none",
+        "--isolation",
+        help="Task execution isolation: none (default), worktree, or cloud",
+        click_type=click.Choice(["none", "worktree", "cloud"], case_sensitive=False),
+    ),
 ) -> None:
     """Execute multiple tasks in batch.
 
@@ -3565,6 +3578,7 @@ def batch_run(
         codeframe work batch run --all-ready --engine plan
         codeframe work batch run task1 task2 --dry-run
         codeframe work batch run task1 task2 --retry 2
+        codeframe work batch run --all-ready --isolation worktree
     """
     from codeframe.core.workspace import get_workspace
     from codeframe.core import tasks as tasks_module, conductor
@@ -3663,6 +3677,7 @@ def batch_run(
             engine=engine,
             stall_timeout_s=stall_timeout,
             stall_action=stall_action,
+            isolation=isolation,
         )
 
         # Show summary

codeframe/core/conductor.py

@@ -538,6 +538,7 @@ class BatchRun:
     stall_action: str = "blocker"
     concurrency: ConcurrencyConfig = field(default_factory=ConcurrencyConfig)
     isolate: bool = True
+    isolation: str = "none"
 
 
 def start_batch(
@@ -554,6 +555,7 @@ def start_batch(
     stall_action: str = "blocker",
     concurrency_by_status: Optional[dict[str, int]] = None,
     isolate: bool = True,
+    isolation: str = "none",
 ) -> BatchRun:
     """Start a batch execution of multiple tasks.
 
@@ -609,6 +611,7 @@ def start_batch(
         stall_action=stall_action,
         concurrency=concurrency,
         isolate=isolate,
+        isolation=isolation,
     )
 
     # Save to database
@@ -1014,8 +1017,17 @@ def _execute_serial_resume(
         if on_event:
             on_event("batch_task_started", {"task_id": task_id, "position": i + 1, "is_retry": True})
 
-        # Execute task via subprocess
-        result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+        # Execute task via subprocess (with isolation context)
+        from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+        exec_ctx = create_execution_context(task_id, IsolationLevel(batch.isolation), workspace.repo_path)
+        try:
+            result_status = _execute_task_subprocess(
+                workspace, task_id, batch.id, engine=batch.engine,
+                stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action,
+                worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+            )
+        finally:
+            exec_ctx.cleanup()
 
         # Record result (overwrites previous result)
         batch.results[task_id] = result_status
@@ -1182,8 +1194,17 @@ def _execute_retries(
             print(f"\n[Retry {retry_num}, {i + 1}/{len(failed_tasks)}] {task_id}: {task_title}")
             print(f"      Previous: {previous_status}")
 
-            # Execute task
-            result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+            # Execute task (with isolation context)
+            from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+            exec_ctx = create_execution_context(task_id, IsolationLevel(batch.isolation), workspace.repo_path)
+            try:
+                result_status = _execute_task_subprocess(
+                    workspace, task_id, batch.id, engine=batch.engine,
+                    stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action,
+                    worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+                )
+            finally:
+                exec_ctx.cleanup()
 
             # Update result
             batch.results[task_id] = result_status
@@ -1402,16 +1423,29 @@ def _execute_serial(
             if on_event:
                 on_event("batch_task_started", {"task_id": task_id, "position": i + 1})
 
-            # Execute task via subprocess
-            result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+            # Execute task via subprocess (with isolation context)
+            from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+            exec_ctx = create_execution_context(task_id, IsolationLevel(batch.isolation), workspace.repo_path)
+            try:
+                result_status = _execute_task_subprocess(
+                    workspace, task_id, batch.id, engine=batch.engine,
+                    stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action,
+                    worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+                )
 
-            # If task is BLOCKED, try supervisor resolution
-            if result_status == RunStatus.BLOCKED.value:
-                supervisor = get_supervisor(workspace)
-                if supervisor.try_resolve_blocked_task(task_id):
-                    # Supervisor resolved the blocker - retry the task
-                    print("      [Supervisor] Retrying task after auto-resolution...")
-                    result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+                # If task is BLOCKED, try supervisor resolution
+                if result_status == RunStatus.BLOCKED.value:
+                    supervisor = get_supervisor(workspace)
+                    if supervisor.try_resolve_blocked_task(task_id):
+                        # Supervisor resolved the blocker - retry the task
+                        print("      [Supervisor] Retrying task after auto-resolution...")
+                        result_status = _execute_task_subprocess(
+                            workspace, task_id, batch.id, engine=batch.engine,
+                            stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action,
+                            worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+                        )
+            finally:
+                exec_ctx.cleanup()
 
             # Record result
             batch.results[task_id] = result_status
@@ -1803,16 +1837,37 @@ def _execute_single_task(
     if on_event:
         on_event("batch_task_started", {"task_id": task_id, "position": position})
 
-    # Execute task via subprocess
-    result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+    # Create execution context (handles isolation level; NONE is a no-op)
+    from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+    exec_ctx = create_execution_context(
+        task_id, IsolationLevel(batch.isolation), workspace.repo_path
+    )
+
+    try:
+        # Execute task via subprocess
+        result_status = _execute_task_subprocess(
+            workspace, task_id, batch.id,
+            engine=batch.engine,
+            stall_timeout_s=batch.stall_timeout_s,
+            stall_action=batch.stall_action,
+            worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+        )
 
-    # If task is BLOCKED, try supervisor resolution
-    if result_status == RunStatus.BLOCKED.value:
-        supervisor = get_supervisor(workspace)
-        if supervisor.try_resolve_blocked_task(task_id):
-            # Supervisor resolved the blocker - retry the task
-            print("      [Supervisor] Retrying task after auto-resolution...")
-            result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+        # If task is BLOCKED, try supervisor resolution
+        if result_status == RunStatus.BLOCKED.value:
+            supervisor = get_supervisor(workspace)
+            if supervisor.try_resolve_blocked_task(task_id):
+                # Supervisor resolved the blocker - retry the task
+                print("      [Supervisor] Retrying task after auto-resolution...")
+                result_status = _execute_task_subprocess(
+                    workspace, task_id, batch.id,
+                    engine=batch.engine,
+                    stall_timeout_s=batch.stall_timeout_s,
+                    stall_action=batch.stall_action,
+                    worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+                )
+    finally:
+        exec_ctx.cleanup()
 
     # Record result
     batch.results[task_id] = result_status
@@ -1902,8 +1957,23 @@ def execute_task(task_id: str) -> tuple[str, str]:
         if on_event:
             on_event("batch_task_started", {"task_id": task_id, "parallel": True})
 
-        # Execute via subprocess
-        result_status = _execute_task_subprocess(workspace, task_id, batch.id, engine=batch.engine, stall_timeout_s=batch.stall_timeout_s, stall_action=batch.stall_action)
+        # Create execution context for this task
+        from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+        exec_ctx = create_execution_context(
+            task_id, IsolationLevel(batch.isolation), workspace.repo_path
+        )
+
+        try:
+            # Execute via subprocess
+            result_status = _execute_task_subprocess(
+                workspace, task_id, batch.id,
+                engine=batch.engine,
+                stall_timeout_s=batch.stall_timeout_s,
+                stall_action=batch.stall_action,
+                worktree_path=exec_ctx.workspace_path if exec_ctx.workspace_path != workspace.repo_path else None,
+            )
+        finally:
+            exec_ctx.cleanup()
 
         # Record result (thread-safe due to GIL for simple dict operations)
         batch.results[task_id] = result_status
@@ -2062,12 +2132,21 @@ def _save_batch(workspace: Workspace, batch: BatchRun) -> None:
         conn = get_db_connection(workspace)
         try:
             cursor = conn.cursor()
+            # Ensure isolation column exists (migration for existing databases)
+            try:
+                cursor.execute(
+                    "ALTER TABLE batch_runs ADD COLUMN isolation TEXT DEFAULT 'none'"
+                )
+                conn.commit()
+            except Exception:
+                pass  # Column already exists
+
             cursor.execute(
                 """
                 INSERT OR REPLACE INTO batch_runs
                 (id, workspace_id, task_ids, status, strategy, max_parallel, on_failure,
-                 started_at, completed_at, results, engine)
-                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+                 started_at, completed_at, results, engine, isolation)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
                 """,
                 (
                     batch.id,
@@ -2081,6 +2160,7 @@ def _save_batch(workspace: Workspace, batch: BatchRun) -> None:
                     completed_at,
                     results_json,
                     batch.engine,
+                    batch.isolation,
                 ),
             )
             conn.commit()
@@ -2102,4 +2182,5 @@ def _row_to_batch(row: tuple) -> BatchRun:
         completed_at=datetime.fromisoformat(row[8]) if row[8] else None,
         results=json.loads(row[9]) if row[9] else {},
         engine=row[10] if len(row) > 10 and row[10] else "plan",
+        isolation=row[11] if len(row) > 11 and row[11] else "none",
     )

codeframe/core/runtime.py

@@ -599,6 +599,7 @@ def execute_agent(
     engine: str = "react",
     stall_timeout_s: int = 300,
     stall_action: str = "blocker",
+    isolation: str = "none",
 ) -> "AgentState":
     """Execute a task using the agent orchestrator.
 
@@ -675,6 +676,13 @@ def execute_agent(
     import time as _time_mod
     _perf_start_ms = int(_time_mod.monotonic() * 1000)
 
+    # Create execution context (handles isolation; NONE is a no-op)
+    from codeframe.core.sandbox.context import IsolationLevel, create_execution_context
+    exec_ctx = create_execution_context(
+        run.task_id, IsolationLevel(isolation), workspace.repo_path
+    )
+    effective_repo_path = exec_ctx.workspace_path
+
     try:
         # Execute before_task hook (aborts on failure)
         if env_config and hook_ctx:
@@ -733,7 +741,7 @@ def on_adapter_event(event: AdapterEvent) -> None:
             )
 
             result = wrapper.run(
-                run.task_id, packaged.prompt, workspace.repo_path,
+                run.task_id, packaged.prompt, effective_repo_path,
                 on_event=on_adapter_event,
             )
         else:
@@ -758,7 +766,7 @@ def on_adapter_event(event: AdapterEvent) -> None:
             )
 
             result = adapter.run(
-                run.task_id, "", workspace.repo_path,
+                run.task_id, "", effective_repo_path,
                 on_event=on_adapter_event,
             )
 
@@ -866,6 +874,8 @@ def on_adapter_event(event: AdapterEvent) -> None:
     finally:
         # Always close the output logger to ensure file is properly flushed
         output_logger.close()
+        # Clean up execution context (no-op for NONE, removes worktree for WORKTREE)
+        exec_ctx.cleanup()
 
 
 def _event_type_to_category(event_type: str):

codeframe/core/sandbox/__init__.py

@@ -0,0 +1,13 @@
+"""Execution environment sandbox abstraction.
+
+Provides ExecutionContext and IsolationLevel for isolating task execution
+from the shared filesystem.
+"""
+
+from codeframe.core.sandbox.context import (
+    ExecutionContext,
+    IsolationLevel,
+    create_execution_context,
+)
+
+__all__ = ["ExecutionContext", "IsolationLevel", "create_execution_context"]