Dataface Tasks
    Heartbeat snapshot (JSON)

    CBox Process: diagnose and hard-fail silent cbox review failures in sandboxes

    IDINFRA_TOOLING-CBOX_PROCESS_DIAGNOSE_AND_HARD_FAIL_SILENT_CBOX_REVIEW_FAILURES_IN_SANDBOXES
    Statusdone
    Priorityp1
    Milestonem1-ft-analytics-analyst-pilot
    Ownerhead-of-engineering

    Problem

    When cbox review runs inside a sandbox container (CBOX_CONTAINER=1), it uses an in-container tmux-based review path rather than launching a separate Docker container. However, when the tmux/Claude startup silently fails, the review produces no output — and the operator (or manager agent) misdiagnoses this as "Docker is missing" rather than "the in-container review path broke." This misdiagnosis led to the review gate being bypassed entirely during the M1-INFRA-027 forensic run, allowing an unreviewed PR through. The root cause is that cbox has no deterministic detection of which review path it should be using, no explicit error surfacing for tmux startup failures, and no policy guard preventing a "Docker-missing" diagnosis when already running inside a container.

    Context

    Possible Solutions

    Plan

    Implementation Progress

    • Closed 2026-03-04: fully implemented across PR #453 (commit 9579451) and PR #462 (commit 7679e65). PR #453 added is_inside_container() detection, hard-fail RuntimeError on tmux/Claude startup timeout, and policy guard preventing Docker-missing misdiagnosis inside containers. PR #462 hardened detection with cbox marker fallback in Dockerfile. 8+ focused tests cover detection, hard-fail, and policy guard paths.

    Review Feedback

    • [ ] Review cleared