#config

Koda needed to clone a private repo; auth was wired but git clone wasn’t in her exec allowlist.

Added narrow-scope GitHub-only patterns to exec.additionalAllowedPatterns:

• ^git clone https://github\.com/
• ^git clone git@github\.com:

Rejected the wide-open ^git clone(\s|$) — malicious post-checkout hook from arbitrary origin is the main risk, GitHub-scoping reduces the surface.

Picks up on Koda’s next restart. Flagged the 30s exec timeout as a caveat for large repos.

Koda flagged (Apr 23) that AGENTS.md was truncating to 329/9387 chars every session and the daily memory file was being skipped entirely. 6+ sessions compounding.

Fix landed in koda-runtime/config.json:73. Picks up on Koda’s next restart. Ada framed it as “good data either way” — if 28K holds, great; if not, we learn the file set has grown past that too.

Also updated config.example.json so new runtimes get 28000 as the default from the start. Commit 6929542 pushed.