Grok Build 0.2.66 changelog - what changed

[changed] Custom sandbox profiles now support a deny list that is kernel-enforced on both Linux and macOS (read + write/rename). Denied paths can use globs and are respected by tools such as bash, grep, and subagents.
[changed] Grok now refuses to start (fail-closed) when a custom profile cannot be applied, rather than running with denied paths exposed. This applies on both platforms when bubblewrap is missing on Linux or when a sandbox.toml is malformed.
[changed] Documentation for built-in profiles and custom profiles has been updated to reflect the new enforcement behavior, glob syntax, and platform-specific details.

Under the hood

Internal manifest and version metadata updated for the release.
Sandbox implementation now expands globs at launch on Linux (exact paths only for airtight coverage of later-created files) while using runtime Seatbelt regexes on macOS.

[changed] Custom sandbox profiles now support a deny list that is kernel-enforced on both Linux and macOS (read + write/rename). Denied paths can use globs and are respected by tools such as bash, grep, and subagents.
[changed] Grok now refuses to start (fail-closed) when a custom profile cannot be applied, rather than running with denied paths exposed. This applies on both platforms when bubblewrap is missing on Linux or when a sandbox.toml is malformed.
[changed] Documentation for built-in profiles and custom profiles has been updated to reflect the new enforcement behavior, glob syntax, and platform-specific details.

Internal manifest and version metadata updated for the release.
Sandbox implementation now expands globs at launch on Linux (exact paths only for airtight coverage of later-created files) while using runtime Seatbelt regexes on macOS.