Safer defaults: tools are restricted to their base directory by default

This release introduces a breaking change: PythonTools and MLXTranscribeTools now operate only within their defined base directory by default. Workloads that previously accessed arbitrary filesystem paths will be constrained unless updated. The change improves security posture and prevents unintended file access.

Details

To maintain broader access, set restrict_to_base_dir=False or expand the base directory to include required paths
Provides stronger guardrails with minimal configuration overhead

Who this is for: Teams upgrading existing workloads that rely on cross-directory file access and need clear migration steps.