[codex] Cap workspace clipboard paste payloads

[avifenesh]

Summary

Fixes #22 by adding a 64 KiB cap for text sent into the isolated workspace clipboard/paste paths and by making viewer input-forwarding copy explicit about host clipboard text crossing into the workspace.

Root Cause

validate_clipboard_text only rejected empty text and NUL bytes, so workspace_set_clipboard, workspace_paste_text, workspace_paste_window, and viewer-forwarded paste could carry an unbounded single text payload into the workspace. The viewer opt-in text also described generic paste without making the host clipboard source clear.

Changes

• Added MAX_CLIPBOARD_TEXT_BYTES at 64 KiB and enforce it in shared clipboard validation.
• Return an actionable oversized-payload error suggesting smaller selections or mounted files for large content.
• Preflight oversized host clipboard text in the viewer before queuing a forwarded paste.
• Updated viewer messages/tooltips/footer wording to explicitly name host clipboard paste.
• Updated MCP tool descriptions and GPUI viewer direction docs to mention the cap and host-to-workspace paste direction.

Validation

• cargo fmt --check
• cargo test --bin agent-workspace-linux clipboard_text_rejects_oversized_payloads
• cargo test --bin agent-workspace-linux host_clipboard_size_message_names_workspace_paste_boundary
• cargo test --bin agent-workspace-linux input_forwarding_queue_keeps_recent_requests_with_fixed_cap
• cargo test --bin agent-workspace-linux
• cargo build --bin agent-workspace-linux
• Isolated CLI smoke with a temp XDG_RUNTIME_DIR: start workspace, send a 65,537-byte payload to workspace paste and workspace clipboard-set, verify both exit with clipboard text is 65537 bytes; maximum is 65536 bytes..., then stop workspace.

[gemini-code-assist]

Code Review

This pull request implements a 64 KiB cap on host clipboard text forwarded to the isolated agent workspace. The changes include updating documentation, tool descriptions, and user-facing messages to reflect this limit, as well as adding validation checks in both the viewer and workspace modules to reject oversized payloads. Corresponding unit tests have also been added to verify this behavior. There are no review comments, and I have no feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.