#16043: fix(sandbox): align fs-bridge and fs-paths write checks with tool-gating logic

## Summary PR #4026 (merged in 2026.2.13) introduced `SandboxFsBridge` which routes file ops through docker exec. Two places used `workspaceAccess === "rw"` to determine writability, which incorrectly blocked writes when `workspaceAccess` is `"none"`. The tool-gating logic in `pi-tools.ts:242` uses `!== "ro"`, so `"none"` should permit writes. **Fixes:** - `fs-bridge.ts` — `allowsWrites()` used `=== "rw"` → changed to `!== "ro"` - `fs-paths.ts` — `buildSandboxFsMounts()` workspace mount `writable` flag used `=== "rw"` → changed to `!== "ro"` Line 72 (agent mount) intentionally keeps `=== "rw"` since the agent workspace is excluded entirely when access is `"none"`. ## Test plan - [x] fs-bridge: added test "allows writes when workspaceAccess is none" - [x] fs-paths: added tests "marks workspace writable when workspaceAccess is none" and "marks workspace read-only when workspaceAccess is ro" - [x] `"none"` allows writes, `"ro"` blocks, `"rw"` allows 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed workspace write access checks to align with tool-gating logic. Changed two functions from using `workspaceAccess === "rw"` to `workspaceAccess !== "ro"`, so that `"none"` access mode now correctly permits writes instead of blocking them. Changes: - `fs-bridge.ts:232` — `allowsWrites()` helper now uses `!== "ro"` - `fs-paths.ts:60` — workspace mount `writable` flag now uses `!== "ro"` - Line 72 (agent mount) intentionally kept as `=== "rw"` since that block is excluded when access is `"none"` - Added test coverage for `"none"` allowing writes and `"ro"` blocking writes <h3>Confidence Score: 5/5</h3> - This PR is safe to merge with minimal risk - The fix correctly aligns workspace access checks with the tool-gating logic in `pi-tools.ts:254`. The changes are minimal, targeted, and well-tested. Line 72 is intentionally preserved as `=== "rw"` since the agent workspace mount is excluded entirely when access is `"none"` (guarded by line 66). All three access modes now behave correctly: `"none"` allows writes, `"ro"` blocks writes, `"rw"` allows writes. - No files require special attention _{Last reviewed commit: ff47dbc} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->