Unsandbox Lua scripts (#26365)

Per a conversation with @nathansobo, have the Lua scripts run
unsandboxed for now (while this feature is behind the staff feature
flag).

Release Notes:

- N/A

crates/assistant_scripting/src/sandbox_preamble.lua

@@ -3,6 +3,16 @@
 -- Create a sandbox environment
 local sandbox = {}
 
+-- For now, add all globals to `sandbox` (so there effectively is no sandbox).
+-- We still need the logic below so that we can do things like overriding print() to write
+-- to our in-memory log rather than to stdout, we will delete this loop (and re-enable
+-- the I/O module being sandboxed below) to have things be sandboxed again.
+for k, v in pairs(_G) do
+  if sandbox[k] == nil then
+    sandbox[k] = v
+  end
+end
+
 -- Allow access to standard libraries (safe subset)
 sandbox.string = string
 sandbox.table = table
@@ -25,8 +35,7 @@ local io = {}
 io.open = sb_io_open
 
 -- Add the sandboxed io library to the sandbox environment
-sandbox.io = io
+-- sandbox.io = io -- Uncomment this line to re-enable sandboxed file I/O.
-
 
 -- Load the script with the sandbox environment
 local user_script_fn, err = load(user_script, nil, "t", sandbox)

crates/assistant_scripting/src/session.rs

@@ -119,6 +119,14 @@ impl ScriptSession {
                 let lua = Lua::new();
                 lua.set_memory_limit(2 * 1024 * 1024 * 1024)?; // 2 GB
                 let globals = lua.globals();
+
+                // Use the project root dir as the script's current working dir.
+                if let Some(root_dir) = &root_dir {
+                    if let Some(root_dir) = root_dir.to_str() {
+                        globals.set("cwd", root_dir)?;
+                    }
+                }
+
                 globals.set(
                     "sb_print",
                     lua.create_function({