Feature request: allow outbound webhook calls from remote trigger sandbox
Summary
Remote triggers (CCR) currently block all outbound HTTP requests made via curl or Bash. This makes it impossible to send push notifications or webhook calls at the end of a scheduled agent run.
Use case
A common and valuable pattern for scheduled remote agents is to notify the user when the job completes -- for example, sending a digest to a push notification service like ntfy.sh after a weekly research or summarisation task.
Currently the agent runs successfully but the final notification step fails silently:
"The sandbox blocked the outbound curl request to ntfy.sh."
What we'd like
Allow remote triggers to make outbound HTTP POST requests to a user-configured allowlist of webhook URLs. At minimum, support common notification services (ntfy.sh, Pushover, custom webhook endpoints).
Workarounds considered
- Slack MCP -- works in sandbox but requires admin approval in many organisations
- Google Calendar MCP -- creates a calendar event as a notification proxy; works but poor UX
- Jira MCP -- creates a ticket as a notification; also poor UX
- WebFetch tool -- GET-only, cannot POST to webhook endpoints
None of these are acceptable substitutes for a simple outbound webhook call.
Suggested implementation
Allow users to specify a list of permitted outbound URLs in the trigger configuration. Only those URLs would be reachable from the sandbox, keeping the security model tight while enabling notification use cases.
This issue has 1 comment on GitHub. Read the full discussion on GitHub ↗