diff --git a/PROJECT_CONTEXT.md b/PROJECT_CONTEXT.md
index c035295..e03404d 100644
--- a/PROJECT_CONTEXT.md
+++ b/PROJECT_CONTEXT.md
@@ -54,9 +54,9 @@ System posture: stable, controlled expansion phase.
 
 ## Stack
 
-**API (`zpack-api`):** Node.js ESM, Express 5, Prisma 6, MariaDB, Redis, BullMQ, JWT, Stripe, argon2, ssh2, WebSocket, http-proxy-middleware
+**API (`zpack-api`):** Node.js ESM on the Node 24 runtime line, Express 5, Prisma 6, MariaDB, Redis, BullMQ, JWT, Stripe, argon2, ssh2, WebSocket, http-proxy-middleware
 
-**Portal (`zpack-portal`):** Next.js 15, TypeScript, TailwindCSS, Axios, WebSocket console.
+**Portal (`zpack-portal`):** Next.js 16, TypeScript, TailwindCSS, Axios, WebSocket console, aligned to the Node 24 runtime line
 
 **Agent (`zlh-agent`):** Go 1.21, stdlib HTTP, creack/pty, gorilla/websocket. Runs inside every game/dev container. Only process with direct filesystem access. Pulls runtimes + server jars from `zlh-artifacts`.
 
@@ -69,7 +69,8 @@ System posture: stable, controlled expansion phase.
 - HTTP server on :18888, internal only — API is the only intended caller
 - Container types: `game` and `dev`
 - Lifecycle: `POST /config` triggers async provision + start pipeline
-- Filesystem: strict path allowlist for games, workspace-root sandbox for dev containers
+- Filesystem: strict path allowlist for games; dev file API behavior is intended to be workspace-root-scoped
+- Interactive console/PTY shell in dev containers is **not currently proven to be workspace-confined** and current live validation indicates `cd ..` can escape upward from `/home/dev/workspace`
 - Upload transport: raw `http.request` piping (`req.pipe(proxyReq)`), never `fetch()`
 - Console: PTY-backed WebSocket, one read loop per container
 - Self-update: periodic check + apply