fix(#173): pass agent info to TaskTool.init() for permission enforcement #174
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
randomm
commented
Feb 10, 2026
Owner
Author
randomm
left a comment
randomm
left a comment
There was a problem hiding this comment.
✅ CODE REVIEW: APPROVED
⚠️ Cannot submit formal GitHub approval (same-author restriction). This is the code-review-specialist's verdict: APPROVE.
CI/CD: ✅ All checks passing (test: 1m16s)
Core Fix Review
The one-line fix in prompt.ts is correct and minimal:
const agentInfo = await Agent.get(task.agent)
const taskTool = await TaskTool.init({ agent: agentInfo })Verification:
Agentis already imported at line 10 — no new imports neededAgent.get()returnsAgent.Info | undefined;InitContext.agentis typed asAgent.Info | undefined(optional) — types align perfectly- If
Agent.get()returnsundefined(impossible in practice sinceTaskTool.executevalidates the agent at line 162), the code degrades gracefully to the existing no-filtering behavior - The registry's
ToolRegistry.forPrompt()already passes{ agent }at line 158 for all other tools — this fix bringsTaskTool.init()in the subtask path into consistency with the standard tool init pattern - Single call site for
TaskTool.init()in the codebase — no other locations need updating
Secondary Changes
Test hardening (env var restore): Correct defensive pattern — delete when original was undefined instead of assigning undefined string. Prevents env pollution between test runs.
Preload mock fix: mockPlugin changed to async () => ({}) and gitlabAuthPlugin export added — forward-compatibility improvements, low risk.
Fork manifest: Agent.get(task.agent) added as criticalCode marker in async-tasks feature — correctly tracks fork divergence.
Risk: LOW
- 2 lines of production code changed
- Mechanically straightforward plumbing fix
- No new dependencies, no control flow changes
- Graceful degradation on edge cases
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #173 — granular task permissions (
permission.taskwith per-agent allow/deny) were never enforced becauseTaskTool.init()was called without the agent parameter.Changes
await Agent.get(task.agent)toTaskTool.init({ agent: agentInfo })so permission filtering activatesAgent.get(task.agent)as criticalCode marker in async-tasks featureVerification