Skip to content

fix(agent): scope subdirectory hint discovery to active workspace boundary#14795

Open
Tranquil-Flow wants to merge 1 commit into
NousResearch:mainfrom
Tranquil-Flow:fix/subdirectory-hints-workspace-scope
Open

fix(agent): scope subdirectory hint discovery to active workspace boundary#14795
Tranquil-Flow wants to merge 1 commit into
NousResearch:mainfrom
Tranquil-Flow:fix/subdirectory-hints-workspace-scope

Conversation

@Tranquil-Flow

@Tranquil-Flow Tranquil-Flow commented Apr 23, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

What does this PR do?

Post-tool-call path discovery scanned any directory for AGENTS.md, CLAUDE.md, and .cursorrules files, even those outside the intended workspace. A tool call touching a file elsewhere on disk could silently inject unrelated instruction files into the agent context, causing unexpected behavior drift and cross-project leakage.

Related Issue

Fixes #14471

Type of Change

  • 🐛 Bug fix (non-breaking change that fixes an issue)
  • ✨ New feature (non-breaking change that adds functionality)
  • 🔒 Security fix
  • 📝 Documentation update
  • ✅ Tests (adding or improving test coverage)
  • ♻️ Refactor (no behavior change)
  • 🎯 New skill (bundled or hub)

Changes Made

  • agent/subdirectory_hints.py: Scoped discovery to active workspace boundary
  • tests/agent/test_subdirectory_hints.py: 26 tests

How to Test

python -m pytest -o 'addopts=' tests/agent/test_subdirectory_hints.py -v

Result: 26 passed.

Checklist

Code

  • I've read the Contributing Guide
  • My commit messages follow Conventional Commits (fix(scope):, feat(scope):, etc.)
  • I searched for existing PRs to make sure this isn't a duplicate
  • My PR contains only changes related to this fix/feature (no unrelated commits)
  • I've run pytest tests/ -q and all tests pass
  • I've added tests for my changes (required for bug fixes, strongly encouraged for features)
  • I've tested on my platform: macOS 15 (Darwin 24.6.0), Python 3.14.2

Documentation & Housekeeping

  • I've updated relevant documentation (README, docs/, docstrings) — or N/A
  • I've updated cli-config.yaml.example if I added/changed config keys — or N/A
  • I've updated CONTRIBUTING.md or AGENTS.md if I changed architecture or workflows — or N/A
  • I've considered cross-platform impact (Windows, macOS) per the compatibility guide — or N/A
  • I've updated tool descriptions/schemas if I changed tool behavior — or N/A

Screenshots / Logs

python -m pytest -o 'addopts=' tests/agent/test_subdirectory_hints.py -v
26 passed

@alt-glitch alt-glitch added type/bug Something isn't working type/security Security vulnerability or hardening P1 High — major feature broken, no workaround comp/agent Core agent loop, run_agent.py, prompt builder labels Apr 23, 2026
@alt-glitch

alt-glitch commented Apr 23, 2026

Copy link
Copy Markdown
Collaborator

Related to #14471 (issue) and #14510 (competing fix PR) — cross-workspace instruction file injection via unbounded subdirectory hint discovery.

@Tranquil-Flow Tranquil-Flow force-pushed the fix/subdirectory-hints-workspace-scope branch 2 times, most recently from b027e84 to 8ae2a17 Compare May 25, 2026 11:06
@alt-glitch alt-glitch mentioned this pull request May 25, 2026
Closed
2 tasks
@Tranquil-Flow Tranquil-Flow force-pushed the fix/subdirectory-hints-workspace-scope branch from 8ae2a17 to 4056d14 Compare May 26, 2026 09:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/agent Core agent loop, run_agent.py, prompt builder P1 High — major feature broken, no workaround type/bug Something isn't working type/security Security vulnerability or hardening

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: Hermes injects unrelated AGENTS.md/CLAUDE.md/.cursorrules into agent context via tool-path discovery

2 participants

@Tranquil-Flow @alt-glitch