Skip to content

fix(agent): restrict background review fork to memory + skills toolsets#16569

Merged
teknium1 merged 1 commit into
mainfrom
hermes/hermes-6e833b3d
Apr 27, 2026
Merged

fix(agent): restrict background review fork to memory + skills toolsets#16569
teknium1 merged 1 commit into
mainfrom
hermes/hermes-6e833b3d

Conversation

@teknium1

@teknium1 teknium1 commented Apr 27, 2026

Copy link
Copy Markdown
Contributor

Summary

Background memory/skill review fork can no longer run terminal, send_message, delegate_task, browser, web, or file tools. Restricted to memory + skills only — which is everything the review prompts actually need.

Fixes #15204.

Changes

  • run_agent.py: one-line enabled_toolsets=["memory", "skills"] added to the AIAgent(...) construction in _spawn_background_review().
  • tests/run_agent/test_background_review_toolset_restriction.py: regression coverage.

Validation

Targeted test suite: 2/2 passed.

Credit

Salvage of #16001 by @luyao618 onto current main (251 commits ahead of the original branch). Cherry-picked with original authorship preserved.

@luyao618 @teknium1
fix(agent): restrict background review agent to memory and skills too…
47a6a0a 
…lsets

The background skill/memory review agent was created without toolset
restrictions, inheriting the full default tool set. This allowed it to
use terminal, send_message, delegate_task, and other tools outside its
intended scope, potentially performing unrelated side effects after
skill creation.

Restrict the review agent to only memory and skills toolsets by passing
enabled_toolsets=['memory', 'skills'] during AIAgent construction.

Fixes #15204
@teknium1 teknium1 merged commit 8ad29a9 into main Apr 27, 2026
11 of 12 checks passed
@teknium1 teknium1 deleted the hermes/hermes-6e833b3d branch April 27, 2026 13:41
@teknium1 teknium1 mentioned this pull request Apr 27, 2026
Closed
13 tasks
@alt-glitch alt-glitch added type/security Security vulnerability or hardening P2 Medium — degraded but workaround exists comp/agent Core agent loop, run_agent.py, prompt builder labels Apr 27, 2026
@subinium subinium mentioned this pull request Apr 27, 2026
Closed
@github-actions github-actions Bot mentioned this pull request May 1, 2026
Merged
@subinium subinium mentioned this pull request May 11, 2026
Open
5 tasks
@xlionjuan xlionjuan mentioned this pull request May 18, 2026
Open
@alt-glitch alt-glitch mentioned this pull request May 29, 2026
Closed
@JimStenstrom JimStenstrom mentioned this pull request Jun 5, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp/agent Core agent loop, run_agent.py, prompt builder P2 Medium — degraded but workaround exists type/security Security vulnerability or hardening

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Background skill-review agent can perform non-skill side effects after creating a skill

3 participants

@teknium1 @alt-glitch @luyao618