fix: skip dependency dirs in skill rglob fallback to prevent context injection

[liuhao1024]

What does this PR do?

_build_skill_message() and skill_view() use rglob('*') to discover supporting files when linked_files is empty. This traverses into node_modules/, .venv/, __pycache__/ and similar directories, injecting thousands of file paths into the agent context — silently inflating token usage and potentially causing context overflow.

Changes

agent/skill_commands.py — _build_skill_message() fallback scan:

• Added _SKIP_DIRS frozenset: .git, .hg, .svn, node_modules, .venv, venv, .tox, __pycache__, .pytest_cache, .mypy_cache, .ruff_cache
• Added _MAX_SUPPORTING_FILES = 200 hard cap with truncation message
• Skip empty files (f.stat().st_size > 0)
• Skip any path whose parts contain a skip-dir name

tools/skills_tool.py — skill_view() file scan:

• Same _SKIP_DIRS filter on skill_dir.rglob("*") (line 1111)
• Same filter + empty-file check on assets_dir.rglob("*") (line 1210)

Root Cause

skill_view uses non-recursive glob(ext) for scripts/ and references/, but the fallback in _build_skill_message uses recursive rglob("*") with no exclusions. When skill_view returns linked_files: null (e.g. scripts/ only contains node_modules/ with no top-level .py/.sh/.js), the unfiltered fallback kicks in and scans everything.

Root Cause

skill_view uses non-recursive glob(ext) for scripts/ and references/, but the fallback in _build_skill_message uses recursive rglob("*") with no exclusions. When skill_view returns linked_files: null (e.g. scripts/ only contains node_modules/ with no top-level .py/.sh/.js), the unfiltered fallback kicks in and scans everything.

Related Issue

Fixes #18675

Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue)

Changes Made

agent/skill_commands.py — _build_skill_message() fallback scan:

• Added _SKIP_DIRS frozenset: .git, .hg, .svn, node_modules, .venv, venv, .tox, __pycache__, .pytest_cache, .mypy_cache, .ruff_cache
• Added _MAX_SUPPORTING_FILES = 200 hard cap with truncation message
• Skip empty files (f.stat().st_size > 0)
• Skip any path whose parts contain a skip-dir name

tools/skills_tool.py — skill_view() file scan:

• Same _SKIP_DIRS filter on skill_dir.rglob("*") (line 1111)
• Same filter + empty-file check on assets_dir.rglob("*") (line 1210)

Root Cause

skill_view uses non-recursive glob(ext) for scripts/ and references/, but the fallback in _build_skill_message uses recursive rglob("*") with no exclusions. When skill_view returns linked_files: null (e.g. scripts/ only contains node_modules/ with no top-level .py/.sh/.js), the unfiltered fallback kicks in and scans everything.

Fixes #18675

How to Test

1. Run pytest tests/ -q — all tests should pass
2. Verify the specific scenario described above is resolved

Checklist

Code

• I've read the Contributing Guide
• My commit messages follow Conventional Commits (fix(scope):, feat(scope):, etc.)
• I searched for existing PRs to make sure this isn't a duplicate
• My PR contains only changes related to this fix/feature (no unrelated commits)
• I've run pytest tests/ -q and all tests pass
• I've added tests for my changes (required for bug fixes, strongly encouraged for features)
• I've tested on my platform: macOS 26.4.1

Documentation & Housekeeping

• I've updated relevant documentation (README, docs/, docstrings) — or N/A
• I've updated cli-config.yaml.example if I added/changed config keys — or N/A
• I've updated CONTRIBUTING.md or AGENTS.md if I changed architecture and workflows — or N/A
• I've considered cross-platform impact (Windows, macOS) per the compatibility guide — or N/A

[alt-glitch]

Related to #18677 and #18717 which also fix #18675 (unbounded rglob in _build_skill_message). Maintainer: pick one of these three.

[alt-glitch]

Related to #18677 and #18717 which also fix #18675 (unbounded rglob in _build_skill_message). Maintainer: pick one of these three.