Summary
run_scheduler_loop() in handle_plan_confirm() blocks the entire agent message loop while executing a plan. This means /plan cancel cannot interrupt a running plan execution (SEC-M34-001).
Currently documented as a known limitation with a comment in the code.
Expected behavior
User should be able to send /plan cancel while a plan is executing to gracefully cancel all running sub-agents and stop the tick loop.
Proposed implementation
- Add a
plan_cancel_tx: Option<tokio::sync::watch::Sender<bool>> field to Agent.
- Pass a
watch::Receiver<bool> into run_scheduler_loop().
- In the tick loop, add a
tokio::select! arm on the cancellation signal in wait_event().
- When cancel signal fires, call
scheduler.cancel_all() and break the loop.
- In
handle_plan_cancel(), if plan_cancel_tx is set, send true to signal cancellation.
Alternatives
A CancellationToken from tokio_util::sync could also be used.
Identified as SEC-M34-001 in security audit of PR for issue #1434.
Summary
run_scheduler_loop()inhandle_plan_confirm()blocks the entire agent message loop while executing a plan. This means/plan cancelcannot interrupt a running plan execution (SEC-M34-001).Currently documented as a known limitation with a comment in the code.
Expected behavior
User should be able to send
/plan cancelwhile a plan is executing to gracefully cancel all running sub-agents and stop the tick loop.Proposed implementation
plan_cancel_tx: Option<tokio::sync::watch::Sender<bool>>field toAgent.watch::Receiver<bool>intorun_scheduler_loop().tokio::select!arm on the cancellation signal inwait_event().scheduler.cancel_all()and break the loop.handle_plan_cancel(), ifplan_cancel_txis set, sendtrueto signal cancellation.Alternatives
A
CancellationTokenfromtokio_util::synccould also be used.Identified as SEC-M34-001 in security audit of PR for issue #1434.