Bug: safe-inputs with script: always returns {"stdout":"","stderr":""} #19489
Description
Bug: safe-inputs with script: always returns {"stdout":"","stderr":""}
Summary
A safe-inputs entry using the script: runner always produces {"stdout":"","stderr":""} when called, regardless of what the script does. The return value is never surfaced to the agent.
Steps to Reproduce
Define a safe-input with script::
safe-inputs:
github-graphql:
inputs:
query:
type: string
required: true
variables:
type: string
required: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
script: |
const graphql = require('@octokit/graphql').graphql.defaults({
headers: { authorization: `token ${process.env.GITHUB_TOKEN}` }
});
const vars = inputs.variables ? JSON.parse(inputs.variables) : {};
const result = await graphql(inputs.query, vars);
return result;Call it from a workflow. The agent receives:
{"stdout":"","stderr":""}
What I Tried
- Using
return result(object) - Using
console.log(JSON.stringify(result))— no output in stdout - Simplified scripts (e.g.
return { viewer: { login: "test" } }) — still empty - The same logic works fine with
py:usingprint(json.dumps(...))— the Python runner correctly captures stdout
Expected Behavior
The script: runner should:
- Capture the
returnvalue and serialize it as the tool output as documented
Actual Behavior
Every script: safe-input returns {"stdout":"","stderr":""} unconditionally. The agent sees no data and has to assume defaults / skip logic that depended on the result.
Impact
Workflows that rely on script: for GitHub GraphQL queries (or any JS-based safe-input) silently fail. The only workaround is to rewrite the logic in Python using py: or use run: with shell commands, which is significantly less ergonomic for GraphQL/JSON workloads.
Environment
gh aw(github/gh-aw) — current version in use- Runner: GitHub Actions (AWF sandbox)