Add behavioral evals for shell command tool usage and safety

[Rahu378]

Summary

The current evaluation suite lacks coverage for behavioral patterns related to shell command usage and safety.

Problem

There is no explicit validation for:

• Proper use of run_shell_command for shell-related tasks
• Avoidance of destructive commands like rm -rf without safeguards
• Correct tool selection when creating files (prefer write_file / create_file over shell commands)

Proposed Solution

Add a new evaluation suite (evals/shell_command_safety.eval.ts) with behavioral tests that:

• Verify run_shell_command is used for file listing and disk usage queries
• Ensure destructive commands are not executed silently
• Enforce usage of dedicated file-writing tools for file creation

Impact

• Improves safety guarantees
• Strengthens tool selection correctness
• Expands eval coverage

[raye-deng]

Solid proposal. Behavioral evals for tool selection and destructive command avoidance fill an important gap.

One pattern we've seen that's worth covering in the eval suite: import/package hallucination in agent-generated code. Agents frequently reference packages that don't exist or APIs that were removed in newer versions. Unlike shell command misuse (which is caught at execution time), these silent failures compile and pass unit tests but crash in production.

The eval could test that the agent:

• Validates package existence before writing import statements
• Checks API surface against the latest installed version
• Doesn't silently fall back to a stub/mock when the real package is missing

We built a CI tool that catches these deterministically (registry validation + deprecated API detection + cross-file consistency checks) — complementary to the behavioral evals you're proposing here, which test the agent's decision-making rather than the generated artifact.

npx open-code-review@latest ./path/to/project

Worth considering as a separate eval category alongside the shell safety ones.

[akh64bit]

The resolution is to add a new evaluation suite (evals/shell_command_safety.eval.ts) with behavioral tests that:

1. Verify run_shell_command is used for legitimate tasks like file listing and disk usage queries.
2. Ensure destructive commands are not executed silently.
3. Enforce usage of dedicated file-writing tools for file creation instead of shell commands.