[Feature]: Extend before_agent_start hook context with Model, Tools, and Identity fields#14873
[Feature]: Extend before_agent_start hook context with Model, Tools, and Identity fields#14873akv2011 wants to merge 4 commits intoopenclaw:mainfrom
Conversation
bfc1ccb to
f92900f
Compare
|
hope this gets merged! i am working on a skill to provide intelligent model selection (eg: use haiku for simple tasks, opus for coding, sonnet for writing) and it's reliant on before_agent_start having the ability to override models, this PR would be 50% of the functionality i require, and I'd like to submit a follow up PR to provide the rest of the implementation. this would provide significant token efficiency improvements and is well worth the relatively small change IMHO. it'd open up all manner of innovation about model selection. |
Thanks man i don't know why they removed it these were already there in previous version even more fields Ps: Let me know if you want extra hands on ur pr |
|
@steipete wdyt about this stuff? |
|
@ngutman Any inputs for this |
References openclaw/openclaw#14873 as prerequisite. Includes exact code diffs, auth re-resolution notes, and test cases.
|
Would love for this PR to make it in. |
…r info Extend PluginHookAgentContext with messageChannel, accountId, senderId, senderName, senderUsername, senderE164, runId, model, and modelRegistry fields so plugins can access the full runtime context during the before_agent_start hook. Also extend PluginHookBeforeAgentStartEvent with a tools array so plugins can inspect available tool definitions. These additions are fully backward-compatible: all new fields are optional, so existing plugins continue to work unchanged. Resolves the gap where plugins needing model access or sender identity (e.g. for intent planning or per-user policy) had no way to obtain this information from the hook context.
- Replace Model<Api>/ModelRegistry with 'unknown' in PluginHookAgentContext to avoid forcing external plugins to depend on @mariozechner/pi-ai and @mariozechner/pi-coding-agent at type-check time. Plugins that need the concrete type can cast internally. - Filter out unnamed tools instead of using 'tool' fallback, preventing ambiguous duplicate names that would break allowlist-based governance plugins.
…gent_start, remove legacy pre-attempt hook call
|
This pull request has been automatically marked as stale due to inactivity. |
|
Closing due to inactivity. |
Summary
The current before_agent_start plugin hook provides a sanitized context (prompt, messages), which is insufficient for plugins that require "Agentic" capabilities. Specifically, external plugins cannot access the LLM instance to perform intent planning, nor can they see the tools available to the agent, or robustly identify the user (missing senderId, senderE164). This prevents the creation of advanced security and governance plugins that need to verify intent before execution.
Proposed solution
Extend PluginHookAgentContext and PluginHookBeforeAgentStartEvent to expose the following fields, which are already available in attempt.ts:
In ctx (PluginHookAgentContext):
Model: The Model instance (enables the plugin to call the LLM for planning/verification).
modelRegistry: For model configuration access.
runId: To correlate the start event with subsequent tool calls (for caching plans).
senderId, senderE164, senderUsername: For identity verification and audit logging.
messageChannel
accountId: For full context awareness.
In event (PluginHookBeforeAgentStartEvent):
Tools: The list of tools available for this run (crucial for verifying if a user's intent matches allowed tools).
Alternatives considered
Building a custom agent: This bypasses the plugin system entirely and fragments the ecosystem.
Using before_tool_call only: This is too late for "Intent Planning". By the time a tool is called, the "plan" has already been decided by the LLM. Security plugins need to verify the plan against policy before any tool is even attempted.
Additional context
I have a working implementation in a fork that successfully powers an "ArmorIQ" security plugin. This plugin uses the exposed ctx.model to generate a secure execution plan and event.tools to validate it, preventing prompt injection and unauthorized actions.
Greptile Overview
Greptile Summary
This PR extends the
before_agent_startplugin hook payload so plugins can do richer pre-run governance/intent checks. Specifically:src/agents/pi-embedded-runner/run/attempt.tsnow passes atoolssummary on the event and adds additional fields (run/account/sender identity, channel, model, modelRegistry) on the hook context when runningrunBeforeAgentStart.src/plugins/types.tsupdates the public hook type definitions to include these new fields.These changes integrate with the existing hook runner in
src/plugins/hooks.ts(sequential modifying hook forbefore_agent_start) and are surfaced to external plugins via the re-export insrc/plugin-sdk/index.ts.Confidence Score: 3/5
(4/5) You can add custom instructions or style guidelines for the agent here!