fix(ce-coherence-reviewer): remove Bash from tool allowlist#837
Conversation
The reviewer's task is pure document reasoning over text already in its prompt -- internal consistency, terminology drift, cross-references -- and never needs shell access. With Bash available and pinned to model: haiku, the agent was externalizing tracking state into /tmp scratchpad files; on OpenCode those bash invocations blocked indefinitely (39-88 minute hangs reported in #832). The subagent template's "operationally read-only" prose constraint did not reliably suppress the behavior at the model level, so the deterministic fix is removing the tool from the allowlist. A pinned frontmatter test prevents Bash from being re-added to ce-coherence-reviewer. The NO_BASH_AGENTS set extends naturally to other pure-document reviewers if needed. Fixes #832
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 994b69612f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| const tools = parsed && typeof parsed.tools === "string" ? parsed.tools : "" | ||
| const toolList = tools.split(",").map((s) => s.trim()) |
There was a problem hiding this comment.
The new NO_BASH_AGENTS guard only inspects tools when it is a string, so it silently skips YAML list form (for example tools: [Read, Grep, Glob, Bash]). In that case tools becomes "", toolList is [''], and the test passes even though Bash was reintroduced. This leaves an easy bypass for the regression the test is meant to prevent.
Useful? React with 👍 / 👎.
1 participant
Summary
ce-doc-review no longer stalls indefinitely when
ce-coherence-reviewerruns on platforms whose bash tool blocks on heredocs. Issue #832 reported 39-88 minute hangs on OpenCode while the reviewer was creating coherence checklist files in/tmp.The reviewer's task is pure document reasoning — internal consistency, terminology drift, and cross-reference checking over text already passed in its prompt — and never needs shell access. With
Bashavailable and pinned tomodel: haiku, the agent was externalizing tracking state into temp-file scratchpads. The subagent template's "operationally read-only" prose constraint did not reliably suppress this at the model level, so the deterministic fix is removing the tool from the allowlist.A pinned frontmatter test prevents
Bashfrom being re-added toce-coherence-reviewer. TheNO_BASH_AGENTSset extends naturally to other pure-document reviewers (ce-design-lens-reviewer,ce-security-lens-reviewer,ce-adversarial-document-reviewer) if the same pattern needs to apply later.Fixes #832