🤖 fix: isolate workflow-owned sub-agent outputs

[ThomasK33]

Summary

Hide workflow-owned sub-agents from parent-facing task discovery and direct awaits so parent agents consume workflow-vetted output through workflow runs instead of raw child reports.

Background

Workflow-launched sub-agents are coordinated by the workflow runner, which owns their reports, retries, structured output validation, and final synthesis. Parent agents should not accidentally discover or await those raw child task outputs through task_list or task_await.

Implementation

• Exclude workflow-owned descendants from task_list, including descendants of workflow-owned tasks.
• Exclude workflow-owned descendants and their background bash tasks from omitted-task_ids task_await discovery.
• Reject explicit task_await calls for workflow-owned agent task IDs and bash processes in workflow-owned descendant workspaces.
• Persist workflow-owned ancestor metadata with subagent report artifacts so the guard survives task cleanup/restart.
• Update task_await tool contract and generated hook docs to document the workflow-owned exclusion.
• Relax built-in workflow unit test timeouts after CI hit Bun's 5s default while those tests passed locally just under that boundary.

Validation

• bun test src/node/services/tools/task_await.test.ts src/node/services/tools/task.bash.test.ts src/node/services/tools/task_list.test.ts src/node/services/taskService.test.ts
• bun test src/node/services/workflows/builtInWorkflowDefinitions.test.ts
• make static-check

Risks

Medium risk in task/workflow orchestration behavior: this deliberately changes which descendant tasks are visible/awaitable from a parent workspace. Regular sub-agent tasks and workflow run awaits remain supported; workflow-owned child output is intentionally reachable only through workflow run results.

---

Generated with mux • Model: openai:gpt-5.5 • Thinking: xhigh • Cost: $36.26

[ThomasK33]

@codex review

Please review this workflow-owned sub-agent output isolation change.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. You're on a roll.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
Mux	🟢 Ready	View Preview	Jun 4, 2026, 4:00 PM

💡 Tip: Enable Workflows to automatically generate PRs for you.

[ThomasK33]

@codex review

Re-requesting after the CI timeout fix commit.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Swish!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[ThomasK33]

@codex review

Re-requesting after the built-in workflow timeout fix.

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. 🚀

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".