Skip to content

Transform invalid tool usages on sending, not on initial detection #1091

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 28, 2025
Merged

Transform invalid tool usages on sending, not on initial detection #1091

merged 3 commits into from
Oct 28, 2025
+223 −5

Conversation

@zastrowm
Copy link
Member

@zastrowm zastrowm commented Oct 24, 2025
edited
Loading

Description

Some background context:

Bedrock rejects tool names that are invalid (e.g. they don't match this regex) and so if the LLM generates an invalid name, we need to replace that name before sending to Bedrock as otherwise bedrock throws an error message

This is the follow up to the first pr (#1087) and is a 2nd part fix to #1069.

Per the bug, session-managers never persist tool-name changes after the initial persisting of the message, which means once an agent generates an invalid-tool name, that message history is poisoned on re-hydration. To avoid that going forward, do the translation of invalid-tool names on sending to the provider and not on the initial tool_use detection. The initial tool_use detection is still needed to add a tool_response with a proper error message for the LLM, but the tool name change is now done elsewhere to avoid the poisoning issue

Previous behavior

Prior to both bug fixes, this was the problem:

  1. The LLM generates a toolUse block for a tool that has an invalid name (specifically it doesn't match this regex)
  2. The message with the toolUse is appended to the agent's history.
  3. Tool execution begins - first in event_loop._handle_tool_execution which calls validate_and_prepare_tools is invoked. The validation fails which has two side-effects:
    1. The original/invalid tool name is overwritten with INVALID_TOOL_NAME
      1. BUG # 2 -- The tool name overrwrite is not persisted to the session-manager because we don't do updates to existing messages
    2. A tool-result is added indicating the invalidness of the tool-name
  4. We early exit out of tool execution because there are no tool-uses
    1. BUG # 1 -- At this point, the loop should continue as normal and pass flow back to the model, but we're not doing that here

Bug # 1 was fixed in #1087, and this is now the fix for Bug # 2

Notes

  • I added an integ test that fails before the changes and succeeds after
  • I also refactored a bunch of validation methods to make them internal, deprecating the old public methods

Related Issues

#1069

Documentation PR

N/A

Type of Change

Bug fix

Testing

How have you tested the change? Verify that the changes do not break functionality or introduce warnings in consuming repositories: agents-docs, agents-tools, agents-cli

  • I ran hatch run prepare

Checklist

  • I have read the CONTRIBUTING document
  • I have added any necessary tests that prove my fix is effective or my feature works
  • I have updated the documentation accordingly
  • I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@zastrowm
fix: Transform invalid tool usages on sending, not on initial detection
eafa16c 
Per bug strands-agents#1069, session-managers never persist tool-name changes after we initially persist the message, which means once an agent generates an invalid-tool name, that message history is poisoned  on re-hydration.  To avoid that going forward, do the translation of invalid-tool names on sending to the provider and not on the initial tool_use detection.  The initial tool_use detection is needed to add a tool_response with a proper error message for the LLM, but this will avoid the poisoning issue
@zastrowm
fix: Add integ test to verify fix for strands-agents#1069
c06cb3d
@codecov
Copy link

codecov bot commented Oct 24, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@zastrowm zastrowm enabled auto-merge (squash) October 27, 2025 13:08
dbschmigelski
dbschmigelski reviewed Oct 27, 2025
View reviewed changes
Copy link
Member

@dbschmigelski dbschmigelski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Slow clap for the PR description

pgrayy
pgrayy reviewed Oct 27, 2025
View reviewed changes
Unshure
Unshure reviewed Oct 27, 2025
View reviewed changes
@github-actions github-actions bot added size/m and removed size/m labels Oct 28, 2025
@zastrowm zastrowm disabled auto-merge October 28, 2025 19:45
@zastrowm zastrowm enabled auto-merge (squash) October 28, 2025 19:45
@zastrowm zastrowm merged commit c2ba0f7 into strands-agents:main Oct 28, 2025
14 checks passed
@zastrowm zastrowm mentioned this pull request Oct 29, 2025
Closed
3 tasks
dbschmigelski pushed a commit to schnetler/sdk-python that referenced this pull request Nov 12, 2025
@zastrowm @dbschmigelski
Transform invalid tool usages on sending, not on initial detection (s…
ab94e27 
…trands-agents#1091)

Per bug strands-agents#1069, session-managers never persist tool-name changes after we initially persist the message, which means once an agent generates an invalid-tool name, that message history is poisoned  on re-hydration.  To avoid that going forward, do the translation of invalid-tool names on sending to the provider and not on the initial tool_use detection.  The initial tool_use detection is needed to add a tool_response with a proper error message for the LLM, but this will avoid the poisoning issue

---------

Co-authored-by: Mackenzie Zastrow <zastrowm@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pgrayy pgrayy pgrayy approved these changes

@dbschmigelski dbschmigelski dbschmigelski approved these changes

@Unshure Unshure Awaiting requested review from Unshure

Assignees

No one assigned

Labels

size/m

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@zastrowm @Unshure @pgrayy @dbschmigelski