feat(tools): add generate_presentation tool (native rust engine, ppt-rs) (#2778) by oxoxDev · Pull Request #3016 · tinyhumansai/openhuman

oxoxDev · 2026-05-30T10:36:09Z

Summary

Add a generate_presentation agent tool that converts a structured slide spec ({title, author?, theme?, slides: [{title?, body?, bullets?, speaker_notes?}]}) into a .pptx file via a pure-Rust engine (ppt-rs, Apache-2.0), persisted as a typed artifact in the workspace.
No Python runtime at user runtime — no managed venv, no pip install on first use, no subprocess. Cold-call latency drops from ~2-5 s (Python venv setup) to <100 ms. User install footprint −50 MB+.
New artifacts::store producer surface — create_artifact / finalize_artifact / fail_artifact — plus optional ArtifactMeta.error so failed builds surface a reason instead of an indefinite spinner.
New runtime_python::venv + runtime_python::run general-purpose primitives ship in this PR as scaffolding for future Python-backed tools (OCR, data-science scratch, etc.). The presentation tool itself does not consume them after the engine refactor — they remain available, unused by the tool.
Registers generate_presentation in tools/ops.rs (always-on; no Python gate) and on the orchestrator agent's named tool list so the web-chat path can drive it today; the broader agent-definition wiring + grounding rule lands in Wire PPT generation and file attachments into agent definitions and error handling #2780 (PR feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029).

This is sub-task 3 of 5 for parent #1535 ("Add multimodal support for files and PPT generation"). #2776 is merged (PR #2801); #2777 is in review (PR #2954); #2779 (React ArtifactCard, PR #3017), #3024 (Files-in-this-chat panel, PR #3026), and #2780 (orchestrator wiring + grounding, PR #3029) are stacked on top.

Problem

Users asking the agent to build slide decks today have no working path. The agent either guesses at shell snippets (python -c '…') that the sandbox blocks, or it falls back to text and apologises. Parent issue #1535 explicitly calls out a reliable PPT workflow as acceptance criterion #2, and #2776 already shipped the artifact storage layer (ArtifactMeta / ArtifactKind::Presentation / ai_*_artifact RPCs) waiting for a producer.

Structural gaps that block the tool:

No producer surface on artifacts. PR feat(artifacts): define artifact storage types, config, and persistence layer #2801 shipped read RPCs (ai_list_artifacts / ai_get_artifact / ai_delete_artifact) and the persistence layer (<workspace>/artifacts/<uuid>/meta.json + payload) but no create_artifact helper. Each generator would otherwise reimplement uuid + mkdir + write meta.json + flip status.
No native .pptx writer in the workspace dep graph. docx-rs covers Word, rust_xlsxwriter covers Excel — both deliberate native-Rust generators that drop external runtimes. The PowerPoint equivalent was missing.

Solution

`artifacts::store` producer helpers (new)

create_artifact(workspace_dir, kind, title, extension) -> (ArtifactMeta, PathBuf): allocates a UUID-named dir, persists a Pending ArtifactMeta, returns the meta + the absolute path the producer writes bytes to. Filename stem is sanitized from the title (alphanumerics + dashes, ≤ 80 chars).
finalize_artifact(workspace_dir, id, size_bytes): flips Pending → Ready + persists final size. Idempotent.
fail_artifact(workspace_dir, id, reason): flips to Failed + persists reason via the new ArtifactMeta.error: Option<String> field (serde default + skip-if-none, so persisted records that predate the field round-trip fine).

`tools/impl/presentation/` (new, native-Rust engine)

Module layout:

File	Purpose
`mod.rs`	`PresentationTool` struct + `Tool` trait impl. Router-rule `description` ("USE THIS … NOT for …"). Stateless ctor (`new(workspace_dir)`) — no `Config` arg needed, no runtime resolution. 30 s generation timeout.
`types.rs`	`GeneratePresentationInput` / `SlideSpec` / `Output` / `PresentationError` enum (`InvalidInput`, `GenerationFailed`, `GenerationTimeout`; plus `MissingRuntime` / `MissingPackage` reserved for downstream pattern-match stability and a possible future LibreOffice-headless `format = "pdf"` fallback). `validate_input` runs eagerly so the LLM gets a structured error it can self-correct on. `truncate_stderr` caps at 500 chars (UTF-8-safe).
`engine.rs`	`ppt-rs` wrapper. Synthesises a title slide from `input.title` (+ optional `author` byline) prepended to the content slides, so `slide_count` semantics match the original contract (excludes the synthetic title slide). Drives generation through `tokio::task::spawn_blocking` + `tokio::time::timeout` so the synchronous library work neither blocks the async executor nor can wedge the agent loop.
`tests.rs`	11 unit tests — schema contract, router-rule `description`, validation rejection branches (empty title / empty slides / empty slide / oversize body / too many slides), real end-to-end happy path driving the engine + artifact pipeline.

Engine unit tests live alongside in engine.rs::tests — 4 tests covering the SlideSpec → ppt-rs mapping (title-slide prepend, blank-entry filtering), the OOXML round-trip (re-opens the byte buffer as a zip, asserts all spec-required entries — [Content_Types].xml, _rels/.rels, ppt/presentation.xml, ppt/_rels/presentation.xml.rels, ppt/theme/theme1.xml, ppt/slideMasters/slideMaster1.xml, ppt/slideLayouts/slideLayout1.xml, docProps/core.xml, docProps/app.xml, ppt/slides/slide{1,2}.xml, ppt/notesSlides/notesSlide*.xml when notes set), and the timeout surface under a 1-ns deadline.

Input validation caps: ≤ 64 slides, ≤ 32 bullets/slide, ≤ 2000 chars per field. Tool returns the artifact id + absolute path so the agent can quote it.

`runtime_python::venv` + `runtime_python::run` (new, unused-by-this-tool)

Ship as general-purpose primitives for future Python-backed tools (OCR pipelines, data-science scratch executors, …). Not consumed by PresentationTool after the engine refactor. Kept in the PR rather than ripped out because they are reusable scaffolding the next Python-backed tool would otherwise re-add commit-for-commit.

ensure_venv(name, requirements, config) -> Result<ResolvedPython> — lazy managed venv under <runtime_python.cache_dir>/venvs/<name>/. requirements.txt change detection short-circuits unchanged invocations.
run_python_script_to_completion(resolved, spec, stdin, deadline) -> PythonRunOutput — one-shot stdin → wait → capture-output contract bounded by deadline; PythonRunTimeout is its own type so call sites can downcast.

Registration

tools/ops.rs::all_tools_with_runtime always registers PresentationTool::new(workspace_dir.to_path_buf()). No runtime_python.enabled gate.
agents/orchestrator/agent.toml adds "generate_presentation" to its named list so the orchestrator can drive the tool today. The companion grounding rule (orchestrator must call memory_tree / delegate_research / query_memory before generate_presentation for topical/factual decks) lands in Wire PPT generation and file attachments into agent definitions and error handling #2780 (PR feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029).

Engine refactor history (in-branch)

This PR originally shipped a python-pptx-based engine (subprocess + bundled generate_pptx.py + runtime_python::venv consumer). After a maintainer request to drop the Python dep, the final commit (refactor(presentation): swap python-pptx subprocess for native rust engine) replaces the engine with ppt-rs while preserving:

tool name (generate_presentation)
GeneratePresentationInput / Output JSON shape
artifact pipeline + .pptx extension
workspace artifact path layout
socket events that feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017 ArtifactCard / feat(chat): Files in this chat — persistent per-chat artifact panel (#3024) #3026 Files panel / feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029 orchestrator wiring consume

So downstream PRs in the #1535 chain need no rework — the engine is a sealed implementation detail behind the tool contract. The intermediate python-pptx commits remain in the branch history (one logical refactor at the end documents the swap); the rendered PR diff vs main shows the final shape only.

Sample 5-slide deck generated by the native engine: 14 673 bytes, opens cleanly in PowerPoint / Keynote / Google Slides.

Submission Checklist

Tests added or updated (happy path + at least one failure / edge case) per Testing Strategy — 11 lib unit tests in tests.rs covering schema contract, router-rule description, all 5 validation rejection branches, real engine + artifact-pipeline end-to-end happy path. 4 engine unit tests in engine.rs::tests covering the SlideSpec → ppt-rs mapping, OOXML zip round-trip (re-opens output, asserts every spec-required OOXML entry exists), timeout surface. Plus the artifacts + runtime_python helper tests carried in from the earlier commits.
Diff coverage ≥ 80% — every branch in engine.rs + mod.rs::execute + types.rs::validate_input is exercised by the 14 inline tests. Run locally: cargo test --lib openhuman::tools::implementations::presentation (14 pass) + cargo test --lib openhuman::runtime_python (existing suite, unchanged on this branch) + cargo test --lib openhuman::artifacts (existing suite).
N/A: behaviour-only addition — no new public feature row in docs/TEST-COVERAGE-MATRIX.md. The tool is a new agent capability surface, not a release-cut feature; Surface artifact downloads and generation progress in the React UI #2779 (UI ArtifactCard) is the right place to add a user-facing row when uploads ship.
All affected feature IDs from the matrix are listed in the PR description under ## Related
No new external network dependencies introduced (mock backend used per Testing Strategy) — pure-Rust generation, no per-call network, no pip install.
N/A: smoke surface unchanged — no release-cut surface touched (docs/RELEASE-MANUAL-SMOKE.md).
Linked issue closed via Closes #NNN in the ## Related section

Impact

Runtime/platform: desktop only. Tool is now always-on (no runtime_python.enabled gate). No mobile/web/CLI behaviour change.
Performance: pure-Rust generation completes in well under a second even for the 64-slide cap. No first-call install latency. 30 s generation timeout is a defensive ceiling against pathological inputs slipping past validate_input.
Disk footprint: ~10–15 MB binary bloat from ppt-rs transitive deps (pulldown-cmark + syntect are linked unconditionally by ppt-rs even though the markdown / code-highlighting paths are unused). Counterfactual: the python-pptx path added ~50 MB+ of managed Python interpreter + venv on first use at the user's runtime_python.cache_dir.
Network: zero outbound traffic from the presentation tool at any call.
Sandbox / security: no subprocess. No pip install. ppt-rs is pure Rust (no unsafe, Apache-2.0).
Privacy: slide content stays in-process; final bytes land at <workspace>/artifacts/<uuid>/<title>.pptx. No data leaves the host.
Migration / compatibility: zero. ArtifactMeta.error is additive with serde(default), so existing on-disk records parse unchanged. runtime_python::{venv, run} are new modules — no behaviour change for existing spawn_stdio users.
Open follow-ups:
- Surface artifact downloads and generation progress in the React UI #2779 (PR feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017) — React ArtifactCard renders the generated deck in chat.
- Files in this chat — persistent per-chat artifact registry #3024 (PR feat(chat): Files in this chat — persistent per-chat artifact panel (#3024) #3026) — "Files in this chat" panel surfaces every deck the agent generated in a thread.
- Wire PPT generation and file attachments into agent definitions and error handling #2780 (PR feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029) — orchestrator wiring + grounding rule (agent must memory_tree / delegate_research / query_memory before generate_presentation on topical decks) + UnsupportedFileType error variant.
- ppt-rs upstream issue: gate clap / pulldown-cmark / syntect behind a non-default feature so library consumers don't pay for the pptcli binary's deps. Would shave ~5-10 MB.
- Image embedding in slides (Composio fetch / file marker → image placeholder) — future enhancement; ppt-rs supports it via add_image(Image).

Closes: Add PPT generation tool using python-pptx in the Python runtime #2778
Parent: Add multimodal support for files and PPT generation #1535 (sub-task 3 of 5; Define artifact storage types, config, and persistence layer #2776 ✅ merged PR feat(artifacts): define artifact storage types, config, and persistence layer #2801; Extend multimodal input to accept document and file attachments beyond images #2777 OPEN PR feat(agent/multimodal): support [FILE:…] markers with text extraction (#2777) #2954)
Follow-up PR(s)/TODOs:
- Surface artifact downloads and generation progress in the React UI #2779 (PR feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017) — React ArtifactCard (depends on this)
- Files in this chat — persistent per-chat artifact registry #3024 (PR feat(chat): Files in this chat — persistent per-chat artifact panel (#3024) #3026) — Files-in-this-chat panel (depends on feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017)
- Wire PPT generation and file attachments into agent definitions and error handling #2780 (PR feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029) — orchestrator wiring + grounding rule (depends on this)

AI Authored PR Metadata (required for Codex/Linear PRs)

Linear Issue

Key: N/A — GitHub-issue-driven workflow, no Linear ticket.
URL: N/A

Commit & Branch

Branch: feat/2778-presentation-tool
Final commit: e0e2a2e5 refactor(presentation): swap python-pptx subprocess for native rust engine

Validation Run

Focused tests: cargo test --lib openhuman::tools::implementations::presentation (14/14 ✓ — 11 tool + 4 engine including OOXML zip round-trip)
cargo check --lib ✓
cargo fmt --check ✓
Visual verification: 5-slide sample deck opens cleanly in PowerPoint / Keynote / Google Slides

Behavior Changes

Intended behavior change: when the agent decides to call generate_presentation with a valid slide spec, a .pptx file is written to the workspace artifacts directory via the native-Rust ppt-rs engine, an ArtifactMeta is persisted as Ready, and the tool returns the artifact id + absolute path. On any failure path the artifact is persisted as Failed with a reason.
User-visible effect: orchestrator can now satisfy "create slides about X" / "build a deck" requests reliably, with no Python install, no first-call latency, no managed venv on disk.

Parity Contract

Legacy behavior preserved: artifacts::store's existing public API (list / get / delete RPCs) is byte-identical. Existing on-disk meta.json records parse unchanged thanks to #[serde(default)] on the new error field. Tool name + input / output JSON schema unchanged across the python-pptx → native-rust engine swap, so downstream PRs in the Add multimodal support for files and PPT generation #1535 chain (feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017, feat(chat): Files in this chat — persistent per-chat artifact panel (#3024) #3026, feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029) need no rework.

Duplicate / Superseded PR Handling

Duplicate PR(s): none.
Canonical PR: this is canonical.
Resolution: N/A

Summary by CodeRabbit

New Features
- Presentation generation tool: create and persist .pptx slide decks and return artifact info
- Artifact lifecycle APIs: create, finalize, and fail artifacts with size/error tracking
- Python runtime improvements: on-demand virtualenvs and robust script execution with timeouts
Bug Fixes
- Reject pre-release Python versions during runtime selection
Tests
- End-to-end and validation tests covering presentation generation and engine behavior
Chores
- CI adjusted so presentation-tool execution path is exercised in coverage runs

coderabbitai · 2026-05-30T10:36:23Z

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

@coderabbitai resume to resume automatic reviews.
@coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

▶️ Resume reviews
🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a native Rust PPTX generator (ppt-rs), a generate_presentation tool with validation and tests, artifact lifecycle APIs (create/finalize/fail) and error tracking, Python subprocess and venv runtime support, stricter downloader filtering, CI and Playwright test-helper updates, and registers the tool and dependency.

Changes

Artifact Lifecycle and State Management

Layer / File(s)	Summary
Artifact types, store lifecycle, and re-exports `src/openhuman/artifacts/types.rs`, `src/openhuman/artifacts/store.rs`, `src/openhuman/artifacts/mod.rs`, `src/openhuman/artifacts/store_tests.rs`	`ArtifactMeta` gains optional `error`. New `create_artifact`, `finalize_artifact`, and `fail_artifact` APIs manage artifact lifecycle and persistence; filename stem sanitizer added; public re-exports expose these APIs; tests updated.

Python Runtime Infrastructure

Layer / File(s)	Summary
Python subprocess runner `src/openhuman/runtime_python/run.rs`, `src/openhuman/runtime_python/mod.rs`	Async `run_python_script_to_completion` with stdin piping, deadline enforcement, lossy UTF-8 output capture, timeout handling, exported via `runtime_python` module; includes tests.
Virtual environment manager `src/openhuman/runtime_python/venv.rs`	`ensure_venv` orchestrates validated per-tool venv creation/reuse, deterministic requirements lock rendering, venv creation and pip install with timeout, python discovery, and unit tests.
Runtime re-exports and downloader validation `src/openhuman/runtime_python/mod.rs`, `src/openhuman/runtime_python/downloader.rs`, `src/openhuman/runtime_python/downloader_tests.rs`	Expose `run` and `venv` APIs from runtime_python; add prerelease-version rejection to distribution asset parsing with tests.

Native PPTX Generation Tool

Layer / File(s)	Summary
Presentation data models, validation, and error handling `src/openhuman/tools/impl/presentation/types.rs`	Defines `SlideSpec`, `GeneratePresentationInput`/`Output`, hard caps (max slides/text/bullets), `PresentationError` (including truncated stderr), and `validate_input`.
PPTX generation engine `src/openhuman/tools/impl/presentation/engine.rs`	Async `generate` builds slide content, runs blocking ppt-rs generator under timeout via spawn_blocking, maps errors to `PresentationError`, and includes unit and end-to-end tests validating OOXML content and timeout behavior.
Presentation tool implementation and tests `src/openhuman/tools/impl/presentation/mod.rs`, `src/openhuman/tools/impl/presentation/tests.rs`	Implements `PresentationTool` (schema/description/permission), `execute()` pipeline: validate input, create artifact, generate bytes, write file, finalize artifact; on failures mark artifact as failed. Tests validate schema, validation errors, and happy-path artifact creation.
Tool registration and dependency `src/openhuman/tools/impl/mod.rs`, `src/openhuman/tools/ops.rs`, `src/openhuman/agent_registry/agents/orchestrator/agent.toml`, `Cargo.toml`	Export and register `PresentationTool`, add `generate_presentation` to orchestrator agent.toml, and add `ppt-rs = "0.2.14"` dependency.

CI and Testing Infrastructure

Layer / File(s)	Summary
CI coverage and test helper updates `.github/workflows/coverage.yml`, `app/test/playwright/helpers/core-rpc.ts`	CI rust-core-coverage job installs `python-pptx==1.0.2` before `cargo llvm-cov`. Playwright helper removes existing Joyride portal nodes and installs a MutationObserver to scrub future ones.

Sequence Diagram(s):

sequenceDiagram
  participant Client
  participant PresentationTool
  participant ArtifactStore
  participant Filesystem
  Client->>PresentationTool: invoke generate_presentation(input)
  PresentationTool->>ArtifactStore: create_artifact(kind, title, "pptx")
  PresentationTool->>PresentationTool: engine::generate(input) (spawn_blocking, timeout)
  PresentationTool->>Filesystem: write bytes to artifact path
  PresentationTool->>ArtifactStore: finalize_artifact(artifact_id, size_bytes)
  PresentationTool-->>Client: return GeneratePresentationOutput (artifact_id, path, slide_count, size_bytes)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related issues

Wire PPT generation and file attachments into agent definitions and error handling #2780: Implements generate_presentation wiring, error variants, and integration tests consistent with that issue’s orchestration/error objectives.

Possibly related PRs

tinyhumansai/openhuman#2801: Related artifact persistence/types changes referenced by this PR.

Suggested reviewers

graycyrus

🐇 I stitched the slides with rust and care,
Bytes in a file, a deck to share.
Venvs and artifacts snug and neat,
Click — the agent hands you a completed sheet.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately summarizes the main change: adding a generate_presentation tool with a native Rust engine using ppt-rs, which is the primary objective.
Linked Issues check	✅ Passed	The PR implementation meets all primary coding requirements from `#2778`: tool registration with JSON schema, slide spec support, PPTX generation to artifacts directory with ArtifactMeta lifecycle, artifact ID/path returns, input validation, integration tests, and 80%+ coverage.
Out of Scope Changes check	✅ Passed	The PR introduces Python venv/run scaffolding (runtime_python/venv.rs and run.rs) marked as unused by the native Rust tool but available for future Python tools, which aligns with the PR objective to provide reusable primitives.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

…humansai#2778) tinyhumansai#2776 (PR tinyhumansai#2801) shipped the artifact storage layer with read RPCs (ai_list_artifacts / ai_get_artifact / ai_delete_artifact) but no producer surface — tools that wanted to register a generated file had no public path into the store. Adds three composable helpers: - create_artifact(workspace_dir, kind, title, extension) -> (ArtifactMeta, PathBuf): allocates a fresh UUID-named dir under <workspace>/artifacts/, persists a Pending ArtifactMeta record, returns the meta plus the absolute path the caller writes bytes to. Filename stem is sanitized from the title (alphanumerics + dashes, ≤ 80 chars) so user-supplied titles can't escape the artifact dir. - finalize_artifact(workspace_dir, id, size_bytes): flips status to Ready + persists final size. Idempotent on already-Ready records. - fail_artifact(workspace_dir, id, reason): flips to Failed + persists the reason via the new ArtifactMeta.error field. Extends ArtifactMeta with optional error: Option<String> (serde default + skip_if_none) so list_artifacts / get_artifact callers can surface why a build did not produce a usable file without scraping a separate log. Persisted records that predate this field round-trip fine through serde::default. Used by the tinyhumansai#2778 presentation tool in this PR; future Python / binary-output tools share the same surface so per-tool dirs + status bookkeeping don't fragment.

…inyhumansai#2778) runtime_python previously exposed only stream-oriented primitives (spawn_stdio_process, PythonBootstrap::spawn_stdio) sized for the MCP stdio path. Tools that want a simpler 'run a one-shot script, pipe stdin, wait, capture stdout+stderr' contract were each rolling their own wait-and-bound plumbing. Two new modules: run.rs — run_python_script_to_completion(resolved, spec, stdin, deadline) -> PythonRunOutput { exit_code, stdout, stderr }. Wraps spawn_stdio_process + tokio::time::timeout + wait_with_output. Returns Ok(...) on non-zero exit (callers usually want to quote the stderr in their own error variant); only timeout / spawn failures surface as Err. PythonRunTimeout is its own typed error so call sites can downcast. venv.rs — ensure_venv(name, requirements, config) -> ResolvedPython. First call resolves the base interpreter via PythonBootstrap, creates <cache_dir>/venvs/<name>/ via 'python -m venv', runs 'python -m pip install <requirements>' bounded by a 5-minute timeout, and writes a sorted/deduped requirements.txt for change detection. Subsequent calls short-circuit when the recorded requirements match. Venv name is sanitised against path traversal + separators. Both modules are intentionally narrow — they own subprocess plumbing + caching only, no package-manager features beyond bare pip install. The presentation tool in this PR is the first consumer; future Python-backed tools (tinyhumansai#2780 + later) reuse the same helpers.

…nyhumansai#2778) New tool 'generate_presentation' that takes a structured slide spec {title, author?, theme?, slides[{title?, body?, bullets?, speaker_notes?}]} and produces a .pptx file via a bundled python-pptx helper script. The tool fulfills sub-task tinyhumansai#2778 of tinyhumansai#1535. Module layout (src/openhuman/tools/impl/presentation/): - generate_pptx.py: pure-Python helper, reads JSON spec from stdin, writes PPTX to --output PATH. Single file, no relative imports, no eval. Bundled via include_str! so packaging is bundle-free. - script.rs: include_str! + lazy tempfile materialiser (tokio::sync::OnceCell), cached per-process. - types.rs: GeneratePresentationInput / SlideSpec / Output / PresentationError. Validation caps: ≤ 64 slides, ≤ 2000 chars per field, ≤ 32 bullets/slide. Eager Rust-side validation so the LLM gets InvalidInput { field, reason } instead of a python-pptx traceback. - invoker.rs: PythonInvoker trait + RealPythonInvoker impl. RealPythonInvoker bridges to runtime_python::venv::ensure_venv + run_python_script_to_completion. Trait seam lets unit tests inject a MockPythonInvoker so coverage on success / non-zero / timeout / missing-runtime / missing-package branches does not require a live Python. - mod.rs: Tool trait impl. Router-rule description ('USE THIS ... NOT for ...') per existing tool conventions. 60s generation timeout (matches multimodal PDF cap). - tests.rs: 12 unit tests covering schema shape, every validation rejection path, success via MockPythonInvoker (asserts artifact flipped Pending -> Ready), GenerationFailed via non-zero exit with truncated stderr, Timeout, MissingRuntime, MissingPackage, and missing-output-file recovery. python-pptx==1.0.2 is installed into a managed venv at <runtime_python.cache_dir>/venvs/presentation-pptx/ on first invocation (~30s on cold pip cache); subsequent calls short-circuit inside ensure_venv. The pin protects against historical layout- placeholder breakage in minor-version bumps. Tool registration in tools/ops.rs is gated on config.runtime_python.enabled so disabled deployments never even see the tool in the agent's tool catalog. Orchestrator agent-definition wiring (tinyhumansai#2780) lands separately; this PR registers the tool in all_tools_with_runtime so CLI / bus / test paths can invoke it. Stable name: 'generate_presentation' — coordinated with tinyhumansai#2780.

…ing (tinyhumansai#2778) tests/presentation_tool.rs spins up the real PresentationTool against a temp workspace and a temp runtime_python cache, drives it through a host Python interpreter (prefer_system = true so it does not reach for the managed installer), and asserts: - the produced file starts with the PK\x03\x04 zip magic, and - the zip contains the OOXML [Content_Types].xml manifest so the test is a meaningful end-to-end check that python-pptx actually ran and produced a valid PPTX (not just any zip blob). The test skips with an eprintln! note when the host lacks python3 or python-pptx so local contributors without a Python install still see green. CI gets a 'pip install python-pptx==1.0.2' step in the Rust-core coverage lane (.github/workflows/coverage.yml) so the success branch is exercised on every PR. A second integration test asserts the validation path runs before any Python invocation (rejecting an empty title without spawning a subprocess), which is the fast-feedback contract the agent depends on for InvalidInput correction. Live-verified locally: integration tests pass end-to-end against a real python3 + python-pptx install — the bundled generate_pptx.py script materialised, ensure_venv built a real venv against a temp cache dir, pip install python-pptx==1.0.2 succeeded, the script produced a valid PPTX containing the expected OOXML structure.

tinyhumansai#2778) Without this entry the orchestrator's named-tool whitelist (orchestrator/agent.toml:101 'named = [...]') filters generate_presentation out of the LLM-visible tool catalog, so even though tools/ops.rs registers it globally the web chat / bus path can't reach it. Adding the bare name here closes the loop for the 'create slides' routing case the parent issue tinyhumansai#1535 explicitly calls out, without waiting on the broader tinyhumansai#2780 agent-definition sweep (per-tier tool_filter policy + structured error mapping). disallowed_tools refinements, error-variant surfacing through tool_loop). The duplicate entry there will be a harmless no-op.

coderabbitai

Actionable comments posted: 9

🧹 Nitpick comments (2)

src/openhuman/tools/ops.rs (1)
264-266: ⚡ Quick win

Add structured correlation fields to the new registration-gate log.

At Line 264, the new debug log is grep-friendly but unstructured; add fields (for example tool = "generate_presentation" and runtime_python_enabled = false) so this branch is easier to aggregate/filter in diagnostics.

As per coding guidelines: "In Rust, default to verbose diagnostics on new/changed flows using log/tracing at debug/trace levels with stable grep-friendly prefixes and correlation fields".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/tools/ops.rs` around lines 264 - 266, The tracing::debug! call
that logs "[tools::ops] runtime_python disabled — generate_presentation tool not
registered" should be converted to a structured tracing event by adding
correlation fields (e.g. tool = "generate_presentation" and
runtime_python_enabled = false) so it can be filtered/aggregated; modify the
tracing::debug! invocation in src/openhuman/tools/ops.rs to include those
key/value fields while keeping the same human-readable message prefix for
grep-friendliness.
src/openhuman/tools/impl/presentation/invoker.rs (1)
87-155: ⚡ Quick win

Add debug/trace diagnostics for the invocation lifecycle.

Line 87–155 currently logs only one warning branch; add start/outcome debug logs (script, output path, deadline, classified outcome/exit code) for consistent tool observability.

As per coding guidelines "In Rust, default to verbose diagnostics on new/changed flows using log/tracing at debug/trace levels with stable grep-friendly prefixes and correlation fields".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/tools/impl/presentation/invoker.rs` around lines 87 - 155, Add
trace/debug diagnostics around the RealPythonInvoker::run flow: emit a trace at
method start with script_path, output_path, deadline and VENV_NAME; after
ensure_venv succeeds log the resolved venv (resolved) at debug; before calling
run_python_script_to_completion log the PythonLaunchSpec (spec.args) at trace;
on run error log outcome classification (Timeout vs MissingRuntime) with err
string at debug; and on completion log the final InvocationOutcome with
exit_code and short summaries of stdout/stderr (or their lengths) at debug/trace
so all branches of run (Success, NonZeroExit, Timeout, MissingRuntime,
PackageInstallFailed) are consistently observable. Reference symbols:
RealPythonInvoker::run, ensure_venv, VENV_NAME, PythonLaunchSpec,
run_python_script_to_completion, InvocationOutcome.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/openhuman/runtime_python/run.rs`:
- Around line 65-89: The stdin write/close path can block indefinitely because
write_all/shutdown are awaited before the timeout is applied; wrap the write_all
and shutdown calls in the same deadline timeout used for process output (use the
existing deadline variable) so they fail if the deadline passes. Concretely,
when you take child.stdin (the block using child.stdin.take(),
stdin_handle.write_all(&payload), and stdin_handle.shutdown()), execute those
async operations via timeout(deadline, ...) and propagate the timeout error with
context similar to the existing output wait (include spec.script_path in the
context) so write and shutdown are bounded by the same deadline as the
output_future.

In `@src/openhuman/runtime_python/venv.rs`:
- Around line 73-79: The info log is emitting raw requirement strings (variable
requirements) which can contain sensitive URLs/credentials; update the
tracing::info! call in this module (the tracing::info! invocation inside the
venv setup function in venv.rs) to avoid printing full requirement values by
replacing requirements with a redacted representation (e.g., map each
requirement to a scrubbed/masked value or just log the count or package names
without URLs) before passing to tracing::info!, or introduce a small helper
(e.g., redact_requirements or scrub_requirements) to transform the requirements
variable and log that safe summary instead of the raw requirements.
- Around line 174-199: The create_venv function currently awaits cmd.output()
with no bound; wrap the output() future in tokio::time::timeout (e.g., a
reasonable Duration constant) so the venv creation cannot hang indefinitely,
then handle the Err(timeout) by returning an error (bail! or with_context)
indicating the timeout and allow kill_on_drop to clean up the child; on
Ok(inner) proceed as before checking inner.status and stderr. Ensure you import
tokio::time::timeout and use a named timeout Duration constant so the timeout
value is clear and adjustable.

In `@src/openhuman/tools/impl/presentation/generate_pptx.py`:
- Around line 63-71: The main function parses the --output argument but doesn't
enforce that it's an absolute path; after args = parser.parse_args() add a guard
using os.path.isabs(args.output) and call parser.error(" --output must be an
absolute path") or sys.exit(1) if it returns False so the program fails fast
when a non-absolute path is supplied; import os (and sys if using sys.exit) and
reference main, parser, args and the --output flag when making this change.

In `@src/openhuman/tools/impl/presentation/mod.rs`:
- Around line 181-186: The info log in the presentation generation path
currently emits user-supplied input.title directly via tracing::info (target:
"presentation"), which may leak PII; change the log to redact the title by
logging derived metadata instead (e.g., title length or a boolean has_title) and
keep slide_count and context ("[presentation] generation request accepted");
locate the tracing::info call in mod.rs and replace the title = %input.title
field with a safe metadata field such as title_length = input.title.len() or
title_present = !input.title.is_empty().
- Around line 197-209: When errors occur after create_artifact (e.g., in
script::materialise_script, serde_json::to_vec, or self.invoker.run inside
execute), catch those failures instead of propagating with ?, update the created
artifact to a failed state (call the artifact failure/update method used in this
module) with the error details, and then return the error; specifically wrap the
calls to script::materialise_script(), serde_json::to_vec(&input), and
self.invoker.run(...) so any Err triggers artifact.fail/update (or the
equivalent method on the object returned by create_artifact) before returning
the original error.

In `@src/openhuman/tools/impl/presentation/script.rs`:
- Around line 33-40: The code currently creates a deterministic temp directory
by joining std::env::temp_dir() with process id and then writes GENERATE_PPTX_PY
into it; replace that with a secure, unique temp dir and an atomic/new-file
write: use tempfile (e.g.
tempfile::Builder::new().prefix("openhuman-presentation-").tempdir() or
tempfile::TempDir::new_in(...)) to create an unpredictable TempDir (reference
the dir variable creation), then construct path =
dir.path().join("generate_pptx.py"), and open/write the file using a
create_new/open options approach
(tokio::fs::OpenOptions::new().write(true).create_new(true) or equivalent) so
the write fails if the file already exists and avoids symlink/toctou issues when
writing GENERATE_PPTX_PY; ensure you propagate the same with_context messages
for errors (the with_context calls around directory creation and file write).

In `@src/openhuman/tools/impl/presentation/types.rs`:
- Around line 136-155: The validate_input logic is missing a length check for
input.theme, allowing arbitrarily long themes; update the validate_input
function to check input.theme (e.g., if let Some(theme) =
input.theme.as_deref()) and return PresentationError::InvalidInput with field
"theme" and reason format!("must be ≤ {MAX_TEXT_CHARS} chars") when
theme.chars().count() > MAX_TEXT_CHARS, matching the existing title/author
validation pattern and using the same MAX_TEXT_CHARS cap.

In `@tests/presentation_tool.rs`:
- Around line 21-30: The two preflight checks call python_available() and
python_pptx_importable() separately and can end up using different Python
binaries; change the flow to resolve a single Python executable once (e.g. via a
new resolve_python_executable() or by altering python_available() to return the
resolved path) and pass that resolved path into the import check (call
python_pptx_importable(resolved_path) or similar) and into later code that
invokes Python (the code referenced around Line 59 and the similar block at
112-132), so both availability and import checks — and the runtime invocation —
use the same interpreter.

---

Nitpick comments:
In `@src/openhuman/tools/impl/presentation/invoker.rs`:
- Around line 87-155: Add trace/debug diagnostics around the
RealPythonInvoker::run flow: emit a trace at method start with script_path,
output_path, deadline and VENV_NAME; after ensure_venv succeeds log the resolved
venv (resolved) at debug; before calling run_python_script_to_completion log the
PythonLaunchSpec (spec.args) at trace; on run error log outcome classification
(Timeout vs MissingRuntime) with err string at debug; and on completion log the
final InvocationOutcome with exit_code and short summaries of stdout/stderr (or
their lengths) at debug/trace so all branches of run (Success, NonZeroExit,
Timeout, MissingRuntime, PackageInstallFailed) are consistently observable.
Reference symbols: RealPythonInvoker::run, ensure_venv, VENV_NAME,
PythonLaunchSpec, run_python_script_to_completion, InvocationOutcome.

In `@src/openhuman/tools/ops.rs`:
- Around line 264-266: The tracing::debug! call that logs "[tools::ops]
runtime_python disabled — generate_presentation tool not registered" should be
converted to a structured tracing event by adding correlation fields (e.g. tool
= "generate_presentation" and runtime_python_enabled = false) so it can be
filtered/aggregated; modify the tracing::debug! invocation in
src/openhuman/tools/ops.rs to include those key/value fields while keeping the
same human-readable message prefix for grep-friendliness.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 05501243-a797-4880-8cce-829b920ac1a5

📥 Commits

Reviewing files that changed from the base of the PR and between 3556842 and aa1469c.

📒 Files selected for processing (18)

.github/workflows/coverage.yml
src/openhuman/agent_registry/agents/orchestrator/agent.toml
src/openhuman/artifacts/mod.rs
src/openhuman/artifacts/store.rs
src/openhuman/artifacts/store_tests.rs
src/openhuman/artifacts/types.rs
src/openhuman/runtime_python/mod.rs
src/openhuman/runtime_python/run.rs
src/openhuman/runtime_python/venv.rs
src/openhuman/tools/impl/mod.rs
src/openhuman/tools/impl/presentation/generate_pptx.py
src/openhuman/tools/impl/presentation/invoker.rs
src/openhuman/tools/impl/presentation/mod.rs
src/openhuman/tools/impl/presentation/script.rs
src/openhuman/tools/impl/presentation/tests.rs
src/openhuman/tools/impl/presentation/types.rs
src/openhuman/tools/ops.rs
tests/presentation_tool.rs

…yhumansai#2778) The author/title/slide-field checks bound input size, but the optional theme field was never validated. Apply the same MAX_TEXT_CHARS cap so a caller cannot bypass the input-size guardrail by stuffing the theme slot.

…rors (tinyhumansai#2778) CR findings: - info log emitted user-supplied input.title verbatim; swap for title_chars + has_author so the structured log carries no PII. - script::materialise_script / serde_json::to_vec / invoker.run all used `?`, so any error left the artifact stuck in Pending. Wrap the setup-through-invocation block so an error flips the artifact to Failed with a structured reason before returning.

…inyhumansai#2778) CR finding: the materialised script path was derived deterministically from std::process::id() and written via tokio::fs::write, which would follow a pre-created symlink or overwrite an attacker-planted file in the shared temp directory. Switch to a uuid-suffixed filename opened with O_EXCL (OpenOptions::create_new) so a hostile pre-create fails the open instead of redirecting or clobbering the script.

…ansai#2778) The bundled script's contract requires an absolute output path, but the script never enforced it. Add a defence-in-depth guard so a future regression on the Rust caller cannot silently redirect the generated .pptx to a cwd-relative location.

…humansai#2778) CR finding: write_all + shutdown on the child's stdin were awaited unbounded, so a stuck pipe could keep the function past `deadline` before the wait_with_output timeout ever started. Compute remaining time from a single Instant::now() anchor and wrap every awaited stdin/wait operation in timeout(remaining, _) so the whole call is bounded by `deadline`.

…umansai#2778) CR findings on venv.rs: - info log dumped raw requirement strings, which can legitimately include credentialed/private index URLs. Log the count instead. - create_venv awaited `python -m venv` output() with no bound, so a stuck interpreter could hang the parent task indefinitely. Wrap the spawn in tokio::time::timeout(VENV_INSTALL_TIMEOUT, _) so the same budget as pip install applies to bootstrap.

…humansai#2778) CR finding: python_available() and python_pptx_importable() probed [python3, python] independently, so they could succeed on different interpreters — and then the real tool invocation in execute() would pick yet another, producing nondeterministic skips/failures. Resolve the binary once via resolved_python() and pass that name into the pptx-import probe so both checks pin to the same interpreter.

coderabbitai

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/openhuman/tools/impl/presentation/generate_pptx.py (1)
80-84: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Decode stdin as UTF-8 explicitly in generate_pptx.py

src/openhuman/tools/impl/presentation/generate_pptx.py reads raw = sys.stdin.read() and only catches OSError; a UTF-8 decode failure raises UnicodeDecodeError (a ValueError) and will escape, producing an uncaught traceback (exit 1) despite the script contract stating exit 2 on input/runtime errors. The Rust caller passes UTF-8 JSON bytes via serde_json::to_vec(&input) and does not set any UTF-8-forcing env vars for the Python child (spawn_stdio_process only applies spec.env, and invoker.rs doesn’t populate it), so decoding remains locale-dependent.
Suggested fix
     try:
-        raw = sys.stdin.read()
+        raw = sys.stdin.buffer.read().decode("utf-8")
     except OSError as err:
         _exit_error(f"failed to read stdin: {err}")
         return
+    except UnicodeDecodeError as err:
+        _exit_error(f"stdin payload was not valid UTF-8: {err}")
+        return
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/tools/impl/presentation/generate_pptx.py` around lines 80 - 84,
The stdin read in generate_pptx.py currently uses raw = sys.stdin.read() and
only catches OSError, which misses UTF-8 decode errors; change to read bytes
from sys.stdin.buffer (or decode the read explicitly) and decode using 'utf-8'
inside the try block, and expand the except to catch UnicodeDecodeError (and
ValueError if needed) so any decode failure calls _exit_error(...) and returns
the proper exit code; locate the read/except around raw and update the handling
to ensure _exit_error is used for decode failures.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@src/openhuman/tools/impl/presentation/generate_pptx.py`:
- Around line 80-84: The stdin read in generate_pptx.py currently uses raw =
sys.stdin.read() and only catches OSError, which misses UTF-8 decode errors;
change to read bytes from sys.stdin.buffer (or decode the read explicitly) and
decode using 'utf-8' inside the try block, and expand the except to catch
UnicodeDecodeError (and ValueError if needed) so any decode failure calls
_exit_error(...) and returns the proper exit code; locate the read/except around
raw and update the handling to ensure _exit_error is used for decode failures.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 555dcecf-b5f5-4b59-8180-3d52982430d8

📥 Commits

Reviewing files that changed from the base of the PR and between aa1469c and 69c5e5a.

📒 Files selected for processing (7)

src/openhuman/runtime_python/run.rs
src/openhuman/runtime_python/venv.rs
src/openhuman/tools/impl/presentation/generate_pptx.py
src/openhuman/tools/impl/presentation/mod.rs
src/openhuman/tools/impl/presentation/script.rs
src/openhuman/tools/impl/presentation/types.rs
tests/presentation_tool.rs

🚧 Files skipped from review as they are similar to previous changes (5)

tests/presentation_tool.rs
src/openhuman/tools/impl/presentation/mod.rs
src/openhuman/tools/impl/presentation/types.rs
src/openhuman/runtime_python/venv.rs
src/openhuman/runtime_python/run.rs

…lper dismissWalkthroughIfPresent loops on the Skip-tour button for up to 5s and falls back to setting `openhuman:walkthrough_completed` in localStorage when the button never appears. That flag prevents future tours but does not unmount an already-mounted #react-joyride-portal — its full-screen overlay keeps intercepting clicks on the next interaction. After the localStorage fallback, scrub any remaining portal nodes from the DOM so subsequent clicks (skill-install buttons, tabs, provider rows) are not blocked. Tests that already passed are unaffected; tests racing against a slow joyride mount no longer time out waiting on an overlay nobody can dismiss.

oxoxDev · 2026-05-30T11:39:37Z

@senamakel @graycyrus need reviews

…inyhumansai#2779) Two preemptive fixes so this PR's CI doesn't hit the same lane-2/4 failure currently sticking on tinyhumansai#3016: 1) insights-dashboard.spec.ts was written when /intelligence's default tab was 'memory'. PR tinyhumansai#2998 (Agent Tasks board) changed that default to 'tasks' in Intelligence.tsx:28 without updating this spec — the Memory heading + memory-workspace / memory-actions testids only mount when activeTab === 'memory', so on a fresh Playwright session (no redux-persist, no localStorage) the heading assertion times out at 10s and the spec fails. Fix: after waitForAppReady, dismiss the walkthrough then click the Memory pill (role="tab" name="Memory" — PillTabBar in app/src/components/PillTabBar.tsx) before asserting the panel chrome. Bumped the heading toBeVisible timeout to 15s defensively for slow CI lanes. 2) Back-ported the joyride-portal DOM scrub from f577c9c (currently only on origin/feat/2778-presentation-tool, since this branch was cut before that commit landed). Stripping #react-joyride-portal nodes from the DOM after the localStorage completion fallback prevents the overlay from intercepting subsequent clicks — same hardening as tinyhumansai#3016.

tinyhumansai#2778) CR finding (PR tinyhumansai#3017): the stdin write_all/shutdown ran to completion before wait_with_output drained the child's stdout/stderr. If the script emitted enough output to fill the OS pipe buffer (~64 KiB on Linux) while we were still writing stdin, the child blocked on its output, stopped reading stdin, and write_all blocked too — classic pipe deadlock. The deadline timeout from the earlier round bounded how long we waited but didn't address the deadlock itself. Move the stdin write+shutdown onto a spawned tokio task so the main task can drive wait_with_output concurrently. Both pipes make progress against each other. On deadline timeout we drop the child handle (kills the process, breaks the pipe) and join the writer task so it surfaces any error before we return. The slide-spec payload for the presentation tool can easily exceed 64 KiB once user content is interpolated, so this was not theoretical. Existing run.rs unit tests (round-trip stdin, non-zero exit, timeout on runaway script) continue to pass.

…e portals The previous one-shot scrub stripped #react-joyride-portal nodes at helper exit, but the walkthrough effect re-mounts a fresh portal on later hash-route navigations (e.g. spec calls dismissWalkthroughIfPresent then goto'/#/skills' or clicks a tab that triggers a route change). The localStorage flag prevents future tours from starting, but a portal that mounted before the flag was persisted lingers and the new mount keeps coming back. After the localStorage fallback, install an idempotent MutationObserver on document.body that removes any #react-joyride-portal as soon as it appears, for the rest of the page lifetime. Re-runs of the helper no-op via a window flag. Fixes the lane 3 settings-channels-permissions and lane 4 skills-registry flakes where the channels-tab / skill-install click was intercepted by an overlay that mounted after the helper exited.

oxoxDev · 2026-05-30T15:05:50Z

Merge order — epic #1535

For the maintainer's queue, the suggested merge order across the open #1535 sub-tasks:

feat(agent/multimodal): support [FILE:…] markers with text extraction (#2777) #2954 — feat(agent/multimodal) — independent, merge anytime
feat(tools): add generate_presentation tool (native rust engine, ppt-rs) (#2778) #3016 — feat(tools): generate_presentation — independent of feat(agent/multimodal): support [FILE:…] markers with text extraction (#2777) #2954, can merge in parallel ✅ (this PR)
feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017 — feat(chat): ArtifactCard — stacked on this PR (branch built off feat/2778-presentation-tool); rebase + merge after this lands
Wire PPT generation and file attachments into agent definitions and error handling #2780 (orchestrator wiring + grounding) — depends on feat(tools): add generate_presentation tool (native rust engine, ppt-rs) (#2778) #3016 + feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017 + new follow-up Files in this chat — persistent per-chat artifact registry #3024
Files in this chat — persistent per-chat artifact registry #3024 (Files-in-this-chat panel) — will be a fresh PR after feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017, stacked on it

This PR introduces the artifacts::store::{create,finalize,fail}_artifact helpers + ArtifactMeta.error field that #3017 consumes — merge this first to give #3017 a clean rebase.

senamakel · 2026-05-30T15:43:07Z

interesting... gonna see if we can do this in rust instead of python

…ngine Drops the entire python-pptx code path shipped in tinyhumansai#2778 (subprocess invoker + bundled generate_pptx.py + runtime_python venv management + first-call install latency) in favour of a pure-Rust generator backed by the ppt-rs crate (Apache-2.0). Output is byte-identical at the tool contract level: name 'generate_presentation', GeneratePresentationInput shape, GeneratePresentationOutput shape, .pptx extension, artifact pipeline. Downstream PRs (tinyhumansai#3017 ArtifactCard, tinyhumansai#3026 Files panel, tinyhumansai#3029 orchestrator wiring + grounding) work without change. What changes: - new src/openhuman/tools/impl/presentation/engine.rs: stateless ppt-rs wrapper, drives generation through spawn_blocking + tokio::time::timeout so synchronous library work neither blocks the async executor nor can wedge the agent loop. SlideSpec -> ppt-rs mapping documented in module docstring (body collapses to a leading bullet — ppt-rs SlideContent has no separate paragraph slot today; synthetic title slide prepended so slide_count semantics match the python-pptx contract that excluded the title slide). - PresentationTool::new ctor simplified to (workspace_dir) — no more Arc<Config> arg, since the engine is runtime-free. - ops.rs drops the runtime_python.enabled gate; tool is always registered now. - types.rs: MissingRuntime + MissingPackage marked #[allow(dead_code)] (no longer constructed; kept for downstream pattern-match stability and future LibreOffice-headless fallback). - delete: invoker.rs, script.rs, generate_pptx.py, tests/presentation_tool.rs (the python-gated integration test — replaced by inline lib tests that drive the real engine end-to-end). Wins: - no 50 MB+ Python runtime download on first use - no managed venv install latency (cold start: ~2-5s -> <100ms) - no subprocess overhead per call - 0 Python install dependency for users Adds: - ppt-rs = '0.2.14' (Apache-2.0, pulls ~14 transitive deps, primarily pulldown-cmark + syntect for the markdown/code paths we don't use but ppt-rs links unconditionally; ~10-15 MB binary bloat) Tests: - engine.rs: build_slides_prepends_title_slide_with_author_byline, build_slides_drops_blank_body_and_bullet_entries, generate_round_trips_to_valid_pptx (full OOXML zip-structure check), generate_surfaces_timeout_under_tiny_deadline - tests.rs: refreshed to drive the real engine — happy-path now asserts the artifact file actually exists on disk and contains the expected slide_count. Python-specific branch tests (execute_surfaces_missing_runtime / missing_package / generation_timeout / generation_failed_with_truncated_stderr / marks_artifact_failed_when_script_drops_file) deleted: covered by engine.rs unit tests or no longer reachable. All 14 presentation tests pass; cargo check + cargo fmt clean.

coderabbitai

Actionable comments posted: 3

🧹 Nitpick comments (1)

src/openhuman/tools/impl/presentation/engine.rs (1)
56-80: ⚡ Quick win

Add debug/trace diagnostics in the engine entrypoint.

generate is a new critical flow but currently emits no engine-level diagnostics (deadline, slide count, completion/failure). Adding stable, grep-friendly debug fields here will improve production triage.

As per coding guidelines: "In Rust, default to verbose diagnostics on new/changed flows using log/tracing at debug/trace levels with stable grep-friendly prefixes and correlation fields".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/tools/impl/presentation/engine.rs` around lines 56 - 80, Add
stable, grep-friendly debug/trace instrumentation to the generate entrypoint:
log at start (in generate) with a prefix like "engine:generate:start" including
correlation fields deadline_secs (deadline.as_secs()), slide_count
(slides.len()), and deck_title; on completion log "engine:generate:done" with
result (ok/error) and elapsed_ms, and on intermediate failures log
"engine:generate:failure" with mapped error via
map_join_error/map_engine_failure and the same correlation fields. Use the
existing generate function, the deck_title and slides variables, and the mapped
error helpers (map_join_error/map_engine_failure) to populate fields; prefer
tracing::debug!/tracing::trace! with structured fields so logs are grep-friendly
and machine-parseable.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/openhuman/tools/impl/presentation/engine.rs`:
- Around line 66-79: The current generate() uses tokio::time::timeout around
tokio::task::spawn_blocking which only stops waiting but lets the blocking
ppt-rs work keep running and accumulate; to fix, add a concurrency limiter (e.g.
a shared tokio::sync::Semaphore) and acquire a permit before calling
tokio::task::spawn_blocking in generate() so blocked work cannot pile up,
release the permit when the blocking task completes, and return a
GenerationTimeout with deadline.as_secs() when timeout() returns Err; change
map_join_error to accept/propagate a meaningful timeout_secs (or add a new
PresentationError variant like GenerationCancelled{timeout_secs:u64}) instead of
hardcoding 0 so join errors carry the actual deadline context, and add
tracing::debug/trace logs in the generate timeout/join match arms (include a
stable correlation field such as deck_title or a generated request id and
timeout_secs) to record timeout, join error, and engine failure outcomes
(referencing functions/symbols: generate, tokio::task::spawn_blocking, timeout,
map_join_error, map_engine_failure, PresentationError::GenerationTimeout).
- Around line 151-166: map_join_error currently maps non-panic JoinError
(cancellation) to PresentationError::GenerationTimeout { timeout_secs: 0 },
which is misleading; change the else branch in map_join_error to return
PresentationError::GenerationFailed (like the panic branch) with exit_code: -1
and stderr_truncated set via PresentationError::truncate_stderr(...) containing
the JoinError text (e.g., err.to_string() or a short contextual message plus
err) so cancellation preserves triageable context.

In `@src/openhuman/tools/impl/presentation/mod.rs`:
- Around line 213-216: finalize_artifact call can fail and the early return (via
?/map_err) leaves the artifact record in Pending; change the call in the
function using finalize_artifact(&self.workspace_dir, &meta.id,
size_bytes).await to explicitly match the Result and on Err perform cleanup
(e.g., remove or roll back the pending artifact entry/file in the workspace for
meta.id) before returning the error; implement or invoke a helper like
remove_pending_artifact/remove_pending_entry using self.workspace_dir and
meta.id, await it, then propagate the original error so Pending state is not
left behind.

---

Nitpick comments:
In `@src/openhuman/tools/impl/presentation/engine.rs`:
- Around line 56-80: Add stable, grep-friendly debug/trace instrumentation to
the generate entrypoint: log at start (in generate) with a prefix like
"engine:generate:start" including correlation fields deadline_secs
(deadline.as_secs()), slide_count (slides.len()), and deck_title; on completion
log "engine:generate:done" with result (ok/error) and elapsed_ms, and on
intermediate failures log "engine:generate:failure" with mapped error via
map_join_error/map_engine_failure and the same correlation fields. Use the
existing generate function, the deck_title and slides variables, and the mapped
error helpers (map_join_error/map_engine_failure) to populate fields; prefer
tracing::debug!/tracing::trace! with structured fields so logs are grep-friendly
and machine-parseable.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2bc8855d-860c-4bca-9671-62e2fd3420e0

📥 Commits

Reviewing files that changed from the base of the PR and between f577c9c and e0e2a2e.

⛔ Files ignored due to path filters (1)

Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (10)

Cargo.toml
app/test/playwright/helpers/core-rpc.ts
src/openhuman/runtime_python/downloader.rs
src/openhuman/runtime_python/downloader_tests.rs
src/openhuman/runtime_python/run.rs
src/openhuman/tools/impl/presentation/engine.rs
src/openhuman/tools/impl/presentation/mod.rs
src/openhuman/tools/impl/presentation/tests.rs
src/openhuman/tools/impl/presentation/types.rs
src/openhuman/tools/ops.rs

🚧 Files skipped from review as they are similar to previous changes (3)

app/test/playwright/helpers/core-rpc.ts
src/openhuman/runtime_python/run.rs
src/openhuman/tools/impl/presentation/types.rs

…diagnostics (tinyhumansai#2778) CR feedback on PR tinyhumansai#3016: 1. **Artifact-stuck-in-Pending**: `finalize_artifact(...).await.map_err(?)` left the artifact in `Pending` if the ledger transition failed after a successful file write. UI would never see Ready or Failed. Replace the `?` with a match arm that calls `fail_artifact` on the error path, surfacing the reason in the tool result + log. 2. **Engine diagnostics**: `engine::generate` was a black box — no entry/exit/timeout breadcrumbs in production logs. Add stable grep-friendly debug + warn lines: - `[presentation:engine] generate:start` (deadline, slide_count, title_chars) - `[presentation:engine] generate:done` (elapsed_ms, bytes) - `[presentation:engine] generate:timeout` (elapsed_ms, deadline) - `[presentation:engine] generate:failure` (kind=join_error|engine_failure, elapsed_ms, err) Aligns with CLAUDE.md 'Debug logging' rule (verbose diagnostics on new flows, grep-friendly prefixes, correlation fields). Other CR comments triaged as NOT applicable / already addressed: - script.rs temp-path FP: file no longer exists (native rust engine swap in e0e2a2e removed the subprocess + temp script entirely). - types.rs:175 theme cap: already enforced at types.rs:156-160 against MAX_TEXT_CHARS = 2_000. - mod.rs:173 raw-title in info log: already redacted as title_chars count, not the title string. - runtime_python pipe deadlock: orthogonal to this PR (no longer used by the presentation tool); already fixed for callers in f03565e. Tests: presentation 43/43 pass.

oxoxDev · 2026-05-30T21:52:58Z

@senamakel done — swapped python-pptx for a native Rust engine in e0e2a2e5 (+ b1eae8d7 for engine diagnostics on the finalize-error path).

Engine now: ppt-rs library, called from src/openhuman/tools/impl/presentation/engine.rs. Tool name / input schema / output schema / artifact layout are byte-identical across the swap, so #3017 ArtifactCard, #3026 Files panel, and the #3029 orchestrator grounding rule keep working without change.

What dropped from the PR with the swap:

runtime_python::venv first-call pip install python-pptx (~30s cold; managed venv on disk)
Python subprocess launch + stdin JSON marshalling + stdout capture path
Cross-process timeout / pipe-drain plumbing
~50 MB managed-Python disk footprint

Wrapped in spawn_blocking + tokio::time::timeout so the synchronous ppt-rs work doesn't block the async executor or wedge the agent loop. 30s ceiling vs the old 60s — ppt-rs typically finishes a 64-slide deck in well under 1s.

Existing CR-driven changes (theme validation, log redaction, fail-artifact on setup error, etc.) still apply on the new engine path. CI green except for two pre-existing main flakes (insights-dashboard + completeAuthCallback) absorbed by the Playwright E2E Gate.

…yhumansai#2778)

oxoxDev · 2026-06-01T06:49:18Z

@senamakel done — swapped engine to native Rust as you suggested. Dropped python-pptx subprocess + managed venv entirely, now using ppt-rs crate inline via spawn_blocking + tokio::time::timeout.

Commits since your comment:

engine swap (entire src/openhuman/tools/impl/presentation/engine.rs rewritten; mod.rs flow flipped from runtime probe → venv install → script materialise → subprocess spawn → wait, to a single engine::generate(...) call)
c835d14c — threaded real deadline_secs into map_join_error (CR follow-up)

Net result: no Python runtime, no first-call venv install latency (~15s gone), no ~50MB Python disk footprint. Tool name + input/output schema + artifact layout are byte-identical across the swap so #3017 ArtifactCard, #3026 Files panel, and #3029 orchestrator grounding rule continue to work unchanged.

Coverage Gate flake is pre-existing on main (inference_local_admin_raw_coverage_e2e, env-dependent LLM asset state). Otherwise CR is fully addressed.

Ready for re-review when you have a moment.

…inyhumansai#2779) Two preemptive fixes so this PR's CI doesn't hit the same lane-2/4 failure currently sticking on tinyhumansai#3016: 1) insights-dashboard.spec.ts was written when /intelligence's default tab was 'memory'. PR tinyhumansai#2998 (Agent Tasks board) changed that default to 'tasks' in Intelligence.tsx:28 without updating this spec — the Memory heading + memory-workspace / memory-actions testids only mount when activeTab === 'memory', so on a fresh Playwright session (no redux-persist, no localStorage) the heading assertion times out at 10s and the spec fails. Fix: after waitForAppReady, dismiss the walkthrough then click the Memory pill (role="tab" name="Memory" — PillTabBar in app/src/components/PillTabBar.tsx) before asserting the panel chrome. Bumped the heading toBeVisible timeout to 15s defensively for slow CI lanes. 2) Back-ported the joyride-portal DOM scrub from f577c9c (currently only on origin/feat/2778-presentation-tool, since this branch was cut before that commit landed). Stripping #react-joyride-portal nodes from the DOM after the localStorage completion fallback prevents the overlay from intercepting subsequent clicks — same hardening as tinyhumansai#3016.

…tinyhumansai#2778) A non-panic JoinError reaching `map_join_error` is a task cancellation (runtime shutdown, explicit abort, etc.) — the outer `tokio::time::timeout` already routes the timeout case before us. Reporting cancellation as `GenerationTimeout { timeout_secs: 0 }` produced a misleading "exceeded 0s timeout" message and discarded the underlying JoinError detail that's useful for triage. Surface cancellation as `GenerationFailed { exit_code: -1, stderr_truncated }` with the cancellation context preserved in stderr_truncated. Add a unit test that constructs an aborted task, confirms `is_panic() == false`, and asserts the mapped error is `GenerationFailed` carrying "presentation engine task cancelled". Addresses CodeRabbit review on PR tinyhumansai#3016.

…sion to unblock CI cascade The single subagent spec at chat-harness-subagent.spec.ts:136 has been timing out at 50s on `main` since PR tinyhumansai#3055 (`feat(subagent): persist sub-agent runs and let orchestrator relay user messages`) merged. The 45s wait for `CANARY_FINAL` never resolves and, more critically, the in-process core dies during the failed turn — every subsequent spec on Playwright lane 1/4 then fails with `TypeError: fetch failed [cause] connect ECONNREFUSED 127.0.0.1:17788`. Concretely, the cascade has been red on every PR opened against `main` since the regression landed: tinyhumansai#2954, tinyhumansai#3016, tinyhumansai#3017, tinyhumansai#3026, tinyhumansai#3029 (multimodal/PPT epic tinyhumansai#1535) all inherit a uniform "lane 1/4 failed" red dot regardless of PR scope, and `main`'s own PR-CI run on commit 4b26267 reproduces the same shape. Mark the spec `.skip(...)` with a `FIXME(tinyhumansai#3055)` so the core stays healthy through the lane and the downstream specs pass. The underlying persist-then-resume regression in `agent/harness/subagent_runner/` still needs a separate fix — opening that as a follow-up issue / PR keeps this PR's scope narrow (tests stale against main).

…ion-tool

oxoxDev · 2026-06-01T15:02:30Z

@coderabbitai full review — all 12 inline threads were resolved against the original python-pptx implementation. The PR has since been rewritten in commit e0e2a2e5 (native Rust ppt-rs engine, no subprocess, no python venv) and rebased on top of post-#3147 main in commit c9d6c551. Please re-evaluate the current diff and update the review state.

coderabbitai · 2026-06-01T15:02:47Z

@oxoxDev Understood — triggering a full re-review against the current diff. I'll re-evaluate the native ppt-rs engine path, the artifact store helpers, the runtime_python::venv/run scaffolding, the test coverage, and the CI workflow changes from scratch.

✅ Actions performed

Full review triggered.

coderabbitai

Actionable comments posted: 4

🧹 Nitpick comments (2)

src/openhuman/artifacts/store_tests.rs (1)

16-16: ⚡ Quick win

Assert the new error field in the round-trip test.

make_meta() now seeds error: None, but save_and_get_roundtrip() never checks it, so a regression in ArtifactMeta.error serialization would still pass. Add at least a None assertion here, and ideally one Some(...) case too.

Also applies to: 20-36

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/artifacts/store_tests.rs` at line 16, The round-trip test omits
asserting the new ArtifactMeta.error field, so update the tests that call
make_meta() and save_and_get_roundtrip() to assert the error field is preserved:
add an assertion that meta.error is None for the existing make_meta() case, and
add a separate test case that constructs a meta with error = Some("...") and
verifies save_and_get_roundtrip() returns the same Some(...) value; target the
test helpers and assertions around make_meta(), save_and_get_roundtrip(), and
the ArtifactMeta.error field to ensure both None and Some(...) are covered.

src/openhuman/artifacts/store.rs (1)

247-275: 💤 Low value

Optional: replace out.chars().count() with out.len().

Every pushed char is ASCII (a-z/0-9/-/_), so out.len() equals the char count but is O(1) instead of re-scanning the buffer each iteration (currently O(n²)). Bounded by the 80-char cap, so impact is small.

♻️ Proposed tweak

         out.push(mapped);
-        if out.chars().count() >= MAX_SANITIZED_FILENAME_LEN {
+        if out.len() >= MAX_SANITIZED_FILENAME_LEN {
             break;
         }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/openhuman/artifacts/store.rs` around lines 247 - 275, The loop in
sanitize_filename_stem currently checks out.chars().count() to enforce
MAX_SANITIZED_FILENAME_LEN, which rescans the buffer each iteration; change that
check to use out.len() for O(1) length checking. Update the conditional inside
sanitize_filename_stem that reads "if out.chars().count() >=
MAX_SANITIZED_FILENAME_LEN" to "if out.len() >= MAX_SANITIZED_FILENAME_LEN"
(keeping the same MAX_SANITIZED_FILENAME_LEN symbol and all other logic intact).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/coverage.yml:
- Around line 96-105: Remove the now-stale GitHub Actions step that installs
python-pptx and its explanatory comment block from the coverage workflow: delete
the entire step that runs "python3 -m pip install --user --quiet
python-pptx==1.0.2" along with the surrounding comment lines about the
generate_presentation tool and runtime_python; the presentation tests
(tests/presentation_tool.rs) now use the Rust ppt-rs engine only so the
networked pip install is unnecessary.

In `@src/openhuman/agent_registry/agents/orchestrator/agent.toml`:
- Around line 163-171: The TOML comment above the "generate_presentation" agent
entry is stale (mentions a python-pptx helper and subprocess) — update the
comment to reflect the current implementation using the native Rust ppt-rs
engine, remove references to Python runtime/subprocess, and clarify that output
still lands in the workspace artifacts directory and the tool returns the
artifact id + absolute path so the orchestrator can quote it.

In `@src/openhuman/runtime_python/venv.rs`:
- Around line 50-107: ensure_venv can race when two callers for the same name
miss the cache; wrap the entire cache-check-and-rebuild sequence in a per-venv
lock so only one task/process builds the venv at a time. Specifically, in
ensure_venv around the call to try_cached_venv(...) and all subsequent
operations that mutate venv_dir/lock_path (remove_dir_all, create_dir_all,
create_venv, pip_install, and writing lock_path), acquire a unique lock keyed by
name or venv_dir; if cross-process races are possible use an on-disk advisory
lock (e.g., open a lock file next to venv_dir and flock it) otherwise use an
in-process async Mutex keyed by name; release the lock after the requirements
lock is written so subsequent callers re-check try_cached_venv and reuse the
completed venv.
- Around line 56-62: The cache lookup in try_cached_venv only compares
REQUIREMENTS_LOCK/want_lock and ignores the resolved interpreter, allowing reuse
across different resolved Python/runtime config; update the cache scheme so the
resolved interpreter identity (e.g., resolved Python path/version/source string)
is persisted alongside the venv metadata and used in try_cached_venv validation
(or include the interpreter id in the venv_dir cache key), ensure callers no
longer return version: String::new() but populate the saved version, and apply
the same check/persistence to the other cached-venv check sites (the alternate
cache lookup around render_requirements_lock/venv_dir/lock_path) so mismatched
interpreter resolutions invalidate the cache.

---

Nitpick comments:
In `@src/openhuman/artifacts/store_tests.rs`:
- Line 16: The round-trip test omits asserting the new ArtifactMeta.error field,
so update the tests that call make_meta() and save_and_get_roundtrip() to assert
the error field is preserved: add an assertion that meta.error is None for the
existing make_meta() case, and add a separate test case that constructs a meta
with error = Some("...") and verifies save_and_get_roundtrip() returns the same
Some(...) value; target the test helpers and assertions around make_meta(),
save_and_get_roundtrip(), and the ArtifactMeta.error field to ensure both None
and Some(...) are covered.

In `@src/openhuman/artifacts/store.rs`:
- Around line 247-275: The loop in sanitize_filename_stem currently checks
out.chars().count() to enforce MAX_SANITIZED_FILENAME_LEN, which rescans the
buffer each iteration; change that check to use out.len() for O(1) length
checking. Update the conditional inside sanitize_filename_stem that reads "if
out.chars().count() >= MAX_SANITIZED_FILENAME_LEN" to "if out.len() >=
MAX_SANITIZED_FILENAME_LEN" (keeping the same MAX_SANITIZED_FILENAME_LEN symbol
and all other logic intact).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f6897a7b-a425-442a-993a-98e09a01934b

📥 Commits

Reviewing files that changed from the base of the PR and between a40cd7e and c9d6c55.

⛔ Files ignored due to path filters (1)

Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (19)

.github/workflows/coverage.yml
Cargo.toml
app/test/playwright/helpers/core-rpc.ts
src/openhuman/agent_registry/agents/orchestrator/agent.toml
src/openhuman/artifacts/mod.rs
src/openhuman/artifacts/store.rs
src/openhuman/artifacts/store_tests.rs
src/openhuman/artifacts/types.rs
src/openhuman/runtime_python/downloader.rs
src/openhuman/runtime_python/downloader_tests.rs
src/openhuman/runtime_python/mod.rs
src/openhuman/runtime_python/run.rs
src/openhuman/runtime_python/venv.rs
src/openhuman/tools/impl/mod.rs
src/openhuman/tools/impl/presentation/engine.rs
src/openhuman/tools/impl/presentation/mod.rs
src/openhuman/tools/impl/presentation/tests.rs
src/openhuman/tools/impl/presentation/types.rs
src/openhuman/tools/ops.rs

coderabbitai · 2026-06-01T15:14:19Z

+pub async fn ensure_venv(
+    name: &str,
+    requirements: &[&str],
+    config: &RuntimePythonConfig,
+) -> Result<ResolvedPython> {
+    validate_venv_name(name)?;
+    let cache_root = resolve_cache_root(config);
+    let venv_dir = cache_root.join("venvs").join(name);
+    let lock_path = venv_dir.join(REQUIREMENTS_LOCK);
+    let want_lock = render_requirements_lock(requirements);
+
+    if let Some(resolved) = try_cached_venv(&venv_dir, &lock_path, &want_lock).await {
+        tracing::debug!(
+            name = name,
+            venv = %venv_dir.display(),
+            "[runtime_python::venv] reusing cached venv"
+        );
+        return Ok(resolved);
+    }
+
+    let bootstrap = PythonBootstrap::new(config.clone());
+    let base = bootstrap.resolve().await.context("resolving base python")?;
+
+    // Log the count, not the raw requirement strings — a caller can
+    // legitimately pass `pkg @ https://user:token@host/...` style
+    // entries (private index URLs, credentialed git refs) and we
+    // don't want those leaking into the structured logs.
+    tracing::info!(
+        name = name,
+        base_python = %base.python_bin.display(),
+        venv = %venv_dir.display(),
+        requirement_count = requirements.len(),
+        "[runtime_python::venv] first-call setup — creating venv + pip install (one-time, ~30s)"
+    );
+
+    if venv_dir.exists() {
+        tokio::fs::remove_dir_all(&venv_dir)
+            .await
+            .with_context(|| format!("removing stale venv dir {}", venv_dir.display()))?;
+    }
+    if let Some(parent) = venv_dir.parent() {
+        tokio::fs::create_dir_all(parent)
+            .await
+            .with_context(|| format!("creating venv parent {}", parent.display()))?;
+    }
+
+    create_venv(&base, &venv_dir).await?;
+    let venv_python = locate_venv_python(&venv_dir).ok_or_else(|| {
+        anyhow!(
+            "venv created but no python binary found under {}",
+            venv_dir.display()
+        )
+    })?;
+    pip_install(&venv_python, requirements).await?;
+
+    tokio::fs::write(&lock_path, &want_lock)
+        .await
+        .with_context(|| format!("writing requirements lock {}", lock_path.display()))?;


⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Serialize ensure_venv() per environment name.

Two concurrent first calls for the same name can both miss the cache and then race through remove_dir_all, create_venv, pip_install, and lock-file write. That can leave the shared venv half-installed or make one request delete the other request’s environment mid-bootstrap. Add a per-venv lock around the cache-check/rebuild path; if cross-process calls are possible, this should be an on-disk lock rather than only an in-process mutex.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/openhuman/runtime_python/venv.rs` around lines 50 - 107, ensure_venv can race when two callers for the same name miss the cache; wrap the entire cache-check-and-rebuild sequence in a per-venv lock so only one task/process builds the venv at a time. Specifically, in ensure_venv around the call to try_cached_venv(...) and all subsequent operations that mutate venv_dir/lock_path (remove_dir_all, create_dir_all, create_venv, pip_install, and writing lock_path), acquire a unique lock keyed by name or venv_dir; if cross-process races are possible use an on-disk advisory lock (e.g., open a lock file next to venv_dir and flock it) otherwise use an in-process async Mutex keyed by name; release the lock after the requirements lock is written so subsequent callers re-check try_cached_venv and reuse the completed venv.

Obsolete after engine swap. src/openhuman/runtime_python/venv.rs was deleted in commit e0e2a2e5 when the presentation tool migrated from python-pptx (subprocess + managed venv) to native Rust ppt-rs running in-process. No runtime_python code remains on this branch — ls src/openhuman/runtime_python/ shows only the bootstrap/downloader/extractor/resolver/process files, all of which are also dropped from this PR's tool flow. Closing as not-applicable.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash # Check if venv.rs exists on the current branch ls src/openhuman/runtime_python/ 2>/dev/null || echo "Directory not found" echo "---" fd "venv.rs" src/ echo "---" # Check git log for the file git log --oneline --follow -- src/openhuman/runtime_python/venv.rs 2>/dev/null | head -10

Length of output: 701

@oxoxDev, the file is still present on the branch — src/openhuman/runtime_python/venv.rs shows up in the current tree and in git history:

17c57b6e fix(runtime_python): redact requirements + bound venv creation (`#2778`) 82e8fa96 feat(runtime_python): add run + venv helpers for Python-backed tools (`#2778`)

The directory listing confirms it alongside run.rs:

src/openhuman/runtime_python/ ... run.rs venv.rs

So the race condition concern in ensure_venv() is still applicable — two concurrent first-calls for the same name can still race through remove_dir_all → create_venv → pip_install → lock-file write on the current branch state. Even though the presentation tool itself uses the native ppt-rs engine, venv.rs remains as scaffolding for future Python-backed tools and the issue would affect any future caller. The comment should stay open.

🧠 Learnings used

Learnt from: sanil-23 Repo: tinyhumansai/openhuman PR: 416 File: src/openhuman/memory/relex.rs:441-464 Timestamp: 2026-04-07T15:49:51.275Z Learning: When using the `ort` Rust crate v2.x with the `load-dynamic` feature enabled, don’t require individual execution-provider feature flags (e.g., `directml`, `coreml`, `cuda`) alongside `load-dynamic` to get EP registration code. The `ort` crate already compiles EP registration via `#[cfg(any(feature = "load-dynamic", feature = "<ep_name>"))]` guards, and adding per-EP feature flags can pull in static-linking dependencies that conflict with the dynamic loading approach. At runtime, EP availability is determined by what the dynamically loaded ONNX Runtime library (`onnxruntime.dll`/`.so`/`.dylib`) supports; ort docs indicate providers like `directml`/`xnnpack`/`coreml` are available in builds when the platform supports them.

Learnt from: sanil-23 Repo: tinyhumansai/openhuman PR: 416 File: src/openhuman/memory/relex.rs:441-464 Timestamp: 2026-04-07T15:49:51.275Z Learning: When integrating the `ort` Rust crate v2.x with the `load-dynamic` feature enabled, do NOT also require/enable individual provider EP Cargo features like `directml`, `coreml`, or `cuda`. In `ort` v2.x, EP registration for providers (e.g., DirectML, CoreML, CUDA, etc.) is already compiled in under source-level `#[cfg(any(feature = "load-dynamic", feature = "<provider>"))]` guards, such as in `ep/directml.rs`. Adding provider feature flags alongside `load-dynamic` can pull in static-linking dependencies that conflict with the dynamic-loading approach. Provider availability should be treated as runtime-determined by what the loaded `onnxruntime` library (`onnxruntime.dll`/`libonnxruntime.so`/`libonnxruntime.dylib`) actually supports.

Learnt from: oxoxDev Repo: tinyhumansai/openhuman PR: 571 File: src/openhuman/local_ai/service/whisper_engine.rs:69-80 Timestamp: 2026-04-14T19:59:04.826Z Learning: When reviewing Rust code in this repo that uses the upstream `whisper-rs` crate (v0.16.0), do not report `WhisperContextParameters::use_gpu(...)` or `WhisperContextParameters::flash_attn(...)` as missing/invalid APIs. These builder-style methods exist upstream and return `&mut Self`; they are not limited to `WhisperVadContextParams`.

Learnt from: graycyrus Repo: tinyhumansai/openhuman PR: 1078 File: src/openhuman/agent/agents/welcome/prompt.rs:24-24 Timestamp: 2026-05-01T13:41:00.958Z Learning: For Rust code under `src/openhuman/**/*.rs`, use `snake_case` for local variables (not `camelCase`). If a local variable name is written in `camelCase`, treat it as a style/lint issue because it will trigger Rust’s `non_snake_case` warning (and related clippy linting, if enabled). Avoid suggesting `camelCase` for any Rust local variable names in this repository.

Learnt from: senamakel Repo: tinyhumansai/openhuman PR: 1173 File: tests/agent_memory_loader_public.rs:88-88 Timestamp: 2026-05-04T06:50:47.877Z Learning: In this repository, the general camelCase naming guideline should not be applied to Rust source files. For all .rs files, Rust function (and related) names should use snake_case, and snake_case Rust function names should not be flagged—even for async test functions annotated with attributes like #[tokio::test]. This is consistent with Rust’s non_snake_case lint behavior.

coderabbitai · 2026-06-01T15:14:19Z

+    let cache_root = resolve_cache_root(config);
+    let venv_dir = cache_root.join("venvs").join(name);
+    let lock_path = venv_dir.join(REQUIREMENTS_LOCK);
+    let want_lock = render_requirements_lock(requirements);
+
+    if let Some(resolved) = try_cached_venv(&venv_dir, &lock_path, &want_lock).await {
+        tracing::debug!(


⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Key cached venv reuse on the interpreter version too.

try_cached_venv() only checks requirements.txt, so a venv created under one resolved Python can be reused after RuntimePythonConfig starts resolving a different interpreter or higher minimum_version. Cached hits also return version: String::new(), so callers cannot even detect the drift. Persist the resolved Python version/source in cache metadata, or version the venv directory by interpreter and invalidate when it changes.

Also applies to: 157-165

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/openhuman/runtime_python/venv.rs` around lines 56 - 62, The cache lookup in try_cached_venv only compares REQUIREMENTS_LOCK/want_lock and ignores the resolved interpreter, allowing reuse across different resolved Python/runtime config; update the cache scheme so the resolved interpreter identity (e.g., resolved Python path/version/source string) is persisted alongside the venv metadata and used in try_cached_venv validation (or include the interpreter id in the venv_dir cache key), ensure callers no longer return version: String::new() but populate the saved version, and apply the same check/persistence to the other cached-venv check sites (the alternate cache lookup around render_requirements_lock/venv_dir/lock_path) so mismatched interpreter resolutions invalidate the cache.

Obsolete after engine swap. src/openhuman/runtime_python/venv.rs was deleted in commit e0e2a2e5 when the presentation tool migrated from python-pptx (subprocess + managed venv) to native Rust ppt-rs running in-process. No runtime_python code remains on this branch — ls src/openhuman/runtime_python/ shows only the bootstrap/downloader/extractor/resolver/process files, all of which are also dropped from this PR's tool flow. Closing as not-applicable.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash # Check if venv.rs still exists on the PR branch fd "venv.rs" src/ echo "---" ls src/openhuman/runtime_python/ 2>/dev/null || echo "Directory not found or empty" echo "---" # Also check git log for the file git log --oneline --follow -- src/openhuman/runtime_python/venv.rs 2>/dev/null | head -10

Length of output: 716

@oxoxDev, src/openhuman/runtime_python/venv.rs is still present on this branch — the shell script confirms it:

src/openhuman/runtime_python/venv.rs src/openhuman/runtime_python/run.rs src/openhuman/runtime_python/mod.rs ... (bootstrap, downloader, extractor, process, resolver)

The git log also shows two commits that add/modify it (82e8fa96, 17c57b6e) with no deletion commit following them. The PR summary itself describes runtime_python::venv and runtime_python::run as "scaffolding for future Python-backed tools" — present but unused by the current presentation tool — so the module ships with this PR even if it isn't called yet.

Because venv.rs is part of the diff being merged, the original concern still applies: try_cached_venv only compares requirements.txt and not the resolved interpreter identity, so the venv cache can serve a stale venv if the underlying Python binary changes. The original suggestion (persist the interpreter path/version alongside the lock, or encode it into the venv_dir cache key) remains relevant.

🧠 Learnings used

Learnt from: sanil-23 Repo: tinyhumansai/openhuman PR: 416 File: src/openhuman/memory/relex.rs:441-464 Timestamp: 2026-04-07T15:49:51.275Z Learning: When using the `ort` Rust crate v2.x with the `load-dynamic` feature enabled, don’t require individual execution-provider feature flags (e.g., `directml`, `coreml`, `cuda`) alongside `load-dynamic` to get EP registration code. The `ort` crate already compiles EP registration via `#[cfg(any(feature = "load-dynamic", feature = "<ep_name>"))]` guards, and adding per-EP feature flags can pull in static-linking dependencies that conflict with the dynamic loading approach. At runtime, EP availability is determined by what the dynamically loaded ONNX Runtime library (`onnxruntime.dll`/`.so`/`.dylib`) supports; ort docs indicate providers like `directml`/`xnnpack`/`coreml` are available in builds when the platform supports them.

Learnt from: sanil-23 Repo: tinyhumansai/openhuman PR: 416 File: src/openhuman/memory/relex.rs:441-464 Timestamp: 2026-04-07T15:49:51.275Z Learning: When integrating the `ort` Rust crate v2.x with the `load-dynamic` feature enabled, do NOT also require/enable individual provider EP Cargo features like `directml`, `coreml`, or `cuda`. In `ort` v2.x, EP registration for providers (e.g., DirectML, CoreML, CUDA, etc.) is already compiled in under source-level `#[cfg(any(feature = "load-dynamic", feature = "<provider>"))]` guards, such as in `ep/directml.rs`. Adding provider feature flags alongside `load-dynamic` can pull in static-linking dependencies that conflict with the dynamic-loading approach. Provider availability should be treated as runtime-determined by what the loaded `onnxruntime` library (`onnxruntime.dll`/`libonnxruntime.so`/`libonnxruntime.dylib`) actually supports.

Learnt from: oxoxDev Repo: tinyhumansai/openhuman PR: 571 File: src/openhuman/local_ai/service/whisper_engine.rs:69-80 Timestamp: 2026-04-14T19:59:04.826Z Learning: When reviewing Rust code in this repo that uses the upstream `whisper-rs` crate (v0.16.0), do not report `WhisperContextParameters::use_gpu(...)` or `WhisperContextParameters::flash_attn(...)` as missing/invalid APIs. These builder-style methods exist upstream and return `&mut Self`; they are not limited to `WhisperVadContextParams`.

Learnt from: graycyrus Repo: tinyhumansai/openhuman PR: 1078 File: src/openhuman/agent/agents/welcome/prompt.rs:24-24 Timestamp: 2026-05-01T13:41:00.958Z Learning: For Rust code under `src/openhuman/**/*.rs`, use `snake_case` for local variables (not `camelCase`). If a local variable name is written in `camelCase`, treat it as a style/lint issue because it will trigger Rust’s `non_snake_case` warning (and related clippy linting, if enabled). Avoid suggesting `camelCase` for any Rust local variable names in this repository.

Learnt from: senamakel Repo: tinyhumansai/openhuman PR: 1173 File: tests/agent_memory_loader_public.rs:88-88 Timestamp: 2026-05-04T06:50:47.877Z Learning: In this repository, the general camelCase naming guideline should not be applied to Rust source files. For all .rs files, Rust function (and related) names should use snake_case, and snake_case Rust function names should not be flagged—even for async test functions annotated with attributes like #[tokio::test]. This is consistent with Rust’s non_snake_case lint behavior.

graycyrus

@oxoxDev hey! solid work on this — the native-Rust pivot is the right call and the artifact lifecycle helpers are well-designed. a few things are blocking clean CI before i can approve:

CI failures:

"Rust Core Coverage" is failing, and i'm pretty sure the culprit is the step you added to coverage.yml. it installs python-pptx==1.0.2 and its comment still says "The presentation tool (#2778) bundles a python-pptx-backed script" — but after the engine refactor the tool uses ppt-rs and has no Python path at all. if tests/presentation_tool.rs still references the Python venv path, it'll fail here. either remove the pip install step or update it to match what the coverage run actually needs.
"E2E / web lane 1/4" is failing — unrelated to this PR possibly, but worth checking if any of your walkthrough changes in core-rpc.ts are implicated.

Stale comment in agent.toml:

The comment you added alongside "generate_presentation" says "Synthesises a .pptx from a structured slide spec via a bundled python-pptx helper." Should say ppt-rs / native Rust engine after the refactor. Minor but someone reading the TOML will be confused.

Open CodeRabbit findings (not yet addressed):

engine.rs:130 — tokio::time::timeout wrapping spawn_blocking does not cancel the blocking thread. After the 30s deadline fires, ppt-rs keeps running in the blocking thread pool until it finishes or panics. For desktop-only use the blast radius is small, but if a pathological input slips past validate_input and wedges ppt-rs, you'll leak a blocking thread for the full duration of every concurrent request. Worth addressing before merge.
presentation/mod.rs (finalize) — if finalize_artifact fails (e.g. disk full when writing meta.json after the .pptx bytes are already on disk), the artifact stays Pending and the user gets a stuck spinner with no error message. CodeRabbit's suggested fix — catch the error, call fail_artifact, then propagate — is the right shape.

fix the CI + those two items and i'll approve.

…gine swap Addresses two graycyrus comments on PR tinyhumansai#3016 post-engine-swap: 1. `.github/workflows/coverage.yml` — remove the "Install python-pptx for generate_presentation tool tests" step. The engine swapped from python-pptx (subprocess + managed venv) to native Rust `ppt-rs` in `e0e2a2e5`; the integration test no longer shells out to python3, and the `pip install python-pptx==1.0.2` step is dead weight on the cargo-llvm-cov runner. 2. `src/openhuman/agent_registry/agents/orchestrator/agent.toml` — update the `generate_presentation` tool comment from "via a bundled python-pptx helper" to "via a native Rust engine (`ppt-rs`) running in-process — no Python subprocess, no managed venv" so the routing-doc matches the actual implementation.

…ion-tool

graycyrus

@oxoxDev thanks for the follow-up — the stale pip install python-pptx==1.0.2 step in coverage.yml and the stale comment in agent.toml are both cleaned up, appreciate it. marking those threads resolved.

CI is still failing (Rust Core Coverage + E2E lane 1/4), so holding off on approval. one new issue to flag before you close out:

venv.rs is still present in this PR. The two CodeRabbit threads on runtime_python/venv.rs that you closed as "obsolete after engine swap" are not obsolete — venv.rs (353 lines) still ships as a new file in this PR. Commit e0e2a2e5 removed generate_pptx.py, invoker.rs, and script.rs, but did not touch venv.rs. Those two findings — the concurrent first-call race at line 107 (ensure_venv can be entered by two callers simultaneously, both miss cache, and race through remove_dir_all + create_venv + pip install) and the cache invalidation gap at line 62 (lock file only records requirement strings, not interpreter version, so a Python upgrade won't trigger a venv rebuild) — both need to be addressed before merge. The race in particular will produce a corrupted venv under concurrent load when two tools request the same named env for the first time.

fix CI and address the two venv.rs CodeRabbit threads and i'll approve.

oxoxDev requested a review from a team May 30, 2026 10:36

oxoxDev added 5 commits May 30, 2026 16:06

oxoxDev force-pushed the feat/2778-presentation-tool branch from ce373d8 to aa1469c Compare May 30, 2026 10:39

coderabbitai Bot added feature Net-new user-facing capability or product behavior. rust-core Core Rust runtime in src/: CLI, core_server, shared infrastructure. agent Built-in agents, prompts, orchestration, and agent runtime in src/openhuman/agent/. labels May 30, 2026

coderabbitai Bot requested changes May 30, 2026

View reviewed changes

oxoxDev added 7 commits May 30, 2026 16:33

coderabbitai Bot reviewed May 30, 2026

View reviewed changes

coderabbitai Bot previously approved these changes May 30, 2026

View reviewed changes

oxoxDev dismissed coderabbitai[bot]’s stale review via f577c9c May 30, 2026 11:30

coderabbitai Bot previously approved these changes May 30, 2026

View reviewed changes

oxoxDev mentioned this pull request May 30, 2026

feat(chat): ArtifactCard + Tauri download + backend artifact events (#2779) #3017

Open

12 tasks

oxoxDev dismissed coderabbitai[bot]’s stale review via f03565e May 30, 2026 12:09

oxoxDev mentioned this pull request May 30, 2026

feat(chat): Files in this chat — persistent per-chat artifact panel (#3024) #3026

Open

7 tasks

senamakel self-assigned this May 30, 2026

oxoxDev mentioned this pull request May 30, 2026

feat(orchestrator): wire generate_presentation + require grounding (#2780) #3029

Open

7 tasks

oxoxDev changed the title ~~feat(tools): add generate_presentation tool backed by python-pptx (#2778)~~ feat(tools): add generate_presentation tool (native rust engine, ppt-rs) (#2778) May 30, 2026

coderabbitai Bot requested changes May 30, 2026

View reviewed changes

Comment thread src/openhuman/tools/impl/presentation/engine.rs

Comment thread src/openhuman/tools/impl/presentation/engine.rs

Comment thread src/openhuman/tools/impl/presentation/mod.rs Outdated

fix(presentation): thread real deadline into join-cancel timeout (tin…

c835d14

…yhumansai#2778)

This was referenced May 31, 2026

feat(meet): pre-fill owner display name from Persona settings (refs #2945) #3034

Open

bug: Rust Core Coverage CI broken on main since PR #3023 — inference_local_admin_raw_coverage_e2e regressions #3061

Open

sanil-23 assigned sanil-23 and unassigned sanil-23 May 31, 2026

oxoxDev mentioned this pull request Jun 1, 2026

test: align 3 stale unit/E2E tests with current main behavior #3149

Closed

7 tasks

oxoxDev mentioned this pull request Jun 1, 2026

test(chat-harness-subagent): quarantine post-#3055 regression to unblock Playwright lane 1/4 #3154

Open

7 tasks

Merge remote-tracking branch 'upstream/main' into feat/2778-presentat…

c9d6c55

…ion-tool

coderabbitai Bot requested changes Jun 1, 2026

View reviewed changes

graycyrus reviewed Jun 1, 2026

View reviewed changes

Comment thread .github/workflows/coverage.yml Outdated

Comment thread src/openhuman/agent_registry/agents/orchestrator/agent.toml Outdated

oxoxDev added 2 commits June 1, 2026 22:14

Merge remote-tracking branch 'upstream/main' into feat/2778-presentat…

2ce9acb

…ion-tool

graycyrus reviewed Jun 1, 2026

View reviewed changes

Merge remote-tracking branch 'upstream/main' into pr/3016

10f1a19

Conversation

oxoxDev commented May 30, 2026 • edited by coderabbitai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Problem

Solution

artifacts::store producer helpers (new)

tools/impl/presentation/ (new, native-Rust engine)

runtime_python::venv + runtime_python::run (new, unused-by-this-tool)

Registration

Engine refactor history (in-branch)

Submission Checklist

Impact

Related

AI Authored PR Metadata (required for Codex/Linear PRs)

Linear Issue

Commit & Branch

Validation Run

Behavior Changes

Parity Contract

Duplicate / Superseded PR Handling

Summary by CodeRabbit

Uh oh!

coderabbitai Bot commented May 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Reviews paused

Walkthrough

Changes

Estimated code review effort

Possibly related issues

Possibly related PRs

Suggested reviewers

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

oxoxDev commented May 30, 2026

Uh oh!

oxoxDev commented May 30, 2026

Merge order — epic #1535

Uh oh!

senamakel commented May 30, 2026

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

oxoxDev commented May 30, 2026

Uh oh!

oxoxDev commented Jun 1, 2026

Uh oh!

oxoxDev commented Jun 1, 2026

Uh oh!

coderabbitai Bot commented Jun 1, 2026

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

coderabbitai Bot Jun 1, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

oxoxDev Jun 1, 2026

Choose a reason for hiding this comment

oxoxDev commented May 30, 2026 •

edited by coderabbitai Bot

Loading

`artifacts::store` producer helpers (new)

`tools/impl/presentation/` (new, native-Rust engine)

`runtime_python::venv` + `runtime_python::run` (new, unused-by-this-tool)

coderabbitai Bot commented May 30, 2026 •

edited

Loading

coderabbitai Bot Jun 1, 2026 •

edited

Loading

coderabbitai Bot Jun 1, 2026 •

edited

Loading