You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cold session in /private/tmp/tmb-marketplace running tmb-rc@0.3.2. After SWE returned task 3 with status='completed', bro proceeded to its task-gate verification flow and called:
But bro ignored the error and proceeded to call task_update_status(closed) + issue_close + emit a 'Trust me bro, it works' message to the Human. From the Human's view the task closed cleanly; in reality no verification trace was recorded.
Halt the close flow until a corrective path is taken
The combination is dangerous: the server's role enforcement is working, but it's invisible because bro hides the rejection.
Trace
CC session log: ~/.claude/projects/-private-tmp-tmb-marketplace/fccc58b7-1030-4a99-b499-88dfd9bdc415.jsonl line items 23 (validation_record call) → 21 (task_update_status closed) → 22 (issue_close) — all in one turn, no error surfaced to Human.
Fix proposal
In bro's CLAUDE.md task-gate doctrine, add:
If any MCP call returns is_error:true, you MUST surface the exact error to the Human. Never silently proceed to subsequent steps as if the call succeeded.
And in the planning skills, remove any guidance that suggests bro call validation_record — that's pr-reviewer-only. Bro writes ledger_log(event_type='bro_verification_pass') instead (#91).
Repro
Cold session in /private/tmp/tmb-marketplace running tmb-rc@0.3.2. After SWE returned task 3 with status='completed', bro proceeded to its task-gate verification flow and called:
The server correctly rejected per the role-enforcement middleware:
{ "is_error": true, "error": "forbidden", "tool": "validation_record", "caller_role": "bro", "allowed_roles": ["pr-reviewer"] }But bro ignored the error and proceeded to call
task_update_status(closed)+issue_close+ emit a 'Trust me bro, it works' message to the Human. From the Human's view the task closed cleanly; in reality no verification trace was recorded.Why this matters
Two distinct doctrine failures:
Wrong channel (covered by Bro doesn't write bro_verification_pass ledger event before closing task #91) — bro should NEVER call
validation_record; that's pr-reviewer at the push gate. Bro's task-gate verification belongs inledger_log(event_type='bro_verification_pass', ...).Silent error swallow (THIS issue) — even if Bro doesn't write bro_verification_pass ledger event before closing task #91 fixes the channel, bro should not silently proceed when an MCP call returns
is_error:true. Should at minimum:The combination is dangerous: the server's role enforcement is working, but it's invisible because bro hides the rejection.
Trace
CC session log:
~/.claude/projects/-private-tmp-tmb-marketplace/fccc58b7-1030-4a99-b499-88dfd9bdc415.jsonlline items 23 (validation_record call) → 21 (task_update_status closed) → 22 (issue_close) — all in one turn, no error surfaced to Human.Fix proposal
In bro's CLAUDE.md task-gate doctrine, add:
And in the planning skills, remove any guidance that suggests bro call
validation_record— that's pr-reviewer-only. Bro writesledger_log(event_type='bro_verification_pass')instead (#91).Related
Found during cold-session dogfood test 3 of marketplace install of tmb-rc@0.3.2.