[WIP] Tool guardrails #1606
[WIP] Tool guardrails #1606
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
Codex Review: Here are some suggestions.
Reply with @codex fix comments to fix any unresolved comments.
About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you open a pull request for review, mark a draft as ready, or comment "@codex review". If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex fix this CI failure" or "@codex address that feedback".
| if final_result is None: | ||
| # 2) Actually run the tool | ||
| await asyncio.gather( | ||
| hooks.on_tool_start(tool_context, agent, func_tool), | ||
| ( | ||
| agent.hooks.on_tool_start(tool_context, agent, func_tool) | ||
| if agent.hooks | ||
| else _coro.noop_coroutine() | ||
| ), | ||
| ) | ||
| real_result = await func_tool.on_invoke_tool( |
There was a problem hiding this comment.
[P1] Run tool start hooks concurrently with tool execution again
The run pipeline now awaits both hooks.on_tool_start callbacks to finish before invoking the tool itself. The docstring for RunHooksBase.on_tool_start states that these callbacks are “called concurrently with tool invocation,” and prior code used asyncio.gather to dispatch the start hooks and the tool coroutine together. After the guardrail refactor, the call at lines 579‑588 completes before func_tool.on_invoke_tool is awaited, so any slow hook will delay the actual tool call and violate the documented contract. Please launch the tool invocation concurrently with the start hooks (as before) or otherwise ensure the hook cannot block the tool run.
Useful? React with 👍 / 👎.
|
This PR is stale because it has been open for 10 days with no activity. |
|
This PR was closed because it has been inactive for 7 days since being marked as stale. |
- This PR was started from [PR 1606: Tool Guardrails](#1606) - It adds input and output guardrails at the tool level which can trigger `ToolInputGuardrailTripwireTriggered` and `ToolOutputGuardrailTripwireTriggered` exceptions - It includes updated documentation, a runnable example, and unit tests - `make check` and unit tests all pass ## Edits since last review: - Extracted nested tool running logic in `_run_impl.py` - Added rejecting tool call or tool call output and returning a message to the model (rather than only raising an exception) - Added the tool guardrail results to the `RunResult` - Removed docs
2 participants
No description provided.