Skip to content

Add next-turn parameters and tool-call approval to the agent loop#23

Merged
HiLleywyn merged 2 commits into
mainfrom
claude/extend-archimedes-tools-eS4Xb
May 19, 2026
Merged

Add next-turn parameters and tool-call approval to the agent loop#23
HiLleywyn merged 2 commits into
mainfrom
claude/extend-archimedes-tools-eS4Xb

Conversation

@HiLleywyn
Copy link
Copy Markdown
Owner

@HiLleywyn HiLleywyn commented May 19, 2026

Summary

Extends the agent loop with two within-turn controls from the OpenRouter Agent SDK, implemented so the sidecar stays stateless per turn (the test_sidecar_guards.py guard still holds) and conversation state stays in the bot.

  • Next-turn parameters. A tool may return a next_turn block in its result to steer the following model turn: a different model, a new temperature, a tighter max_output_tokens, or extra instructions. The sidecar wires every bridged tool to the SDK's nextTurnParams and forwards the directive on the tool_result frame; the in-process loop applies the same directive directly. Both paths honour the identical four parameters.
  • Tool-call approval. A tool call can be gated on a human yes/no. A gated call posts an Approve / Reject prompt in the channel and waits for the person who asked; a rejected call never runs and the model is handed a declined result so the turn continues. Gating is opt-in: tool names in AGENT_APPROVAL_TOOLS, risk tiers in AGENT_APPROVAL_RISKS, or requires_approval on a ToolSpec. With both config lists empty (the default) nothing is gated and behaviour is unchanged. Approval is resolved entirely on the bot side, and fails closed when no approver is reachable.
  • State. Per the chosen architecture, conversation state stays in the bot's existing stores; approval decisions are tracked within the turn and logged. No persistent SDK state surface is added to the sidecar.

The shared logic lives in the new ai/agent_control.py, used by both the in-process loop and the sidecar bridge. The wire protocol is bumped to v2 for the optional next_turn field; a version mismatch falls a turn back to the in-process loop as before, and that loop fully supports both features.

Changes

  • ai/agent_control.py (new) -- next_turn directive validation/application and the approval gate.
  • agent-sidecar/src/server.ts -- wires nextTurnParams, reads next_turn off tool_result, protocol v2.
  • ai/agent_sidecar.py, ai/tools.py -- approval gate plus next_turn handling on both agent paths; ToolSpec.requires_approval, ToolContext.approver.
  • cogs/chat.py, cogs/chat_views.py -- the Discord Approve / Reject prompt and renderer status line.
  • config.py, .env.example, README.md -- new AGENT_APPROVAL_* settings and docs.

Test plan

  • python -m pytest tests/ -- 157 passing, including the new tests/test_agent_control.py and the unchanged sidecar statelessness guard.
  • npm run build in agent-sidecar/ -- type-checks and builds clean.
  • python -m compileall config.py main.py framework ai cogs.
  • Live: a gated tool posts an Approve / Reject prompt; reject keeps the tool unrun; a next_turn directive retunes the following turn.

Generated by Claude Code

Lleywyn added 2 commits May 19, 2026 08:34
@Lleywyn
Add next-turn parameters and tool-call approval to the agent loop
c9743ed 
A tool may now return a next_turn block in its result to steer the
following model turn (model, temperature, token budget, instructions).
The sidecar feeds it to the Agent SDK's nextTurnParams; the in-process
loop applies it directly. Both paths honour the same four parameters.

Tool calls can be gated on human approval: list tool names in
AGENT_APPROVAL_TOOLS or risk tiers in AGENT_APPROVAL_RISKS, or set
requires_approval on a tool. A gated call posts an Approve / Reject
prompt in the channel; a rejected call never runs and the model is
told it was declined. Approval is resolved on the bot side, so the
sidecar stays stateless per turn and the build guard still holds.

Bumps the bridge protocol to v2 for the optional next_turn frame field.
@Lleywyn
Pick ripgrep or grep by search target in the shell tool
3ef8b5a 
Replace the vague "always use rg, fall back to grep if it fails"
guidance with a deterministic rule: rg searches a directory or the
whole workspace, grep searches a single named file. Updates the
shell.run description, its command example, the allowlist comment and
the README to match.
@HiLleywyn HiLleywyn merged commit 6d7dcae into main May 19, 2026
4 checks passed
@HiLleywyn HiLleywyn deleted the claude/extend-archimedes-tools-eS4Xb branch May 19, 2026 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@HiLleywyn @Lleywyn