fix: include context in elevated exec denial

2026-01-17 17:55:04 +00:00
parent 75588fe732
commit 252dfbcd40
4 changed files with 15 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -67,6 +67,7 @@ Docs: https://docs.clawd.bot
 ### Fixes
 - macOS: drain subprocess pipes before waiting to avoid deadlocks. (#1081) — thanks @thesash.
 - Verbose: wrap tool summaries/output in markdown only for markdown-capable channels.
 - Tools: include provider/session context in elevated exec denial errors.
 - Telegram: accept tg/group/telegram prefixes + topic targets for inline button validation. (#1072) — thanks @danielz1z.
 - Telegram: split long captions into follow-up messages.
 - Config: block startup on invalid config, preserve best-effort doctor config, and keep rolling config backups. (#1083) — thanks @mukhtharcm.
--- a/src/agents/bash-tools.exec.ts
+++ b/src/agents/bash-tools.exec.ts
@@ -75,6 +75,7 @@ export type ExecToolDefaults = {
  allowBackground?: boolean;
  scopeKey?: string;
  sessionKey?: string;
  messageProvider?: string;
  notifyOnExit?: boolean;
  cwd?: string;
 };
@@ -220,6 +221,11 @@ export function createExecTool(
        if (!elevatedDefaults?.enabled || !elevatedDefaults.allowed) {
          const runtime = defaults?.sandbox ? "sandboxed" : "direct";
          const gates: string[] = [];
          const contextParts: string[] = [];
          const provider = defaults?.messageProvider?.trim();
          const sessionKey = defaults?.sessionKey?.trim();
          if (provider) contextParts.push(`provider=${provider}`);
          if (sessionKey) contextParts.push(`session=${sessionKey}`);
          if (!elevatedDefaults?.enabled) {
            gates.push("enabled (tools.elevated.enabled / agents.list[].tools.elevated.enabled)");
          } else {
@@ -231,12 +237,15 @@ export function createExecTool(
            [
              `elevated is not available right now (runtime=${runtime}).`,
              `Failing gates: ${gates.join(", ")}`,
              contextParts.length > 0 ? `Context: ${contextParts.join(" ")}` : undefined,
              "Fix-it keys:",
              "- tools.elevated.enabled",
              "- tools.elevated.allowFrom.<provider>",
              "- agents.list[].tools.elevated.enabled",
              "- agents.list[].tools.elevated.allowFrom.<provider>",
-            ].join("\n"),
+            ]
              .filter(Boolean)
              .join("\n"),
          );
        }
        logInfo(
--- a/src/agents/bash-tools.test.ts
+++ b/src/agents/bash-tools.test.ts
@@ -150,6 +150,8 @@ describe("exec tool backgrounding", () => {
  it("rejects elevated requests when not allowed", async () => {
    const customBash = createExecTool({
      elevated: { enabled: true, allowed: false, defaultLevel: "off" },
      messageProvider: "telegram",
      sessionKey: "agent:main:main",
    });
    await expect(
@@ -157,7 +159,7 @@ describe("exec tool backgrounding", () => {
        command: "echo hi",
        elevated: true,
      }),
-    ).rejects.toThrow("tools.elevated.allowFrom.<provider>");
+    ).rejects.toThrow("Context: provider=telegram session=agent:main:main");
  });
  it("does not default to elevated when not allowed", async () => {
--- a/src/agents/pi-tools.ts
+++ b/src/agents/pi-tools.ts
@@ -182,6 +182,7 @@ export function createClawdbotCodingTools(options?: {
    allowBackground,
    scopeKey,
    sessionKey: options?.sessionKey,
    messageProvider: options?.messageProvider,
    sandbox: sandbox
      ? {
          containerName: sandbox.containerName,