Skip to content

Commit b42446e

Browse files
henrypark133claude
henrypark133
and
claude
committed
fix: keep original params in PendingApproval for execution, redact only for display
Address two PR review comments: 1. execute_chat_tool_standalone now redacts sensitive params before logging, matching the pattern already used in worker.rs. 2. PendingApproval previously stored redacted parameters, which meant approved tool calls received "[REDACTED]" instead of the actual values. Add a display_parameters field for UI/logs and keep parameters as the original values used for execution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent f1e07ac commit b42446e

3 files changed

Lines changed: 18 additions & 7 deletions

File tree

src/agent/dispatcher.rs

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -719,7 +719,8 @@ impl Agent {
719719
let pending = PendingApproval {
720720
request_id: Uuid::new_v4(),
721721
tool_name: tc.name.clone(),
722-
parameters: display_params,
722+
parameters: tc.arguments.clone(),
723+
display_parameters: display_params,
723724
description: tool.description().to_string(),
724725
tool_call_id: tc.id.clone(),
725726
context_messages: context_messages.clone(),
@@ -779,9 +780,10 @@ pub(super) async fn execute_chat_tool_standalone(
779780
.into());
780781
}
781782

783+
let safe_params = redact_params(params, tool.sensitive_params());
782784
tracing::debug!(
783785
tool = %tool_name,
784-
params = %params,
786+
params = %safe_params,
785787
"Tool call started"
786788
);
787789

@@ -1131,6 +1133,7 @@ mod tests {
11311133
request_id: uuid::Uuid::new_v4(),
11321134
tool_name: "shell".to_string(),
11331135
parameters: serde_json::json!({"command": "echo hi"}),
1136+
display_parameters: serde_json::json!({"command": "echo hi"}),
11341137
description: "Run shell command".to_string(),
11351138
tool_call_id: "call_1".to_string(),
11361139
context_messages: vec![],

src/agent/session.rs

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,8 +148,12 @@ pub struct PendingApproval {
148148
pub request_id: Uuid,
149149
/// Tool name requiring approval.
150150
pub tool_name: String,
151-
/// Tool parameters.
151+
/// Tool parameters (original values, used for execution).
152152
pub parameters: serde_json::Value,
153+
/// Redacted tool parameters (sensitive values replaced with `[REDACTED]`).
154+
/// Used for display in approval UI, logs, and SSE broadcasts.
155+
#[serde(default)]
156+
pub display_parameters: serde_json::Value,
153157
/// Description of what the tool will do.
154158
pub description: String,
155159
/// Tool call ID from LLM (for proper context continuation).
@@ -950,6 +954,7 @@ mod tests {
950954
request_id: Uuid::new_v4(),
951955
tool_name: "shell".to_string(),
952956
parameters: serde_json::json!({"command": "rm -rf /"}),
957+
display_parameters: serde_json::json!({"command": "rm -rf /"}),
953958
description: "dangerous command".to_string(),
954959
tool_call_id: "call_123".to_string(),
955960
context_messages: vec![ChatMessage::user("do it")],
@@ -974,6 +979,7 @@ mod tests {
974979
request_id: Uuid::new_v4(),
975980
tool_name: "http".to_string(),
976981
parameters: serde_json::json!({}),
982+
display_parameters: serde_json::json!({}),
977983
description: "test".to_string(),
978984
tool_call_id: "call_456".to_string(),
979985
context_messages: vec![],

src/agent/thread_ops.rs

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ use crate::channels::{IncomingMessage, StatusUpdate};
2121
use crate::context::JobContext;
2222
use crate::error::Error;
2323
use crate::llm::ChatMessage;
24+
use crate::tools::redact_params;
2425

2526
impl Agent {
2627
/// Hydrate a historical thread from DB into memory if not already present.
@@ -357,7 +358,7 @@ impl Agent {
357358
let request_id = pending.request_id;
358359
let tool_name = pending.tool_name.clone();
359360
let description = pending.description.clone();
360-
let parameters = pending.parameters.clone();
361+
let parameters = pending.display_parameters.clone();
361362
thread.await_approval(pending);
362363
let _ = self
363364
.channels
@@ -759,7 +760,7 @@ impl Agent {
759760
StatusUpdate::tool_completed(
760761
pending.tool_name.clone(),
761762
&tool_result,
762-
&pending.parameters,
763+
&pending.display_parameters,
763764
tool_ref.as_deref(),
764765
),
765766
&message.metadata,
@@ -1095,6 +1096,7 @@ impl Agent {
10951096
request_id: Uuid::new_v4(),
10961097
tool_name: tc.name.clone(),
10971098
parameters: tc.arguments.clone(),
1099+
display_parameters: redact_params(&tc.arguments, tool.sensitive_params()),
10981100
description: tool.description().to_string(),
10991101
tool_call_id: tc.id.clone(),
11001102
context_messages: context_messages.clone(),
@@ -1104,7 +1106,7 @@ impl Agent {
11041106
let request_id = new_pending.request_id;
11051107
let tool_name = new_pending.tool_name.clone();
11061108
let description = new_pending.description.clone();
1107-
let parameters = new_pending.parameters.clone();
1109+
let parameters = new_pending.display_parameters.clone();
11081110

11091111
{
11101112
let mut sess = session.lock().await;
@@ -1171,7 +1173,7 @@ impl Agent {
11711173
let request_id = new_pending.request_id;
11721174
let tool_name = new_pending.tool_name.clone();
11731175
let description = new_pending.description.clone();
1174-
let parameters = new_pending.parameters.clone();
1176+
let parameters = new_pending.display_parameters.clone();
11751177
thread.await_approval(new_pending);
11761178
let _ = self
11771179
.channels

0 commit comments

Comments
 (0)