Skip to content

CLI crashes with FunctionCallValidationError: Missing required parameter 'security_risk' for execute_bashΒ #11378

New issue
New issue
Open
Open
CLI crashes with FunctionCallValidationError: Missing required parameter 'security_risk' for execute_bash#11378
Labels
CLIRelated to the command line interfaceagent-sdkbugSomething isn't working
@jpshackelford

Description

@jpshackelford
jpshackelford
opened on Oct 15, 2025

Summary

The OpenHands CLI crashes with a FunctionCallValidationError when the LLM generates an execute_bash function call without the required security_risk parameter.

Error Details

Error: Missing required parameters for function 'execute_bash': {'security_risk'}
Traceback (most recent call last):
  File "openhands/sdk/llm/mixins/fn_call_converter.py", line 739, in _extract_and_validate_params
openhands.sdk.llm.exceptions.FunctionCallValidationError: Missing required parameters for function 'execute_bash': {'security_risk'}

Steps to Reproduce

  1. Enable security-based confirmation mode:

    > Auto-confirm LOW/MEDIUM risk, ask for HIGH risk

  2. Trigger an execute_bash function call:

    • Use any prompt that would cause the agent to run a bash command
    • The LLM generates a function call for execute_bash

  3. Observe the crash:

    • Function call validation fails in fn_call_converter.py
    • CLI crashes with FunctionCallValidationError

Expected Behavior

  • The execute_bash function call should include all required parameters
  • Function call validation should pass
  • The command should execute normally

Actual Behavior

  • LLM generates execute_bash call without security_risk parameter
  • Function call validation fails
  • CLI crashes with unhandled exception

Environment

  • OpenHands CLI version: Latest (main branch)
  • Confirmation mode: Auto-confirm LOW/MEDIUM risk, ask for HIGH risk
  • Agent-SDK integration: Using new agent-sdk structure

Technical Details

Error Location

  • File: openhands/sdk/llm/mixins/fn_call_converter.py
  • Line: 739
  • Function: _extract_and_validate_params

Complete Stack Trace

Traceback (most recent call last):
  File "openhands_cli/simple_main.py", line 45, in main
  File "openhands_cli/agent_chat.py", line 174, in run_cli_entry
  File "openhands_cli/runner.py", line 83, in process_message
  File "openhands_cli/runner.py", line 103, in _run_with_confirmation
  File "openhands/sdk/conversation/impl/local_conversation.py", line 245, in run
  File "openhands/sdk/agent/agent.py", line 209, in step
  File "openhands/sdk/agent/agent.py", line 187, in step
  File "openhands/sdk/llm/llm.py", line 476, in completion
  File "tenacity/__init__.py", line 338, in wrapped_f
  File "tenacity/__init__.py", line 477, in __call__
  File "tenacity/__init__.py", line 378, in iter
  File "tenacity/__init__.py", line 400, in <lambda>
  File "concurrent/futures/_base.py", line 449, in result
  File "concurrent/futures/_base.py", line 401, in __get_result
  File "tenacity/__init__.py", line 480, in __call__
  File "openhands/sdk/llm/llm.py", line 461, in _one_attempt
  File "openhands/sdk/llm/mixins/non_native_fc.py", line 82, in post_response_prompt_mock
  File "openhands/sdk/llm/mixins/fn_call_converter.py", line 957, in convert_non_fncall_messages_to_fncall_messages
  File "openhands/sdk/llm/mixins/fn_call_converter.py", line 739, in _extract_and_validate_params
openhands.sdk.llm.exceptions.FunctionCallValidationError: Missing required parameters for function 'execute_bash': {'security_risk'}

Root Cause Analysis

The issue occurs in the function call validation process:

  1. LLM generates function call: Creates execute_bash call without security_risk parameter
  2. Function call converter processes it: convert_non_fncall_messages_to_fncall_messages in fn_call_converter.py
  3. Parameter validation fails: _extract_and_validate_params expects security_risk parameter but doesn't find it
  4. Exception thrown: FunctionCallValidationError crashes the CLI

Impact

  • CLI becomes completely unusable when this occurs
  • User cannot proceed with their task
  • No graceful error handling or recovery

Suggested Solution

  1. Investigate why LLM omits security_risk parameter:

    • Check if function definition includes security_risk as required
    • Verify prompt templates include security risk guidance

  2. Add better error handling:

    • Catch FunctionCallValidationError and provide user-friendly message
    • Allow user to retry or modify the request

  3. Parameter defaulting:

    • Consider defaulting missing security_risk parameter to UNKNOWN or MEDIUM
    • Log warning when parameters are auto-defaulted

Files to investigate

  • openhands/sdk/llm/mixins/fn_call_converter.py (validation logic)
  • Function definition for execute_bash tool
  • Prompt templates that define function calling format

Metadata

Metadata

Assignees

No one assigned

    Labels

    CLIRelated to the command line interfaceagent-sdkbugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions