Feature Request: Permission Denial Tracking with Contextual Fallback #2819
Description
What would you like to be added?
Feature Request: Permission Denial Tracking with Contextual Fallback
Problem
When the model repeatedly attempts a denied tool operation, it receives the same generic denial message each time with no additional context or escalation path. This creates frustrating dead-end loops where the model keeps retrying the same denied action. The existing LoopDetectionService tracks tool call repetitions and content chanting, but has no awareness of permission denials specifically.
Proposed Solution
Add a PermissionDenialTracker that:
- Tracks denial counts per tool name across the session, recording each
EXECUTION_DENIEDerror incoreToolScheduler.ts - Augments denial messages with escalating context when a tool has been denied multiple times:
- After 2 denials: append a note that the tool has been denied before and suggest trying a different approach
- After 3+ denials: append stronger guidance to stop retrying and ask the user for help or use alternative tools
- Provides a session summary method so downstream consumers (like the loop detection system) can query denial patterns
- Resets per turn for the consecutive-denial counter, but maintains session-level totals
Scope
- New service:
packages/core/src/services/permissionDenialTracker.ts - Changes to
packages/core/src/core/coreToolScheduler.ts(instantiate tracker, record denials at allEXECUTION_DENIEDsites, augment error messages)
Impact
Medium (prevents frustrating dead-end loops). Low effort.
Why is this needed?
When the model repeatedly attempts a denied tool operation, it receives the same generic denial message each time with no additional context or escalation path. This creates frustrating dead-end loops where the model keeps retrying the same denied action. The existing LoopDetectionService tracks tool call repetitions and content chanting, but has no awareness of permission denials specifically.
Additional context
No response