feat(permissions): add permission denial tracking with escalating con…#2831
Open
chinesepowered wants to merge 1 commit intoQwenLM:mainfrom
Open
feat(permissions): add permission denial tracking with escalating con…#2831chinesepowered wants to merge 1 commit intoQwenLM:mainfrom
chinesepowered wants to merge 1 commit intoQwenLM:mainfrom
Conversation
…text Track per-tool permission denials across a session. When the model repeatedly attempts a denied tool, the error message escalates with guidance to try a different approach (after 2 denials) or stop retrying entirely (after 4 denials). Prevents frustrating dead-end loops where the model keeps retrying the same denied action.
chinesepowered
requested review from
DennisYu07,
DragonnZhang,
LaZzyMan,
Mingholy,
gwinthis,
pomelo-nwu and
tanzhenxin
as code owners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add permission denial tracking with escalating context to prevent the model from endlessly retrying denied tool calls.
TLDR
Adds a
PermissionDenialTrackerthat monitors per-tool permission denials across a session. When the model repeatedly attempts a denied tool, the error message escalates with contextual guidance: after 2 denials it suggests trying a different approach, and after 4 denials it strongly instructs the model to stop retrying and ask the user for help.Screenshots / Video Demo
N/A — no user-facing UI change. The behavior manifests as augmented error messages in the model's tool response when denials repeat.
Example progression:
Qwen Code requires permission to use "run_shell_command", but that permission was declined.[This tool has been denied 2 times this session. Consider trying a different approach instead of retrying.][This tool has been denied 4 times this session. STOP retrying this tool. Ask the user for guidance or use a different approach entirely.]Dive Deeper
PermissionDenialTrackerclass inpackages/core/src/services/permissionDenialTracker.tsrecordDenial(toolName, message)increments count and returns augmented message if threshold crossedresetTurn()resets per-turn counters while preserving session totalsgetSummary()returns all denial counts for downstream consumersEXECUTION_DENIEDerror paths incoreToolScheduler.ts:isToolEnabled()check (PM disabled tool)getPermissionsDeny()fallbackfinalPermission === 'deny'(security/rule violation)Modified files:
packages/core/src/services/permissionDenialTracker.ts— New tracker servicepackages/core/src/core/coreToolScheduler.ts— Import tracker, instantiate as field, wrap all EXECUTION_DENIED pathsReviewer Test Plan
run_shell_command) and ask the model to use it repeatedlynpx vitest run src/core/coreToolScheduler.test.ts(all 53 pass)Testing Matrix
Linked issues / bugs
Fixes #2819