fix: drop spawned visibility list caps

2026-05-05 17:30:21 +00:00 · 2026-03-24 20:52:05 -05:00
parent 6651511e90
commit 2c1d16e261
2 changed files with 36 additions and 3 deletions
--- a/src/agents/tools/sessions-access.test.ts
+++ b/src/agents/tools/sessions-access.test.ts
@@ -1,4 +1,4 @@
-import { describe, expect, it } from "vitest";
+import { describe, expect, it, vi } from "vitest";
 import type { OpenClawConfig } from "../../config/config.js";
 import {
  createAgentToAgentPolicy,
@@ -8,6 +8,7 @@ import {
  resolveSandboxedSessionToolContext,
  resolveSessionToolsVisibility,
 } from "./sessions-access.js";
+import { __testing as sessionsResolutionTesting } from "./sessions-resolution.js";

 describe("resolveSessionToolsVisibility", () => {
  it("defaults to tree when unset or invalid", () => {
@@ -108,6 +109,38 @@ describe("createAgentToAgentPolicy", () => {
 });

 describe("createSessionVisibilityGuard", () => {
+  it("does not block exact same-agent spawned targets that fall past the spawned list cap", async () => {
+    sessionsResolutionTesting.setDepsForTest({
+      callGateway: vi.fn(async (request: { method?: string; params?: { key?: string } }) => {
+        if (request.method === "sessions.resolve") {
+          return { key: request.params?.key };
+        }
+        if (request.method === "sessions.list") {
+          return {
+            sessions: [
+              ...Array.from({ length: 500 }, (_, index) => ({
+                key: `agent:main:subagent:worker-${index}`,
+              })),
+              { key: "agent:main:subagent:worker-999" },
+            ],
+          };
+        }
+        return {};
+      }) as never,
+    });
+
+    const guard = await createSessionVisibilityGuard({
+      action: "history",
+      requesterSessionKey: "agent:main:main",
+      visibility: "tree",
+      a2aPolicy: createAgentToAgentPolicy({} as unknown as OpenClawConfig),
+    });
+
+    expect(guard.check("agent:main:subagent:worker-999")).toEqual({ allowed: true });
+
+    sessionsResolutionTesting.setDepsForTest();
+  });
+
  it("blocks cross-agent send when agent-to-agent is disabled", async () => {
    const guard = await createSessionVisibilityGuard({
      action: "send",
--- a/src/agents/tools/sessions-resolution.ts
+++ b/src/agents/tools/sessions-resolution.ts
@@ -57,14 +57,14 @@ export async function listSpawnedSessionKeys(params: {
  const limit =
    typeof params.limit === "number" && Number.isFinite(params.limit)
      ? Math.max(1, Math.floor(params.limit))
-      : 500;
+      : undefined;
  try {
    const list = await sessionsResolutionDeps.callGateway<{ sessions: Array<{ key?: unknown }> }>({
      method: "sessions.list",
      params: {
        includeGlobal: false,
        includeUnknown: false,
-        limit,
+        ...(limit !== undefined ? { limit } : {}),
        spawnedBy: params.requesterSessionKey,
      },
    });