From e7e5ed0367954325849b011339762df10fa5e6fc Mon Sep 17 00:00:00 2001
From: BKF-Gitty <bandark@mac.com>
Date: Sun, 19 Apr 2026 02:53:12 +0300
Subject: [PATCH] fix(subagent): also plumb role on forbidden spawn results

Codex review on PR 68726 noted the role context was only merged when
status === "error", but both ACP and subagent spawns return
status: "forbidden" for real failures the parent most needs to identify
in parallel spawns: ACP disabled, runtime policy, agent allowlist denial,
depth limit, max children, requireAgentId, and sandbox policy. Switch both
forwarded result sites to "status !== accepted" so forbidden also carries
the requested role.
---
 src/agents/tools/sessions-spawn-tool.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/agents/tools/sessions-spawn-tool.ts b/src/agents/tools/sessions-spawn-tool.ts
index 4fcc0359cad..44612f826c3 100644
--- a/src/agents/tools/sessions-spawn-tool.ts
+++ b/src/agents/tools/sessions-spawn-tool.ts
@@ -314,7 +314,7 @@ export function createSessionsSpawnTool(
           }
         }
         return jsonResult(
-          result.status === "error" && requestedAgentId
+          result.status !== "accepted" && requestedAgentId
             ? { ...result, role: requestedAgentId }
             : result,
         );
@@ -356,7 +356,7 @@ export function createSessionsSpawnTool(
       );
 
       return jsonResult(
-        result.status === "error" && requestedAgentId
+        result.status !== "accepted" && requestedAgentId
           ? { ...result, role: requestedAgentId }
           : result,
       );