@oh-my-pi/pi-agent-core 15.0.1 → 15.0.2

package/package.json

@@ -1,9 +1,9 @@
 {
 	"type": "module",
 	"name": "@oh-my-pi/pi-agent-core",
-	"version": "15.0.1",
+	"version": "15.0.2",
 	"description": "General-purpose agent with transport abstraction, state management, and attachment support",
-	"homepage": "https://github.com/can1357/oh-my-pi",
+	"homepage": "https://omp.sh",
 	"author": "Can Boluk",
 	"contributors": [
 		"Mario Zechner"
@@ -35,9 +35,9 @@
 		"fmt": "biome format --write ."
 	},
 	"dependencies": {
-		"@oh-my-pi/pi-ai": "15.0.1",
-		"@oh-my-pi/pi-natives": "15.0.1",
-		"@oh-my-pi/pi-utils": "15.0.1"
+		"@oh-my-pi/pi-ai": "15.0.2",
+		"@oh-my-pi/pi-natives": "15.0.2",
+		"@oh-my-pi/pi-utils": "15.0.2"
 	},
 	"devDependencies": {
 		"@sinclair/typebox": "^0.34.49",

package/src/agent-loop.ts

@@ -375,17 +375,7 @@ async function runLoop(
 
 			const toolResults: ToolResultMessage[] = [];
 			if (hasMoreToolCalls) {
-				const executionResult = await executeToolCalls(
-					currentContext.tools,
-					message,
-					signal,
-					stream,
-					config.getSteeringMessages,
-					config.interruptMode,
-					config.getToolContext,
-					config.transformToolCallArguments,
-					config.intentTracing,
-				);
+				const executionResult = await executeToolCalls(currentContext, message, signal, stream, config);
 
 				toolResults.push(...executionResult.toolResults);
 				steeringMessagesFromExecution = executionResult.steeringMessages;
@@ -633,16 +623,22 @@ function emitAbortedAssistantMessage(
  * Execute tool calls from an assistant message.
  */
 async function executeToolCalls(
-	tools: AgentTool<any>[] | undefined,
+	currentContext: AgentContext,
 	assistantMessage: AssistantMessage,
 	signal: AbortSignal | undefined,
 	stream: EventStream<AgentEvent, AgentMessage[]>,
-	getSteeringMessages?: AgentLoopConfig["getSteeringMessages"],
-	interruptMode: AgentLoopConfig["interruptMode"] = "immediate",
-	getToolContext?: AgentLoopConfig["getToolContext"],
-	transformToolCallArguments?: AgentLoopConfig["transformToolCallArguments"],
-	intentTracing?: AgentLoopConfig["intentTracing"],
+	config: AgentLoopConfig,
 ): Promise<{ toolResults: ToolResultMessage[]; steeringMessages?: AgentMessage[] }> {
+	const tools = currentContext.tools;
+	const {
+		getSteeringMessages,
+		interruptMode = "immediate",
+		getToolContext,
+		transformToolCallArguments,
+		intentTracing,
+		beforeToolCall,
+		afterToolCall,
+	} = config;
 	type ToolCallContent = Extract<AssistantMessage["content"][number], { type: "toolCall" }>;
 	const toolCalls = assistantMessage.content.filter((c): c is ToolCallContent => c.type === "toolCall");
 	const emittedToolResults: ToolResultMessage[] = [];
@@ -785,6 +781,24 @@ async function executeToolCalls(
 					throw validationError;
 				}
 			}
+
+			if (beforeToolCall) {
+				const beforeResult = await beforeToolCall(
+					{
+						assistantMessage,
+						toolCall,
+						args: effectiveArgs,
+						context: currentContext,
+					},
+					toolSignal,
+				);
+				if (beforeResult?.block) {
+					throw new Error(beforeResult.reason || "Tool execution was blocked");
+				}
+			}
+			// Reflect post-hook args so emitted tool results / afterToolCall see what actually executed.
+			record.args = effectiveArgs;
+
 			const toolContext = getToolContext
 				? getToolContext({
 						batchId,
@@ -802,7 +816,7 @@ async function executeToolCalls(
 						type: "tool_execution_update",
 						toolCallId: toolCall.id,
 						toolName: toolCall.name,
-						args: argsForExecution,
+						args: effectiveArgs,
 						partialResult: coerceToolResult(partialResult).result,
 					});
 				},
@@ -819,6 +833,36 @@ async function executeToolCalls(
 			isError = true;
 		}
 
+		if (afterToolCall) {
+			try {
+				const after = await afterToolCall(
+					{
+						assistantMessage,
+						toolCall,
+						args: record.args,
+						result,
+						isError,
+						context: currentContext,
+					},
+					toolSignal,
+				);
+				if (after) {
+					result = {
+						content: after.content ?? result.content,
+						details: after.details ?? result.details,
+						isError: after.isError ?? result.isError,
+					};
+					isError = after.isError ?? isError;
+				}
+			} catch (e) {
+				result = {
+					content: [{ type: "text", text: e instanceof Error ? e.message : String(e) }],
+					details: {},
+				};
+				isError = true;
+			}
+		}
+
 		if (interruptState.triggered) {
 			record.skipped = true;
 			emitToolResult(record, createSkippedToolResult(), true);

package/src/agent.ts

@@ -38,7 +38,7 @@ import type {
  * Default convertToLlm: Keep only LLM-compatible messages, convert attachments.
  */
 function defaultConvertToLlm(messages: AgentMessage[]): Message[] {
-	return messages.filter(m => m.role === "user" || m.role === "assistant" || m.role === "toolResult");
+	return messages.filter((m): m is Message => m.role === "user" || m.role === "assistant" || m.role === "toolResult");
 }
 
 function refreshToolChoiceForActiveTools(
@@ -208,6 +208,18 @@ export interface AgentOptions {
 	 * Cursor tool result callback for exec tool responses.
 	 */
 	cursorOnToolResult?: CursorToolResultHandler;
+
+	/**
+	 * Called after a tool call has been validated and is about to execute.
+	 * See {@link AgentLoopConfig.beforeToolCall} for full semantics.
+	 */
+	beforeToolCall?: AgentLoopConfig["beforeToolCall"];
+
+	/**
+	 * Called after a tool finishes executing, before `tool_execution_end` and the tool-result
+	 * message are emitted. See {@link AgentLoopConfig.afterToolCall} for full semantics.
+	 */
+	afterToolCall?: AgentLoopConfig["afterToolCall"];
 }
 
 export interface AgentPromptOptions {
@@ -277,6 +289,16 @@ export class Agent {
 
 	streamFn: StreamFn;
 	getApiKey?: (provider: string) => Promise<string | undefined> | string | undefined;
+	/**
+	 * Hook invoked after tool arguments are validated and before execution.
+	 * Reassign at any time to swap the implementation (e.g. on extension reload).
+	 */
+	beforeToolCall?: AgentLoopConfig["beforeToolCall"];
+	/**
+	 * Hook invoked after tool execution and before `tool_execution_end` / tool-result
+	 * message emission. Reassign at any time to swap the implementation.
+	 */
+	afterToolCall?: AgentLoopConfig["afterToolCall"];
 
 	constructor(opts: AgentOptions = {}) {
 		this.#state = { ...this.#state, ...opts.initialState };
@@ -312,6 +334,8 @@ export class Agent {
 		this.#getToolChoice = opts.getToolChoice;
 		this.#onAssistantMessageEvent = opts.onAssistantMessageEvent;
 		this.#onHarmonyLeak = opts.onHarmonyLeak;
+		this.beforeToolCall = opts.beforeToolCall;
+		this.afterToolCall = opts.afterToolCall;
 	}
 
 	/**
@@ -868,6 +892,8 @@ export class Agent {
 			cursorOnToolResult,
 			transformToolCallArguments: this.#transformToolCallArguments,
 			intentTracing: this.#intentTracing,
+			beforeToolCall: this.beforeToolCall ? (ctx, signal) => this.beforeToolCall?.(ctx, signal) : undefined,
+			afterToolCall: this.afterToolCall ? (ctx, signal) => this.afterToolCall?.(ctx, signal) : undefined,
 			onAssistantMessageEvent: this.#onAssistantMessageEvent,
 			onHarmonyLeak: this.#onHarmonyLeak,
 			getToolChoice,
@@ -945,7 +971,7 @@ export class Agent {
 			}
 
 			// Handle any remaining partial message
-			if (partial && partial.role === "assistant" && partial.content.length > 0) {
+			if (partial && partial.role === "assistant" && Array.isArray(partial.content) && partial.content.length > 0) {
 				const onlyEmpty = !partial.content.some(
 					c =>
 						(c.type === "thinking" && c.thinking.trim().length > 0) ||

package/src/types.ts

@@ -169,8 +169,43 @@ export interface AgentLoopConfig extends SimpleStreamOptions {
 	 * the next model call instead of waiting for the next prompt.
 	 */
 	getReasoning?: () => Effort | undefined;
+
+	/**
+	 * Called after a tool call has been validated and is about to execute.
+	 *
+	 * Return `{ block: true }` to prevent execution. The loop emits an error tool
+	 * result instead (using `reason` as the error text, or a default if omitted).
+	 *
+	 * Mutating `context.args` in place changes the arguments passed to `tool.execute`
+	 * — the loop does **not** re-validate after this hook runs.
+	 *
+	 * The hook receives the tool abort signal (`signal`) and is responsible for
+	 * honoring it. Throwing surfaces as a tool-error result and does not abort the
+	 * rest of the batch.
+	 */
+	beforeToolCall?: (
+		context: BeforeToolCallContext,
+		signal?: AbortSignal,
+	) => Promise<BeforeToolCallResult | undefined> | BeforeToolCallResult | undefined;
+
+	/**
+	 * Called after a tool finishes executing, before `tool_execution_end` and the
+	 * tool-result message are emitted.
+	 *
+	 * Return an `AfterToolCallResult` to override individual fields of the executed
+	 * tool result. Omitted fields keep their original values; there is no deep merge.
+	 *
+	 * Throwing surfaces as a tool-error result and does not abort the rest of the batch.
+	 */
+	afterToolCall?: (
+		context: AfterToolCallContext,
+		signal?: AbortSignal,
+	) => Promise<AfterToolCallResult | undefined> | AfterToolCallResult | undefined;
 }
 
+/**
+ * Batch/sequencing metadata for the tool call currently being processed.
+ */
 export interface ToolCallContext {
 	batchId: string;
 	index: number;
@@ -178,6 +213,69 @@ export interface ToolCallContext {
 	toolCalls: Array<{ id: string; name: string }>;
 }
 
+/** A single tool-call content block emitted by an assistant message. */
+export type AgentToolCall = Extract<AssistantMessage["content"][number], { type: "toolCall" }>;
+
+/**
+ * Result returned from `beforeToolCall`.
+ *
+ * Set `block: true` to prevent the tool from executing. The loop emits an error tool
+ * result instead, using `reason` as the error text (or a default if omitted).
+ *
+ * Mutating the `args` reference passed in `BeforeToolCallContext` is supported and
+ * survives into execution — the loop does **not** re-validate after this hook runs.
+ */
+export interface BeforeToolCallResult {
+	block?: boolean;
+	reason?: string;
+}
+
+/**
+ * Partial override returned from `afterToolCall`.
+ *
+ * Merge semantics are field-by-field; omitted fields keep the executed values.
+ * No deep merge is performed.
+ */
+export interface AfterToolCallResult {
+	/** If provided, replaces the tool result content array in full. */
+	content?: (TextContent | ImageContent)[];
+	/** If provided, replaces the tool result details payload in full. */
+	details?: unknown;
+	/** If provided, replaces the error flag carried with the tool result. */
+	isError?: boolean;
+}
+
+/** Context passed to `beforeToolCall`. */
+export interface BeforeToolCallContext {
+	/** The assistant message that requested the tool call. */
+	assistantMessage: AssistantMessage;
+	/** The raw tool call block from `assistantMessage.content`. */
+	toolCall: AgentToolCall;
+	/**
+	 * Validated tool arguments. The same reference is forwarded to `tool.execute`
+	 * (after any `transformToolCallArguments` pass), so in-place mutations stick.
+	 */
+	args: Record<string, unknown>;
+	/** Current agent context at the time the tool call is prepared. */
+	context: AgentContext;
+}
+
+/** Context passed to `afterToolCall`. */
+export interface AfterToolCallContext {
+	/** The assistant message that requested the tool call. */
+	assistantMessage: AssistantMessage;
+	/** The raw tool call block from `assistantMessage.content`. */
+	toolCall: AgentToolCall;
+	/** Validated tool arguments used for execution (post `beforeToolCall` mutations). */
+	args: Record<string, unknown>;
+	/** The executed tool result before any `afterToolCall` overrides are applied. */
+	result: AgentToolResult<any>;
+	/** Whether the executed tool result is currently treated as an error. */
+	isError: boolean;
+	/** Current agent context at the time the tool call is finalized. */
+	context: AgentContext;
+}
+
 /**
  * Extensible interface for custom app messages.
  * Apps can extend via declaration merging: