ag2 0.9.10__py3-none-any.whl → 0.10.0__py3-none-any.whl

autogen/agentchat/group/guardrails.py

@@ -7,7 +7,7 @@ import re
 from abc import ABC, abstractmethod
 from typing import TYPE_CHECKING, Any
 
-from pydantic import BaseModel, Field
+from pydantic import BaseModel, ConfigDict, Field
 
 from ...oai.client import OpenAIWrapper
 
@@ -16,32 +16,6 @@ if TYPE_CHECKING:
     from .targets.transition_target import TransitionTarget
 
 
-class GuardrailResult(BaseModel):
-    """Represents the outcome of a guardrail check."""
-
-    activated: bool
-    justification: str = Field(default="No justification provided")
-
-    def __str__(self) -> str:
-        return f"Guardrail Result: {self.activated}\nJustification: {self.justification}"
-
-    @staticmethod
-    def parse(text: str) -> "GuardrailResult":
-        """Parses a JSON string into a GuardrailResult object.
-
-        Args:
-            text (str): The JSON string to parse.
-
-        Returns:
-            GuardrailResult: The parsed GuardrailResult object.
-        """
-        try:
-            data = json.loads(text)
-            return GuardrailResult(**data)
-        except (json.JSONDecodeError, ValueError) as e:
-            raise ValueError(f"Failed to parse GuardrailResult from text: {text}") from e
-
-
 class Guardrail(ABC):
     """Abstract base class for guardrails."""
 
@@ -59,7 +33,7 @@ class Guardrail(ABC):
     def check(
         self,
         context: str | list[dict[str, Any]],
-    ) -> GuardrailResult:
+    ) -> "GuardrailResult":
         """Checks the text against the guardrail and returns a GuardrailResult.
 
         Args:
@@ -99,7 +73,7 @@ You will activate the guardrail only if the condition is met.
     def check(
         self,
         context: str | list[dict[str, Any]],
-    ) -> GuardrailResult:
+    ) -> "GuardrailResult":
         """Checks the context against the guardrail using an LLM.
 
         Args:
@@ -120,7 +94,7 @@ You will activate the guardrail only if the condition is met.
             raise ValueError("Context must be a string or a list of messages.")
         # Call the LLM with the check messages
         response = self.client.create(messages=check_messages)
-        return GuardrailResult.parse(response.choices[0].message.content)  # type: ignore
+        return GuardrailResult.parse(response.choices[0].message.content, guardrail=self)  # type: ignore
 
 
 class RegexGuardrail(Guardrail):
@@ -143,7 +117,7 @@ class RegexGuardrail(Guardrail):
     def check(
         self,
         context: str | list[dict[str, Any]],
-    ) -> GuardrailResult:
+    ) -> "GuardrailResult":
         """Checks the context against the guardrail using a regular expression.
 
         Args:
@@ -167,5 +141,39 @@ class RegexGuardrail(Guardrail):
             if match:
                 activated = True
                 justification = f"Match found -> {match.group(0)}"
-                return GuardrailResult(activated=activated, justification=justification)
-        return GuardrailResult(activated=False, justification="No match found in the context.")
+                return GuardrailResult(activated=activated, justification=justification, guardrail=self)
+        return GuardrailResult(activated=False, justification="No match found in the context.", guardrail=self)
+
+
+class GuardrailResult(BaseModel):
+    """Represents the outcome of a guardrail check."""
+
+    activated: bool
+    guardrail: Guardrail
+    justification: str = Field(default="No justification provided")
+
+    model_config = ConfigDict(arbitrary_types_allowed=True)
+
+    def __str__(self) -> str:
+        return f"Guardrail Result: {self.activated}\nJustification: {self.justification}"
+
+    @property
+    def reply(self) -> str:
+        return f"{self.guardrail.activation_message}\nJustification: {self.justification}"
+
+    @staticmethod
+    def parse(text: str, guardrail: "Guardrail") -> "GuardrailResult":
+        """Parses a JSON string into a GuardrailResult object.
+
+        Args:
+            text (str): The JSON string to parse.
+            guardrail (Guardrail): The guardrail that the result is for.
+
+        Returns:
+            GuardrailResult: The parsed GuardrailResult object.
+        """
+        try:
+            data = json.loads(text)
+            return GuardrailResult(**data, guardrail=guardrail)
+        except (json.JSONDecodeError, ValueError) as e:
+            raise ValueError(f"Failed to parse GuardrailResult from text: {text}") from e

autogen/agentchat/group/multi_agent_chat.py

@@ -11,6 +11,7 @@ from ...events.agent_events import ErrorEvent, RunCompletionEvent
 from ...io.base import IOStream
 from ...io.run_response import AsyncRunResponse, AsyncRunResponseProtocol, RunResponse, RunResponseProtocol
 from ...io.thread_io_stream import AsyncThreadIOStream, ThreadIOStream
+from ...llm_config import LLMConfig
 from ..chat import ChatResult
 from .context_variables import ContextVariables
 from .group_utils import cleanup_temp_user_messages
@@ -32,6 +33,9 @@ def initiate_group_chat(
     pattern: "Pattern",
     messages: list[dict[str, Any]] | str,
     max_rounds: int = 20,
+    safeguard_policy: dict[str, Any] | str | None = None,
+    safeguard_llm_config: LLMConfig | None = None,
+    mask_llm_config: LLMConfig | None = None,
 ) -> tuple[ChatResult, ContextVariables, "Agent"]:
     """Initialize and run a group chat using a pattern for configuration.
 
@@ -39,6 +43,9 @@ def initiate_group_chat(
         pattern: Pattern object that encapsulates the chat configuration.
         messages: Initial message(s).
         max_rounds: Maximum number of conversation rounds.
+        safeguard_policy: Optional safeguard policy dict or path to JSON file.
+        safeguard_llm_config: Optional LLM configuration for safeguard checks.
+        mask_llm_config: Optional LLM configuration for masking.
 
     Returns:
         ChatResult:         Conversations chat history.
@@ -66,6 +73,17 @@ def initiate_group_chat(
         messages=messages,
     )
 
+    # Apply safeguards if provided
+    if safeguard_policy:
+        from .safeguards import apply_safeguard_policy
+
+        apply_safeguard_policy(
+            groupchat_manager=manager,
+            policy=safeguard_policy,
+            safeguard_llm_config=safeguard_llm_config,
+            mask_llm_config=mask_llm_config,
+        )
+
     # Start or resume the conversation
     if len(processed_messages) > 1:
         last_agent, last_message = manager.resume(messages=processed_messages)
@@ -94,6 +112,9 @@ async def a_initiate_group_chat(
     pattern: "Pattern",
     messages: list[dict[str, Any]] | str,
     max_rounds: int = 20,
+    safeguard_policy: dict[str, Any] | str | None = None,
+    safeguard_llm_config: LLMConfig | None = None,
+    mask_llm_config: LLMConfig | None = None,
 ) -> tuple[ChatResult, ContextVariables, "Agent"]:
     """Initialize and run a group chat using a pattern for configuration, asynchronously.
 
@@ -101,6 +122,9 @@ async def a_initiate_group_chat(
         pattern: Pattern object that encapsulates the chat configuration.
         messages: Initial message(s).
         max_rounds: Maximum number of conversation rounds.
+        safeguard_policy: Optional safeguard policy dict or path to JSON file.
+        safeguard_llm_config: Optional LLM configuration for safeguard checks.
+        mask_llm_config: Optional LLM configuration for masking.
 
     Returns:
         ChatResult:         Conversations chat history.
@@ -128,6 +152,17 @@ async def a_initiate_group_chat(
         messages=messages,
     )
 
+    # Apply safeguards if provided
+    if safeguard_policy:
+        from .safeguards import apply_safeguard_policy
+
+        apply_safeguard_policy(
+            groupchat_manager=manager,
+            policy=safeguard_policy,
+            safeguard_llm_config=safeguard_llm_config,
+            mask_llm_config=mask_llm_config,
+        )
+
     # Start or resume the conversation
     if len(processed_messages) > 1:
         last_agent, last_message = await manager.a_resume(messages=processed_messages)
@@ -156,6 +191,9 @@ def run_group_chat(
     pattern: "Pattern",
     messages: list[dict[str, Any]] | str,
     max_rounds: int = 20,
+    safeguard_policy: dict[str, Any] | str | None = None,
+    safeguard_llm_config: LLMConfig | None = None,
+    mask_llm_config: LLMConfig | None = None,
 ) -> RunResponseProtocol:
     iostream = ThreadIOStream()
     # todo: add agents
@@ -165,6 +203,9 @@ def run_group_chat(
         pattern: "Pattern" = pattern,
         messages: list[dict[str, Any]] | str = messages,
         max_rounds: int = max_rounds,
+        safeguard_policy: dict[str, Any] | str | None = safeguard_policy,
+        safeguard_llm_config: LLMConfig | None = safeguard_llm_config,
+        mask_llm_config: LLMConfig | None = mask_llm_config,
         iostream: ThreadIOStream = iostream,
         response: RunResponse = response,
     ) -> None:
@@ -174,6 +215,9 @@ def run_group_chat(
                     pattern=pattern,
                     messages=messages,
                     max_rounds=max_rounds,
+                    safeguard_policy=safeguard_policy,
+                    safeguard_llm_config=safeguard_llm_config,
+                    mask_llm_config=mask_llm_config,
                 )
 
                 IOStream.get_default().send(
@@ -200,6 +244,9 @@ async def a_run_group_chat(
     pattern: "Pattern",
     messages: list[dict[str, Any]] | str,
     max_rounds: int = 20,
+    safeguard_policy: dict[str, Any] | str | None = None,
+    safeguard_llm_config: LLMConfig | None = None,
+    mask_llm_config: LLMConfig | None = None,
 ) -> AsyncRunResponseProtocol:
     iostream = AsyncThreadIOStream()
     # todo: add agents
@@ -209,6 +256,9 @@ async def a_run_group_chat(
         pattern: "Pattern" = pattern,
         messages: list[dict[str, Any]] | str = messages,
         max_rounds: int = max_rounds,
+        safeguard_policy: dict[str, Any] | str | None = safeguard_policy,
+        safeguard_llm_config: LLMConfig | None = safeguard_llm_config,
+        mask_llm_config: LLMConfig | None = mask_llm_config,
         iostream: AsyncThreadIOStream = iostream,
         response: AsyncRunResponse = response,
     ) -> None:
@@ -218,6 +268,9 @@ async def a_run_group_chat(
                     pattern=pattern,
                     messages=messages,
                     max_rounds=max_rounds,
+                    safeguard_policy=safeguard_policy,
+                    safeguard_llm_config=safeguard_llm_config,
+                    mask_llm_config=mask_llm_config,
                 )
 
                 IOStream.get_default().send(

autogen/agentchat/group/safeguards/api.py

@@ -158,6 +158,8 @@ def apply_safeguard_policy(
         policy=policy,
         safeguard_llm_config=safeguard_llm_config,
         mask_llm_config=mask_llm_config,
+        groupchat_manager=groupchat_manager,
+        agents=agents,
     )
 
     # Determine which agents to apply safeguards to
@@ -168,8 +170,14 @@ def apply_safeguard_policy(
         if not isinstance(groupchat_manager, GroupChatManager):
             raise ValueError("groupchat_manager must be an instance of GroupChatManager")
 
-        target_agents.extend([agent for agent in groupchat_manager.groupchat.agents if hasattr(agent, "hook_lists")])
-        all_agent_names = [agent.name for agent in groupchat_manager.groupchat.agents]
+        target_agents.extend([
+            agent
+            for agent in groupchat_manager.groupchat.agents
+            if hasattr(agent, "hook_lists") and agent.name != "_Group_Tool_Executor"
+        ])
+        all_agent_names = [
+            agent.name for agent in groupchat_manager.groupchat.agents if agent.name != "_Group_Tool_Executor"
+        ]
         all_agent_names.append(groupchat_manager.name)
 
         # Register inter-agent guardrails with the groupchat
@@ -221,4 +229,13 @@ def apply_safeguard_policy(
                 f"Agent {agent.name} does not support hooks. Please ensure it inherits from ConversableAgent."
             )
 
+    # Apply hooks to GroupToolExecutor if it exists (for GroupChat scenarios)
+    if groupchat_manager and enforcer.group_tool_executor and hasattr(enforcer.group_tool_executor, "hook_lists"):
+        # Create hooks for GroupToolExecutor - it needs tool interaction hooks
+        # since it's the one actually executing tools in GroupChat
+        hooks = enforcer.create_agent_hooks(enforcer.group_tool_executor.name)
+        for hook_name, hook_func in hooks.items():
+            if hook_name in enforcer.group_tool_executor.hook_lists:
+                enforcer.group_tool_executor.hook_lists[hook_name].append(hook_func)
+
     return enforcer

autogen/agentchat/group/safeguards/enforcer.py

@@ -9,8 +9,11 @@ import re
 from collections.abc import Callable
 from typing import Any
 
+from ....code_utils import content_str
 from ....io.base import IOStream
 from ....llm_config import LLMConfig
+from ...conversable_agent import ConversableAgent
+from ...groupchat import GroupChatManager
 from ..guardrails import LLMGuardrail, RegexGuardrail
 from ..targets.transition_target import TransitionTarget
 from .events import SafeguardEvent
@@ -19,11 +22,22 @@ from .events import SafeguardEvent
 class SafeguardEnforcer:
     """Main safeguard enforcer - executes safeguard policies"""
 
+    @staticmethod
+    def _stringify_content(value: Any) -> str:
+        if isinstance(value, (str, list)) or value is None:
+            try:
+                return content_str(value)
+            except (TypeError, ValueError, AssertionError):
+                pass
+        return "" if value is None else str(value)
+
     def __init__(
         self,
         policy: dict[str, Any] | str,
         safeguard_llm_config: LLMConfig | dict[str, Any] | None = None,
         mask_llm_config: LLMConfig | dict[str, Any] | None = None,
+        groupchat_manager: GroupChatManager | None = None,
+        agents: list[ConversableAgent] | None = None,
     ):
         """Initialize the safeguard enforcer.
 
@@ -31,10 +45,20 @@ class SafeguardEnforcer:
             policy: Safeguard policy dict or path to JSON file
             safeguard_llm_config: LLM configuration for safeguard checks
             mask_llm_config: LLM configuration for masking
+            groupchat_manager: GroupChat manager instance for group chat scenarios
+            agents: List of conversable agents to apply safeguards to
         """
         self.policy = self._load_policy(policy)
         self.safeguard_llm_config = safeguard_llm_config
         self.mask_llm_config = mask_llm_config
+        self.groupchat_manager = groupchat_manager
+        self.agents = agents
+        self.group_tool_executor = None
+        if self.groupchat_manager:
+            for agent in self.groupchat_manager.groupchat.agents:
+                if agent.name == "_Group_Tool_Executor":
+                    self.group_tool_executor = agent  # type: ignore[assignment]
+                    break
 
         # Validate policy format before proceeding
         self._validate_policy()
@@ -351,18 +375,21 @@ class SafeguardEnforcer:
         hooks = {}
 
         # Check if we have any tool interaction rules that apply to this agent
-        agent_tool_rules = [
-            rule
-            for rule in self.environment_rules
-            if rule["type"] == "tool_interaction"
-            and (
-                rule.get("message_destination") == agent_name
-                or rule.get("message_source") == agent_name
-                or rule.get("agent_name") == agent_name
-                or "message_destination" not in rule
-            )
-        ]  # Simple pattern rules apply to all
-
+        if agent_name == "_Group_Tool_Executor":
+            # group tool executor is running all tools, so we need to check all tool interaction rules
+            agent_tool_rules = [rule for rule in self.environment_rules if rule["type"] == "tool_interaction"]
+        else:
+            agent_tool_rules = [
+                rule
+                for rule in self.environment_rules
+                if rule["type"] == "tool_interaction"
+                and (
+                    rule.get("message_destination") == agent_name
+                    or rule.get("message_source") == agent_name
+                    or rule.get("agent_name") == agent_name
+                    or "message_destination" not in rule
+                )
+            ]
         if agent_tool_rules:
 
             def tool_input_hook(tool_input: dict[str, Any]) -> dict[str, Any] | None:
@@ -624,7 +651,7 @@ class SafeguardEnforcer:
             # Handle tool_calls (like in tool inputs)
             elif "tool_calls" in blocked_content and blocked_content["tool_calls"]:
                 blocked_content["tool_calls"] = [
-                    {**tool_call, "function": {**tool_call["function"], "arguments": block_msg}}
+                    {**tool_call, "function": {**tool_call["function"], "arguments": json.dumps({"error": block_msg})}}
                     for tool_call in blocked_content["tool_calls"]
                 ]
             # Handle regular content
@@ -649,7 +676,10 @@ class SafeguardEnforcer:
                         blocked_item["content"] = block_msg
                     if "tool_calls" in blocked_item:
                         blocked_item["tool_calls"] = [
-                            {**tool_call, "function": {**tool_call["function"], "arguments": block_msg}}
+                            {
+                                **tool_call,
+                                "function": {**tool_call["function"], "arguments": json.dumps({"error": block_msg})},
+                            }
                             for tool_call in blocked_item["tool_calls"]
                         ]
                     if "tool_responses" in blocked_item:
@@ -675,9 +705,12 @@ class SafeguardEnforcer:
             # Handle tool_responses
             if "tool_responses" in masked_content and masked_content["tool_responses"]:
                 if "content" in masked_content:
-                    masked_content["content"] = mask_func(str(masked_content["content"]))
+                    masked_content["content"] = mask_func(self._stringify_content(masked_content.get("content")))
                 masked_content["tool_responses"] = [
-                    {**response, "content": mask_func(str(response.get("content", "")))}
+                    {
+                        **response,
+                        "content": mask_func(self._stringify_content(response.get("content"))),
+                    }
                     for response in masked_content["tool_responses"]
                 ]
             # Handle tool_calls
@@ -687,17 +720,17 @@ class SafeguardEnforcer:
                         **tool_call,
                         "function": {
                             **tool_call["function"],
-                            "arguments": mask_func(str(tool_call["function"].get("arguments", ""))),
+                            "arguments": mask_func(self._stringify_content(tool_call["function"].get("arguments"))),
                         },
                     }
                     for tool_call in masked_content["tool_calls"]
                 ]
             # Handle regular content
             elif "content" in masked_content:
-                masked_content["content"] = mask_func(str(masked_content["content"]))
+                masked_content["content"] = mask_func(self._stringify_content(masked_content.get("content")))
             # Handle arguments
             elif "arguments" in masked_content:
-                masked_content["arguments"] = mask_func(str(masked_content["arguments"]))
+                masked_content["arguments"] = mask_func(self._stringify_content(masked_content.get("arguments")))
 
             return masked_content
 
@@ -708,39 +741,64 @@ class SafeguardEnforcer:
                 if isinstance(item, dict):
                     masked_item = item.copy()
                     if "content" in masked_item:
-                        masked_item["content"] = mask_func(str(masked_item["content"]))
+                        masked_item["content"] = mask_func(self._stringify_content(masked_item.get("content")))
                     if "tool_calls" in masked_item:
                         masked_item["tool_calls"] = [
                             {
                                 **tool_call,
                                 "function": {
                                     **tool_call["function"],
-                                    "arguments": mask_func(str(tool_call["function"].get("arguments", ""))),
+                                    "arguments": mask_func(
+                                        self._stringify_content(tool_call["function"].get("arguments"))
+                                    ),
                                 },
                             }
                             for tool_call in masked_item["tool_calls"]
                         ]
                     if "tool_responses" in masked_item:
                         masked_item["tool_responses"] = [
-                            {**response, "content": mask_func(str(response.get("content", "")))}
+                            {
+                                **response,
+                                "content": mask_func(self._stringify_content(response.get("content"))),
+                            }
                             for response in masked_item["tool_responses"]
                         ]
                     masked_list.append(masked_item)
                 else:
                     # For non-dict items, wrap the masked content in a dict
-                    masked_item_content: str = mask_func(str(item))
+                    masked_item_content: str = mask_func(self._stringify_content(item))
                     masked_list.append({"content": masked_item_content, "role": "function"})
             return masked_list
 
         else:
             # String content
-            return mask_func(str(content))
+            return mask_func(self._stringify_content(content))
 
     def _check_inter_agent_communication(
         self, sender_name: str, recipient_name: str, message: str | dict[str, Any]
     ) -> str | dict[str, Any]:
         """Check inter-agent communication."""
-        content = message.get("content", "") if isinstance(message, dict) else str(message)
+        if isinstance(message, dict):
+            if "tool_calls" in message and isinstance(message["tool_calls"], list):
+                # Extract arguments from all tool calls and combine them
+                tool_args = []
+                for tool_call in message["tool_calls"]:
+                    if "function" in tool_call and "arguments" in tool_call["function"]:
+                        tool_args.append(tool_call["function"]["arguments"])
+                content_to_check = " | ".join(tool_args) if tool_args else ""
+            elif "tool_responses" in message and isinstance(message["tool_responses"], list):
+                # Extract content from all tool responses and combine them
+                tool_contents = []
+                for tool_response in message["tool_responses"]:
+                    if "content" in tool_response:
+                        tool_contents.append(str(tool_response["content"]))
+                content_to_check = " | ".join(tool_contents) if tool_contents else ""
+            else:
+                content_to_check = str(message.get("content", ""))
+        elif isinstance(message, str):
+            content_to_check = message
+        else:
+            raise ValueError("Message must be a dictionary or a string")
 
         for rule in self.inter_agent_rules:
             if rule["type"] == "agent_transition":
@@ -750,7 +808,7 @@ class SafeguardEnforcer:
 
                 if source_match and target_match:
                     # Prepare content preview
-                    content_preview = content[:100] + ("..." if len(content) > 100 else "")
+                    content_preview = str(content_to_check)[:100] + ("..." if len(str(content_to_check)) > 100 else "")
 
                     # Use guardrail if available
                     if "guardrail" in rule and rule["guardrail"]:
@@ -766,7 +824,7 @@ class SafeguardEnforcer:
                         )
 
                         try:
-                            result = rule["guardrail"].check(content)
+                            result = rule["guardrail"].check(content_to_check)
                             if result.activated:
                                 self._send_safeguard_event(
                                     event_type="violation",
@@ -812,7 +870,7 @@ class SafeguardEnforcer:
                             # action=rule.get('action', 'N/A'),
                             content_preview=content_preview,
                         )
-                        is_violation, explanation = self._check_regex_violation(content, rule["pattern"])
+                        is_violation, explanation = self._check_regex_violation(content_to_check, rule["pattern"])
                         if is_violation:
                             result_value = self._apply_action(
                                 action=rule["action"],
@@ -847,11 +905,11 @@ class SafeguardEnforcer:
                         )
                         if "custom_prompt" in rule:
                             is_violation, explanation = self._check_llm_violation(
-                                content, custom_prompt=rule["custom_prompt"]
+                                content_to_check, custom_prompt=rule["custom_prompt"]
                             )
                         else:
                             is_violation, explanation = self._check_llm_violation(
-                                content, disallow_items=rule["disallow"]
+                                content_to_check, disallow_items=rule["disallow"]
                             )
 
                         if is_violation:
@@ -971,12 +1029,20 @@ class SafeguardEnforcer:
         # Extract tool name from data
         tool_name = data.get("name", data.get("tool_name", ""))
 
+        # Resolve the actual agent name if this is GroupToolExecutor
+        actual_agent_name = agent_name
+        if agent_name == "_Group_Tool_Executor" and self.group_tool_executor:
+            # Get the original tool caller from GroupToolExecutor
+            originator = self.group_tool_executor.get_tool_call_originator()  # type: ignore[attr-defined]
+            if originator:
+                actual_agent_name = originator
+
         # Determine source/destination based on direction
         if direction == "output":
-            source_name, dest_name = tool_name, agent_name
+            source_name, dest_name = tool_name, actual_agent_name
             content = str(data.get("content", ""))
         else:  # input
-            source_name, dest_name = agent_name, tool_name
+            source_name, dest_name = actual_agent_name, tool_name
             content = str(data.get("arguments", ""))
 
         result = self._check_interaction(
@@ -985,7 +1051,7 @@ class SafeguardEnforcer:
             dest_name=dest_name,
             content=content,
             data=data,
-            context_info=f"{agent_name} <-> {tool_name} ({direction})",
+            context_info=f"{actual_agent_name} <-> {tool_name} ({direction})",
         )
 
         if result is not None:
@@ -1050,15 +1116,43 @@ class SafeguardEnforcer:
         Returns:
             Optional replacement message if a safeguard triggers, None otherwise
         """
-        # Store original content for comparison
-        original_content = (
-            message_content.get("content", "") if isinstance(message_content, dict) else str(message_content)
-        )
+        # Handle GroupToolExecutor transparency for safeguards
+        if src_agent_name == "_Group_Tool_Executor":
+            actual_src_agent_name = self._resolve_tool_executor_source(src_agent_name, self.group_tool_executor)
+        else:
+            actual_src_agent_name = src_agent_name
+
+        # Store original message for comparison
+        original_message = message_content
 
-        result = self._check_inter_agent_communication(src_agent_name, dst_agent_name, message_content)
+        result = self._check_inter_agent_communication(actual_src_agent_name, dst_agent_name, message_content)
 
-        if result != original_content:
-            # Return the complete modified message structure to preserve tool_calls/tool_responses pairing
+        # Check if the result is different from the original
+        if result != original_message:
             return result
 
         return None
+
+    def _resolve_tool_executor_source(self, src_agent_name: str, tool_executor: Any = None) -> str:
+        """Resolve the actual source agent when GroupToolExecutor is involved.
+
+        When src_agent_name is "_Group_Tool_Executor", get the original agent who called the tool.
+
+        Args:
+            src_agent_name: The source agent name from the communication
+            tool_executor: GroupToolExecutor instance for getting originator
+
+        Returns:
+            The actual source agent name (original tool caller for tool responses)
+        """
+        if src_agent_name != "_Group_Tool_Executor":
+            return src_agent_name
+
+        # Handle GroupToolExecutor - get the original tool caller
+        if tool_executor and hasattr(tool_executor, "get_tool_call_originator"):
+            originator = tool_executor.get_tool_call_originator()
+            if originator:
+                return originator  # type: ignore[no-any-return]
+
+        # Fallback: Could not determine original caller
+        return "tool_executor"