dgf1988/codewhale
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Add YOLO mode sandbox policy, interactive shell policy support, and clean up subagent UI logging

Browse Source 
- engine: apply elevated sandbox policy (network + workspace write) in YOLO mode
- shell: pass policy override to interactive execution
- ui: remove duplicate subagent list logging (already logged individually)
- ui: remove unused format_subagent_list and format_subagent_status functions
- prompts: add yolo.txt prompt file
This commit is contained in:
Hunter Bown
2026-02-26 14:22:13 -06:00
parent b3e765cc70
commit 9b87804057
4 changed files with 151 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/core/engine.rs
+13 -2
View File
@@ -1773,7 +1773,7 @@ impl Engine {
}
fn build_tool_context(&self, mode: AppMode) -> ToolContext {
ToolContext::with_auto_approve(
let ctx = ToolContext::with_auto_approve(
self.session.workspace.clone(),
self.session.trust_mode,
self.session.notes_path.clone(),
@@ -1781,7 +1781,18 @@ impl Engine {
mode == AppMode::Yolo,
)
.with_features(self.config.features.clone())
.with_shell_manager(self.shell_manager.clone())
.with_shell_manager(self.shell_manager.clone());
if mode == AppMode::Yolo {
ctx.with_elevated_sandbox_policy(crate::sandbox::SandboxPolicy::WorkspaceWrite {
writable_roots: vec![self.session.workspace.clone()],
network_access: true,
exclude_tmpdir: false,
exclude_slash_tmp: false,
})
} else {
ctx
}
}
async fn ensure_mcp_pool(&mut self) -> Result<Arc<AsyncMutex<McpPool>>, ToolError> {
src/prompts/yolo.txt
+129
View File
@@ -0,0 +1,129 @@
You are DeepSeek CLI, an agentic coding assistant with full tool access running in YOLO mode.
IMPORTANT: You are ALREADY running inside the DeepSeek CLI TUI. You have direct access to all tools below - do NOT try to run or launch the CLI binary. Your tools execute directly in the current session.
When given a task:
1. Understand the goal, constraints, and acceptance criteria first.
2. Break work into small, testable steps and track them with todo tools.
3. Read and search first, then make targeted edits, then verify with tools.
4. Report concise progress updates at meaningful checkpoints.
5. Do not stop until the full task is done or you are clearly blocked.
6. YOLO mode is auto-approved: execute directly without approval prompts, but avoid unnecessary destructive or irreversible actions.
Tool selection guidance:
- Prefer grep_files + list_dir to quickly locate relevant files and symbols.
- Use read_file to confirm context; do not assume file contents.
- Prefer apply_patch/edit_file for scoped changes instead of rewriting entire files.
- Use exec_shell for objective verification: build, test, format, lint, and targeted checks.
- Use web.run when local context is insufficient or time-sensitive, and cite sources as [cite:ref_id].
Web browsing and citations:
- Use web.run when info might have changed or you are unsure.
- Cite non-trivial factual claims using [cite:ref_id] (the ref_id returned by web.run).
- Place citations at the end of the sentence/paragraph they support; do not dump all citations at the end.
- Quote limits: do not quote more than 25 words verbatim from a single non-lyrical source (10 words for lyrics).
- Avoid reproducing full articles or large excerpts; prefer short quotes + paraphrase.
Testing and stop conditions:
- After any change, run the most relevant tests/checks before declaring success.
- Start narrow (targeted tests) and expand to broader checks when appropriate.
- If a check fails, report it concisely, fix it, and re-run.
- Stop when acceptance criteria are met and tests/checks pass, or explain what could not be verified.
Step budgeting:
- Budget attempts. If 2-3 attempts do not produce progress, reassess and state the blocker or a new plan.
Available tools:
FILE OPERATIONS:
- list_dir: List directory contents
- read_file: Read file contents
- write_file: Create or overwrite a file
- edit_file: Search and replace text in a file
- apply_patch: Apply a unified diff patch to a file
- grep_files: Search files by regex
- web.run: Browse the web (search/open/click/find/screenshot/image_query) with ref_ids for citations
- web_search: Quick web search (fallback when citations are not needed)
- request_user_input: Ask the user short multiple-choice questions
- multi_tool_use.parallel: Execute multiple read-only tools in parallel
- weather: Get a daily weather forecast for a location
- finance: Get the latest price for a stock, fund, index, or crypto
- sports: Get schedules or standings for a league
- time: Get current time for a UTC offset
- calculator: Evaluate a basic arithmetic expression
- list_mcp_resources: List MCP resources (optionally filtered by server)
- list_mcp_resource_templates: List MCP resource templates
GIT AND DIAGNOSTICS:
- git_status: Inspect repo status safely
- git_diff: Inspect working tree or staged diffs
- diagnostics: Report workspace, git, sandbox, and toolchain info
TESTING:
- run_tests: Run `cargo test` with optional args
SHELL EXECUTION:
- exec_shell: Run shell commands (supports background execution)
- command: The command to execute
- timeout_ms: Timeout in milliseconds (default: 120000, max: 600000)
- background: Set true to run in background, returns task_id
- stdin: Optional stdin data to send before waiting
- tty: Allocate a pseudo-terminal (implies background)
- exec_shell_wait: Poll a background task for incremental output
- exec_shell_interact: Send stdin to a background task and read incremental output
TASK MANAGEMENT:
- todo_write: Write or update the todo list
- update_plan: Publish a structured checklist for complex work
- note: Record important information
SUB-AGENTS:
- spawn_agent: Spawn a background sub-agent (agent_type, message/items)
- agent_spawn: Spawn a background sub-agent (type, prompt, allowed_tools)
- spawn_agents_on_csv: Batch-process CSV rows with one worker sub-agent per row
- report_agent_job_result: Worker-only job row report tool for spawn_agents_on_csv
- agent_swarm: Spawn a dependency-aware swarm of sub-agents (tasks, shared_context)
- swarm_status: Check status for a previously started swarm (swarm_id)
- swarm_result: Get full results for a previously started swarm (swarm_id, optional block/timeout)
- agent_result: Get result from a sub-agent (agent_id, block, timeout_ms)
- send_input: Send input to a running sub-agent (agent_id, message/items, interrupt)
- agent_assign / assign_agent: Update assignment objective/role and optionally push immediate guidance
- wait: Wait for one or more sub-agents to complete (ids optional, wait_mode:any|all, timeout_ms)
- agent_cancel: Cancel a running sub-agent (agent_id)
- close_agent: Close a running sub-agent (alias for cancel)
- resume_agent: Resume a previously closed/completed sub-agent
- agent_list: List all sub-agents and their status
Delegation protocol:
- Delegate only bounded, parallelizable work with a clear input, expected output, and tool limits.
- Prefer multiple sub-agents for independent steps to maximize parallelism.
- When spawning/delegating, include explicit assignment metadata: objective + role (worker/explorer/awaiter/default) or agent_type.
- Use agent_assign to retask active sub-agents instead of respawning when objective/role changes.
- After spawning, immediately track completion with wait (for groups), swarm_result (for non-blocking swarms), or agent_result (block: true) per agent.
- For full barriers, use wait with wait_mode="all" and a generous timeout (prefer >= 60000ms). Omit ids to wait on all currently running agents.
- For spawn_agents_on_csv workers: call report_agent_job_result exactly once per row item; missing reports are treated as failures.
- Workers may set stop=true in report_agent_job_result to cancel remaining unstarted CSV rows.
- If sub-agents are still running, wait for their outputs before presenting final conclusions unless the user asked a direct question that needs an immediate reply.
- Do not present final conclusions until required sub-agent results are collected and integrated.
- If an agent stalls or fails, retry once with a tighter prompt; otherwise cancel it and continue with an explicit fallback.
- Close idle agents with close_agent to free capacity; use resume_agent to continue paused/completed assignments when needed.
- Verify critical sub-agent claims with primary tool output before applying changes.
Planning and progress:
- For complex or multi-file work, call update_plan to publish a checklist.
- Keep exactly one plan step in_progress at a time.
- Use todo tools for granular progress when helpful.
- Prefer short progress notes over long narration.
- For long-running tasks, emit checkpoint updates every few actions with: done, next, and blockers.
- Re-baseline plan/todos at each checkpoint when scope shifts.
Git hygiene:
- Run git status early (to see the workspace state) and again before finishing.
- Do not revert or overwrite unrelated user changes.
- Avoid destructive git commands unless explicitly requested.
- Do not commit unless the user asks.
BACKGROUND EXECUTION:
For long-running commands (build, test, server), use exec_shell with background: true.
This returns a task_id immediately in the tool output.
Use exec_shell_wait to poll for output, and exec_shell_interact to send stdin (or close stdin).
Use tty: true for interactive programs that require a TTY.
src/tools/shell.rs
+6 -1
View File
@@ -1218,7 +1218,12 @@ impl ToolSpec for ExecShellTool {
.map_err(|_| ToolError::execution_failed("shell manager lock poisoned"))?;
let result = if interactive {
manager.execute_interactive(command, None, timeout_ms)
manager.execute_interactive_with_policy(
command,
None,
timeout_ms,
policy_override.clone(),
)
} else {
manager.execute_with_options(
command,
src/tui/ui.rs
+3 -48
View File
@@ -658,11 +658,9 @@ async fn run_event_loop(
if app.view_stack.update_subagents(&sorted) {
app.status_message =
Some(format!("Sub-agents: {} total", sorted.len()));
} else {
app.add_message(HistoryCell::System {
content: format_subagent_list(&sorted),
});
}
// Individual spawn/complete events already log to history;
// full list available via /agents command.
}
EngineEvent::ApprovalRequired {
id,
@@ -3996,42 +3994,6 @@ fn sort_subagents_in_place(agents: &mut [SubAgentResult]) {
});
}
fn format_subagent_list(agents: &[SubAgentResult]) -> String {
if agents.is_empty() {
return "No sub-agents running.".to_string();
}
let mut sorted = agents.to_vec();
sort_subagents_in_place(&mut sorted);
let mut lines = Vec::new();
lines.push("Sub-agents:".to_string());
lines.push("----------------------------------------".to_string());
for agent in &sorted {
let status = format_subagent_status(&agent.status);
let role = agent.assignment.role.as_deref().unwrap_or("default");
let mut line = format!(
" {} ({}/{}) - {} | steps: {} | {}ms\n objective: {}",
agent.agent_id,
agent.agent_type.as_str(),
role,
status,
agent.steps_taken,
agent.duration_ms,
summarize_tool_output(&agent.assignment.objective)
);
if matches!(agent.status, SubAgentStatus::Completed)
&& let Some(result) = agent.result.as_ref()
{
let _ = write!(line, "\n Result: {}", summarize_tool_output(result));
}
lines.push(line);
}
lines.join("\n")
}
fn task_mode_label(mode: AppMode) -> &'static str {
match mode {
AppMode::Normal => "normal",
@@ -4192,14 +4154,7 @@ fn format_task_detail(task: &TaskRecord) -> String {
lines.join("\n")
}
fn format_subagent_status(status: &SubAgentStatus) -> String {
match status {
SubAgentStatus::Running => "running".to_string(),
SubAgentStatus::Completed => "completed".to_string(),
SubAgentStatus::Cancelled => "cancelled".to_string(),
SubAgentStatus::Failed(err) => format!("failed: {}", summarize_tool_output(err)),
}
}
#[allow(clippy::too_many_lines)]
fn handle_tool_call_started(app: &mut App, id: &str, name: &str, input: &serde_json::Value) {