include kimi & moonshot in tool-allowed models

Author: flaviusburca

surogates/harness/prompt.py

@@ -37,8 +37,13 @@
 # ---------------------------------------------------------------------------
 
 # Model name substrings that trigger the tool-use enforcement fragment.
+# These models exhibit a "narrate the action instead of executing it"
+# pattern (e.g. "I will now create an artifact" followed by end-of-turn
+# with no tool call) often enough that the enforcement fragment pays for
+# itself in prompt budget.  Claude and DeepSeek are *not* listed because
+# they reliably execute promised actions without the nag.
 TOOL_USE_ENFORCEMENT_MODELS: tuple[str, ...] = (
-    "gpt", "codex", "gemini", "gemma", "grok",
+    "gpt", "codex", "gemini", "gemma", "grok", "moonshot", "kimi",
 )
 
 # Maximum bytes to read from any single memory/skill file.

surogates/orchestrator/worker.py

@@ -275,6 +275,12 @@ async def harness_factory(session_id: UUID) -> AgentHarness:
             memory_manager=memory_manager,
             session=session,
             available_agents=available_agents,
+            # The builder gates tool-aware guidance fragments (artifact,
+            # memory, skills, expert, session_search, tool_use_enforcement)
+            # on membership in ``available_tools``.  Passing the registry's
+            # live tool set keeps those fragments in the system prompt
+            # instead of silently stripping them.
+            available_tools=set(tool_registry.tool_names),
         )
 
         # Interactive sessions get a regular user access token;

tests/test_artifacts.py

@@ -653,3 +653,31 @@ def test_guidance_not_injected_without_tool(self, tenant):
         )
         guidance = default_library().get("guidance/artifact")
         assert guidance not in pb._tool_guidance_section()
+
+    def test_worker_wires_registry_tool_names_into_builder(self, tenant):
+        """Regression: production worker must pass ``tool_registry.tool_names``
+        to PromptBuilder so tool-aware guidance fragments reach the system
+        prompt.  Until session cbf414ac…e1362a1 made it visible, the worker
+        constructed the builder with no ``available_tools`` and every
+        tool-gated guidance fragment (artifact, memory, skills, expert,
+        session_search, tool_use_enforcement) was silently dropped for
+        every model on every session.
+        """
+        from surogates.tools.registry import ToolRegistry
+        from surogates.tools.runtime import ToolRuntime
+
+        registry = ToolRegistry()
+        ToolRuntime(registry).register_builtins()
+        assert "create_artifact" in registry.tool_names, (
+            "registry must advertise create_artifact for this regression "
+            "test to be meaningful"
+        )
+
+        pb = PromptBuilder(
+            tenant=tenant,
+            available_tools=set(registry.tool_names),
+        )
+        section = pb._tool_guidance_section()
+        assert default_library().get("guidance/artifact") in section
+        assert default_library().get("guidance/memory") in section
+        assert default_library().get("guidance/skills") in section

tests/test_platform_hints.py

@@ -146,6 +146,17 @@ def test_grok_gets_enforcement(self, tmp_path: Path):
         prompt = builder.build()
         assert "Tool-use enforcement" in prompt
 
+    def test_kimi_gets_enforcement(self, tmp_path: Path):
+        # Added after session cbf414ac…e1362a1 where Kimi promised to
+        # "offer an HTML artifact" and ended the turn without a tool call.
+        tenant = _make_tenant(
+            tmp_path,
+            org_config={"agent_name": "Bot", "default_model": "moonshotai/kimi-k2.6"},
+        )
+        builder = PromptBuilder(tenant, available_tools={"terminal", "create_artifact"})
+        prompt = builder.build()
+        assert "Tool-use enforcement" in prompt
+
 
 # ---------------------------------------------------------------------------
 # Developer role routing