fix: Respect allowedTools configuration in validTools array (#294)

buger · claude · web-flow · commit 1585eb0e133f · 2025-11-16T19:47:32.000+03:00
The `disableTools: true` option was not fully respected - tool definitions were correctly filtered from the system message, but the agentic loop still accepted and executed tool calls because the `validTools` array was hardcoded and didn't respect the `allowedTools` configuration. Changes: - Replace hardcoded `validTools` array with dynamic filtering using `allowedTools.isEnabled()` pattern (same as `getSystemMessage()`) - Edit tools now require both `allowEdit` flag AND `allowedTools` permission - Bash tool requires both `enableBash` flag AND `allowedTools` permission - Delegate tool requires both `enableDelegate` flag AND `allowedTools` permission - Add comprehensive tests to verify validTools respects allowedTools config Fixes #293 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude <noreply@anthropic.com>
diff --git a/npm/src/agent/ProbeAgent.js b/npm/src/agent/ProbeAgent.js
@@ -1706,16 +1706,25 @@ When troubleshooting:
         }
 
         // Parse tool call from response with valid tools list
-        const validTools = [
-          'search', 'query', 'extract', 'listFiles', 'searchFiles', 'attempt_completion'
-        ];
-        if (this.allowEdit) {
+        // Build validTools based on allowedTools configuration (same pattern as getSystemMessage)
+        const validTools = [];
+        if (this.allowedTools.isEnabled('search')) validTools.push('search');
+        if (this.allowedTools.isEnabled('query')) validTools.push('query');
+        if (this.allowedTools.isEnabled('extract')) validTools.push('extract');
+        if (this.allowedTools.isEnabled('listFiles')) validTools.push('listFiles');
+        if (this.allowedTools.isEnabled('searchFiles')) validTools.push('searchFiles');
+        if (this.allowedTools.isEnabled('attempt_completion')) validTools.push('attempt_completion');
+
+        // Edit tools (require both allowEdit flag AND allowedTools permission)
+        if (this.allowEdit && this.allowedTools.isEnabled('implement')) {
           validTools.push('implement', 'edit', 'create');
         }
-        if (this.enableBash) {
+        // Bash tool (require both enableBash flag AND allowedTools permission)
+        if (this.enableBash && this.allowedTools.isEnabled('bash')) {
           validTools.push('bash');
         }
-        if (this.enableDelegate) {
+        // Delegate tool (require both enableDelegate flag AND allowedTools permission)
+        if (this.enableDelegate && this.allowedTools.isEnabled('delegate')) {
           validTools.push('delegate');
         }
         
diff --git a/npm/tests/unit/allowed-tools.test.js b/npm/tests/unit/allowed-tools.test.js
@@ -248,6 +248,99 @@ describe('ProbeAgent allowedTools option', () => {
     });
   });
 
+  describe('validTools array in agentic loop', () => {
+    test('should respect allowedTools when building validTools array', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        allowedTools: ['search', 'extract', 'attempt_completion']
+      });
+      await agent.initialize();
+
+      // Verify allowedTools configuration
+      expect(agent.allowedTools.isEnabled('search')).toBe(true);
+      expect(agent.allowedTools.isEnabled('extract')).toBe(true);
+      expect(agent.allowedTools.isEnabled('attempt_completion')).toBe(true);
+      expect(agent.allowedTools.isEnabled('query')).toBe(false);
+      expect(agent.allowedTools.isEnabled('listFiles')).toBe(false);
+    });
+
+    test('should build empty validTools array when disableTools is true', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        disableTools: true
+      });
+      await agent.initialize();
+
+      // Verify that no tools are enabled
+      expect(agent.allowedTools.mode).toBe('none');
+      expect(agent.allowedTools.isEnabled('search')).toBe(false);
+      expect(agent.allowedTools.isEnabled('query')).toBe(false);
+      expect(agent.allowedTools.isEnabled('extract')).toBe(false);
+      expect(agent.allowedTools.isEnabled('attempt_completion')).toBe(false);
+    });
+
+    test('should respect both enableBash flag and allowedTools in validTools', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        enableBash: true,
+        allowedTools: ['search', 'bash', 'attempt_completion']
+      });
+      await agent.initialize();
+
+      // Bash should be enabled because both enableBash=true AND it's in allowedTools
+      expect(agent.allowedTools.isEnabled('bash')).toBe(true);
+      expect(agent.allowedTools.isEnabled('search')).toBe(true);
+      expect(agent.allowedTools.isEnabled('attempt_completion')).toBe(true);
+      // Query is not in allowedTools
+      expect(agent.allowedTools.isEnabled('query')).toBe(false);
+    });
+
+    test('should not include bash in validTools when not in allowedTools', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        enableBash: true,
+        allowedTools: ['search', 'query', 'attempt_completion']
+      });
+      await agent.initialize();
+
+      // Bash should NOT be enabled even though enableBash=true
+      // because it's not in the allowedTools list
+      expect(agent.allowedTools.isEnabled('bash')).toBe(false);
+      expect(agent.allowedTools.isEnabled('search')).toBe(true);
+      expect(agent.allowedTools.isEnabled('query')).toBe(true);
+    });
+
+    test('should not include edit tools in validTools when not in allowedTools', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        allowEdit: true,
+        allowedTools: ['search', 'query', 'attempt_completion']
+      });
+      await agent.initialize();
+
+      // Edit tools should NOT be enabled even though allowEdit=true
+      // because they're not in the allowedTools list
+      expect(agent.allowedTools.isEnabled('implement')).toBe(false);
+      expect(agent.allowedTools.isEnabled('edit')).toBe(false);
+      expect(agent.allowedTools.isEnabled('create')).toBe(false);
+      expect(agent.allowedTools.isEnabled('search')).toBe(true);
+    });
+
+    test('should include edit tools in validTools when in allowedTools', async () => {
+      const agent = new ProbeAgent({
+        path: process.cwd(),
+        allowEdit: true,
+        allowedTools: ['search', 'implement', 'attempt_completion']
+      });
+      await agent.initialize();
+
+      // Implement should be enabled because both allowEdit=true AND it's in allowedTools
+      expect(agent.allowedTools.isEnabled('implement')).toBe(true);
+      expect(agent.allowedTools.isEnabled('search')).toBe(true);
+      expect(agent.allowedTools.isEnabled('attempt_completion')).toBe(true);
+    });
+  });
+
   describe('disableTools convenience flag', () => {
     test('should disable all tools when disableTools is true', () => {
       const agent = new ProbeAgent({
