fix(agent): prevent silent scope expansion when initial approach fails#28171
fix(agent): prevent silent scope expansion when initial approach fails#28171Suryap-hub wants to merge 1 commit into
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
|
📊 PR Size: size/XL
|
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses issue #28155 by implementing strict guardrails in the agent's decision-making process. The changes ensure that the agent respects user-defined boundaries and prevents silent escalation, requiring explicit user approval before switching strategies or executing sensitive commands. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
🛑 Action Required: Evaluation ApprovalSteering changes have been detected in this PR. To prevent regressions, a maintainer must approve the evaluation run before this PR can be merged. Maintainers:
Once approved, the evaluation results will be posted here automatically. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request unexpectedly deletes a vast number of critical configuration, workflow, and documentation files—including .gitignore, CODEOWNERS, Dockerfile, and README.md—while completely omitting the intended code changes. The reviewer correctly flagged these deletions as critical issues that break repository governance, security, and deployment capabilities. Please verify your branch to ensure you did not accidentally delete these core files.
| @@ -1,412 +0,0 @@ | |||
| # Gemini CLI | |||
There was a problem hiding this comment.
This pull request deletes the README.md file along with numerous other critical configuration, workflow, and documentation files, while completely omitting the changes to packages/core/src/prompts/snippets.ts described in the PR title and description. Please verify your branch and ensure you are not accidentally deleting the repository's core files.
| @@ -1,70 +0,0 @@ | |||
| # API keys and secrets | |||
There was a problem hiding this comment.
Deleting the .gitignore file is highly critical as it can lead to sensitive files, API keys, or build artifacts being accidentally committed to the repository.
| @@ -1,22 +0,0 @@ | |||
| # By default, require reviews from the maintainers for all files. | |||
There was a problem hiding this comment.
Deleting the CODEOWNERS file removes the repository's branch protection and review routing rules, which is a critical security and governance risk.
| @@ -1,94 +0,0 @@ | |||
| # ---- Stage 1: Builder ---- | |||
There was a problem hiding this comment.
Deleting the main Dockerfile prevents the creation of the application's container images, which breaks the deployment and sandboxing capabilities of the CLI.
|
The size/XL label is incorrect — this PR only modifies 1 line in |
gemini-cli
Bot
added
priority/p2
1 participant
Fixes #28155
Problem
When asked to review a specific set of lines, the agent silently
expanded its scope — running scripts and reading the full file
without user approval. Instead of staying within the requested
boundaries, it switched strategies without informing the user.
Root Cause
The
mandateConfirmfunction insnippets.tslacked explicitinstructions to prevent the agent from silently escalating its
approach when it couldn't find an answer quickly.
Fix
Added 3 guardrails to the
mandateConfirmfunction inpackages/core/src/prompts/snippets.ts:tell the user and ask before switching to a broader strategy.
only read those N lines — do not read the full file or run
scripts unless explicitly asked.
command to investigate further, ask the user first.
Testing
npm run build -w packages/core✅npm test -w packages/core✅