[GH-ISSUE #194] [Feature]: disallowed_tools, stale loop detection, and file-modification audit #73

New issue

Open

opened 2026-02-27 10:22:04 +03:00 by kerem · 0 comments

kerem commented 2026-02-27 10:22:04 +03:00

Owner

Copy link

Originally created by @arjhun-personal on GitHub (Feb 25, 2026).
Original GitHub issue: https://github.com/mikeyobrien/ralph-orchestrator/issues/194

Problem

Two classes of bugs observed in production:

1. Hat role violations — Dispatcher hat implementing code despite instructions not to, because there's no mechanism to restrict tool usage per hat.
2. Infinite cycling — After all work is done, the loop cycles between hats emitting the same events repeatedly, wasting API credits. In one observed incident, 5 wasted iterations cost ~$1.7.

Phase 1 addressed the immediate cycling bug through preset YAML changes (stronger dispatcher instructions, build.noop escape hatch, max_activations safety nets). Phase 2 provides systemic engine-level protection against the class of bugs.

Proposed Solution

Three layered defenses:

1. disallowed_tools — Per-hat tool restriction via a prominent prompt section. Significantly reduces LLM tool misuse compared to buried "DON'T" instructions in hat prompts.

2. Stale loop detection — Hard termination when the same topic appears 3+ times consecutively. Detects infinite cycling and stops the loop before further API credits are wasted.

3. File-modification audit — Post-iteration detection that emits {hat}.scope_violation events when a hat modifies files outside its expected scope. Presets can route these to trigger corrective action.

Originally created by @arjhun-personal on GitHub (Feb 25, 2026). Original GitHub issue: https://github.com/mikeyobrien/ralph-orchestrator/issues/194 ## Problem Two classes of bugs observed in production: 1. **Hat role violations** — Dispatcher hat implementing code despite instructions not to, because there's no mechanism to restrict tool usage per hat. 2. **Infinite cycling** — After all work is done, the loop cycles between hats emitting the same events repeatedly, wasting API credits. In one observed incident, 5 wasted iterations cost ~$1.7. Phase 1 addressed the immediate cycling bug through preset YAML changes (stronger dispatcher instructions, `build.noop` escape hatch, `max_activations` safety nets). Phase 2 provides systemic engine-level protection against the class of bugs. ## Proposed Solution Three layered defenses: 1. **`disallowed_tools`** — Per-hat tool restriction via a prominent prompt section. Significantly reduces LLM tool misuse compared to buried "DON'T" instructions in hat prompts. 2. **Stale loop detection** — Hard termination when the same topic appears 3+ times consecutively. Detects infinite cycling and stops the loop before further API credits are wasted. 3. **File-modification audit** — Post-iteration detection that emits `{hat}.scope_violation` events when a hat modifies files outside its expected scope. Presets can route these to trigger corrective action.

kerem referenced this issue 2026-02-27 10:22:18 +03:00

[PR #73] [MERGED] fix(adapters): handle UTF-8 boundaries in truncate function #121

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

feat/context-window-utilization

fix/auto-issue-287-mcp-schema-dedup

fix/docs-deploy-coverage-dir

fix/issue-270-global-user-config

fix/isolate-child-claude-config

release/v2.9.2

release/v2.9.0

claude/relaxed-lamport

feat/rich-tui-tool-output

codex/fix-tui-mouse-toggle

autoresearch/validate-waves-supported-backends-20260324

codex/fix-guidance-steering-timing

feat/issue-210-rebase

ralph/software-factory-workers

fix/codex-large-prompt-shell-limit

fix/publish-crates-missing-ralph-api

autoresearch/preset-quality-20260315

feat/issue-210

ci/shift-left-coverage-local

tracking-ux

codex/debug-preset-handoff-fixes

reproduce-issue-from-github-#223

implement-fix-for-issue-225

check-if-docs-need-updates

codex/add-ralph-mcp-server

lint-workflow-auto-fork

feat/tui-update-indicator

refactor/simplify-round-1

ro-hooks

feat/pi-tui-text-accumulation

review

fix/rpc-review-sweep

fix/default-publishes-cascade-187

chore/funding-and-tsx-check

feat/rpc-v1-control-plane-cutover

feat/shell-completions

feat/148-tui-guidance-injection

fix/restore-pdd-step-guards

feat/devenv-setup

fix-windows-pty-hang

pr/last-71-commits

feat/completion-event-only

feature/bot-daemon

feat/skill-system

feat/web-fresh-install

fix/web-config-path-root

feat/event-publishing-guide

feat/hat-backend-args

ralph-orchestrator-hats-cli

feature/parallel-config-gate

ci-mock-e2e-tests

fix/npx-tui-pgid

add-claude-github-actions-1769371695019

multi-loop-concurrency

preset-updates

feat/objective-section

native-task-provider

feat/modularization-and-docs

fix/mkdocs-missing-files

feat/memory-system-and-ralph-yml

fix/run-isolated-events-82

fix/header-iteration-elapsed

feature/tui

fix/opencode-run-subcommand

feat/mcp-support

feat/copilot-cli-backend

2.0.0

gh-pages

v1.2.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.0

v2.6.0

v2.5.1

v2.5.0

v2.4.4

v2.4.3

v2.4.2

v2.4.1

v2.4.0

v2.3.1

v2.3.0

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.10

v2.0.9

v2.0.8

v2.0.7

v2.0.5

v2.0.4

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v2.0.0-alpha

v1.2.3

v1.2.2

v1.2.1

v1.2.0

Labels

Clear labels   

bug

  

bug

  

duplicate

  

duplicate

  

duplicate

  

enhancement

  

good first issue

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

bug

bug

duplicate

duplicate

duplicate

enhancement

good first issue

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ralph-orchestrator#73

No description provided.