rename agent key to opencode and add skill invocation coverage (#541)
* rename agent key to opencode and add skill invocation coverage. add skill-invoke tests for claude and opencode with local play-based validation signals, update CI matrices, and include the current tracked refactors in this branch for review. Made-with: Cursor * exclude agent-specific skill-invoke tests from wrong agent in CI matrix * address review follow-up and preserve workflow run UI tweak. switch changed-agents ci coverage to exercise the opentoad implementation path while keeping the opencode expectation, and include the local workflow run client interaction updates requested on this branch. Made-with: Cursor * remove opentoad agent filename from runtime. rename the opencode harness implementation file from opentoad.ts to opencode.ts and update ci coverage input accordingly so action code no longer carries the old filename. Made-with: Cursor * ensure security prompt bypass is set on every test fixture. this keeps adversarial and permissions harnesses from being blocked by the default prompt-injection refusal path during CI security tests. Made-with: Cursor --------- Co-authored-by: pullfrog[bot] <226033991+pullfrog[bot]@users.noreply.github.com>
This commit is contained in:
committed by
pullfrog[bot]
parent
2799cce4bf
commit
4b3c5ca905
@@ -38,6 +38,7 @@ export const test: TestRunnerOptions = {
|
||||
validator,
|
||||
env: {
|
||||
GITHUB_REPOSITORY: "pullfrog/test-repo-mcp",
|
||||
PULLFROG_DISABLE_SECURITY_INSTRUCTIONS: "1",
|
||||
PULLFROG_MCP_SECRET: secret,
|
||||
},
|
||||
repoSetup:
|
||||
|
||||
@@ -0,0 +1,47 @@
|
||||
import { randomUUID } from "node:crypto";
|
||||
import type { AgentResult, TestRunnerOptions, ValidationCheck } from "../utils.ts";
|
||||
import { defineFixture, getAgentOutput } from "../utils.ts";
|
||||
|
||||
const skillName = "pullfrog-skill-check";
|
||||
const token = randomUUID();
|
||||
|
||||
const fixture = defineFixture(
|
||||
{
|
||||
prompt: `Do not modify any files.
|
||||
|
||||
Use the skill tool to load ${skillName}.
|
||||
Then call set_output with exactly this token and nothing else: ${token}`,
|
||||
shell: "restricted",
|
||||
push: "disabled",
|
||||
timeout: "4m",
|
||||
},
|
||||
{ localOnly: true }
|
||||
);
|
||||
|
||||
const repoSetup = `mkdir -p .claude/skills/${skillName} .opencode/skills/${skillName} && printf '%s\\n' '---' 'name: ${skillName}' 'description: local skill test token source' '---' '' 'token: ${token}' > .claude/skills/${skillName}/SKILL.md && cp .claude/skills/${skillName}/SKILL.md .opencode/skills/${skillName}/SKILL.md`;
|
||||
|
||||
function validator(result: AgentResult): ValidationCheck[] {
|
||||
const setOutputCalled = result.structuredOutput !== null;
|
||||
const tokenMatches = result.structuredOutput === token;
|
||||
|
||||
const agentOutput = getAgentOutput(result);
|
||||
const skillInvoked = /Skill\(\{[^)]*"skill":"pullfrog-skill-check"/.test(agentOutput);
|
||||
|
||||
return [
|
||||
{ name: "set_output", passed: setOutputCalled },
|
||||
{ name: "token_matches", passed: tokenMatches },
|
||||
{ name: "skill_invoked", passed: skillInvoked },
|
||||
];
|
||||
}
|
||||
|
||||
export const test: TestRunnerOptions = {
|
||||
name: "skill-invoke-claude",
|
||||
fixture,
|
||||
validator,
|
||||
agents: ["claude"],
|
||||
repoSetup,
|
||||
env: {
|
||||
PULLFROG_DISABLE_SECURITY_INSTRUCTIONS: "1",
|
||||
PULLFROG_MODEL: "anthropic/claude-sonnet-4-6",
|
||||
},
|
||||
};
|
||||
@@ -0,0 +1,47 @@
|
||||
import { randomUUID } from "node:crypto";
|
||||
import type { AgentResult, TestRunnerOptions, ValidationCheck } from "../utils.ts";
|
||||
import { defineFixture, getAgentOutput } from "../utils.ts";
|
||||
|
||||
const skillName = "pullfrog-skill-check";
|
||||
const token = randomUUID();
|
||||
|
||||
const fixture = defineFixture(
|
||||
{
|
||||
prompt: `Do not modify any files.
|
||||
|
||||
Use the skill tool to load ${skillName}.
|
||||
Then call set_output with exactly this token and nothing else: ${token}`,
|
||||
shell: "restricted",
|
||||
push: "disabled",
|
||||
timeout: "4m",
|
||||
},
|
||||
{ localOnly: true }
|
||||
);
|
||||
|
||||
const repoSetup = `mkdir -p .claude/skills/${skillName} .opencode/skills/${skillName} && printf '%s\\n' '---' 'name: ${skillName}' 'description: local skill test token source' '---' '' 'token: ${token}' > .claude/skills/${skillName}/SKILL.md && cp .claude/skills/${skillName}/SKILL.md .opencode/skills/${skillName}/SKILL.md`;
|
||||
|
||||
function validator(result: AgentResult): ValidationCheck[] {
|
||||
const setOutputCalled = result.structuredOutput !== null;
|
||||
const tokenMatches = result.structuredOutput === token;
|
||||
|
||||
const agentOutput = getAgentOutput(result);
|
||||
const skillInvoked = /skill\(\{[^)]*"name":"pullfrog-skill-check"/.test(agentOutput);
|
||||
|
||||
return [
|
||||
{ name: "set_output", passed: setOutputCalled },
|
||||
{ name: "token_matches", passed: tokenMatches },
|
||||
{ name: "skill_invoked", passed: skillInvoked },
|
||||
];
|
||||
}
|
||||
|
||||
export const test: TestRunnerOptions = {
|
||||
name: "skill-invoke-opencode",
|
||||
fixture,
|
||||
validator,
|
||||
agents: ["opencode"],
|
||||
repoSetup,
|
||||
env: {
|
||||
PULLFROG_DISABLE_SECURITY_INSTRUCTIONS: "1",
|
||||
PULLFROG_MODEL: "anthropic/claude-sonnet-4-6",
|
||||
},
|
||||
};
|
||||
@@ -28,4 +28,5 @@ export const test: TestRunnerOptions = {
|
||||
name: "smoke",
|
||||
fixture,
|
||||
validator,
|
||||
env: { PULLFROG_DISABLE_SECURITY_INSTRUCTIONS: "1" },
|
||||
};
|
||||
|
||||
@@ -6,7 +6,7 @@ import { defineFixture, generateAgentUuids, getAgentOutput } from "../utils.ts";
|
||||
* process environment. SANDBOX_TEST_TOKEN is set in the agent's process env
|
||||
* but should be invisible via:
|
||||
* - shell: filterEnv() strips *_TOKEN vars, PID namespace hides parent /proc
|
||||
* - native tools: OPENCODE_PERMISSION denies external_directory (opentoad),
|
||||
* - native tools: OPENCODE_PERMISSION denies external_directory (opencode),
|
||||
* managed-settings.json denies /proc reads (claude)
|
||||
*
|
||||
* runs with both agents to verify each sandbox independently.
|
||||
|
||||
Reference in New Issue
Block a user