Skip to content

fix(agent-canvas-env-skill): inject default tools and expose secrets on delegation#362

Closed
neubig wants to merge 2 commits into
mainfrom
fix/agent-canvas-env-skill-tools-and-secrets
Closed

fix(agent-canvas-env-skill): inject default tools and expose secrets on delegation#362
neubig wants to merge 2 commits into
mainfrom
fix/agent-canvas-env-skill-tools-and-secrets

Conversation

@neubig

@neubig neubig commented Jun 25, 2026

Copy link
Copy Markdown
Member

Problem

The delegation template in the agent-canvas-environment skill produced delegated local conversations that could not reliably do real work. A delegated agent could authenticate or invoke a skill, but could end up without execution tools and/or without a usable LLM key.

Root causes:

  1. /api/settings can return an empty persisted tools list. Agent Canvas UI launches fill in defaults client-side, but an API-created conversation gets exactly the tools array sent in POST /api/conversations.
  2. Default /api/settings responses mask credentials as **********; forwarding that value can create a delegated conversation with an unusable key.

Fix

  • Start from encrypted agent_settings fetched with X-Expose-Secrets: encrypted and send secrets_encrypted: true, so the server decrypts the LLM key server-side without exposing plaintext credentials in the script.
  • Merge the default exec tool set into agent_settings.tools: terminal, file_editor, task_tracker, browser_tool_set, and canvas_ui.
  • Include task_tool_set automatically when sub-agents are enabled.
  • Preserve skill-loading context flags for delegated agents.
  • Drop schema_version and mcp_config from forwarded settings to avoid creation-time schema/MCP connection failures.
  • Keep tool_module_qualnames for canvas_ui and document how to verify delegated tools/errors.
  • Regenerate skills/index.js so the checked-in skills catalog matches SKILL.md.

Evidence

Commands run on this branch:

npm run build:skills
> @openhands/extensions@0.8.0 build:skills
> node scripts/build-skills-catalog.mjs
Generated .../skills/index.js with 53 skills
uv run --group test pytest tests/
440 passed in 23.84s

Live local delegation smoke test using the updated encrypted-settings pattern:

POST /api/conversations -> bbf207ba-2eff-4bde-87df-c28a7dbcce46
execution_status: finished
registered tools: browser_tool_set, canvas_ui, file_editor, task_tracker, terminal
terminal action: pwd && git --version
exit_code: 0
output:
/home/gneubig/workspace/delegated/pr362-live-evidence-20260630-175323
git version 2.43.0

Local links from the smoke test environment:

Issue

Closes #365

This PR description was updated by an AI agent (OpenHands) on behalf of Graham Neubig.

…on delegation

The delegation template in the agent-canvas-environment skill produced
delegated conversations that could not do real work:

1. Empty tools: /api/settings returns tools: [] for the persisted profile.
   The UI populates the tool list at launch time, but API-created
   conversations get exactly the tools array sent in the payload and the
   server injects no defaults. The result was a delegated agent that could
   only call built-in actions (invoke_skill, think, finish) and could not
   run shell commands, edit files, or browse. Inject the default tool set
   (terminal, file_editor, task_tracker, canvas_ui, browser_tool_set) into
   agent_settings.tools.

2. Redacted LLM key: without X-Expose-Secrets: plaintext, /api/settings
   returns the LLM api_key as **********. Echoing that into the new
   conversation caused LLMAuthenticationError. Fetch settings with the
   plaintext header (safe for backend clients that never log the response).

Added explanatory notes for both so future editors understand why these
two lines are required.

Co-authored-by: openhands <openhands@all-hands.dev>
Resolve the agent-canvas-environment skill conflict by keeping the encrypted settings delegation flow and regenerating the skills catalog.\n\nCo-authored-by: openhands <openhands@all-hands.dev>
@neubig

neubig commented Jul 1, 2026

Copy link
Copy Markdown
Member Author

Closing per Graham’s request. This comment was created by an AI agent (OpenHands) on behalf of Graham Neubig.

@neubig neubig closed this Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

type: fix A bug fix

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix agent-canvas-environment skill delegation: inject default tools and expose secrets

2 participants