GitAgent can duplicate tool execution under repeated tool-use state
Summary
Severity / performance impact: High. A repeated tool-use state can lead to a high-volume provider/tool-result loop in a repository workspace.
Affected target
- Target:
GitAgent
- Version/build:
@open-gitagent/gitagent 2.0.0
- Environment: Linux x86_64 Docker, public package build
- Provider/model: OpenAI-compatible local mock provider,
gpt-4
Steps to reproduce
Prerequisites: Docker, Python 3, and the GitHub CLI (gh) for the clone command below. The linked reproducer is self-contained and uses only Python standard-library modules plus Docker. It builds the affected CLI version from the public package registry, starts a local mock provider, and runs the CLI in an isolated workspace. The Docker run is limited to 2 CPUs and 4 GiB RAM by default.
Complete self-contained reproducer: https://gist.github.com/N0zoM1z0/f63d9147d36cbce66937e6602068e2a0
The Gist contains gitagent-empty-write-duplicate-execution.reproduce.py. Download and run:
gh gist clone f63d9147d36cbce66937e6602068e2a0 gitagent-empty-write-duplicate-execution-reproducer
cd gitagent-empty-write-duplicate-execution-reproducer
python3 gitagent-empty-write-duplicate-execution.reproduce.py
To reuse an already-built local image:
python3 gitagent-empty-write-duplicate-execution.reproduce.py --skip-build
Expected successful reproduction output includes:
Actual behavior
The local provider repeats a tool call after tool results arrive. The script checks for at least 100 provider requests, duplicated tool results, and timeout/signal termination.
Expected behavior
GitAgent should bound repeated tool-use state and avoid repeatedly resubmitting the same tool result.
Public-upstream status
This report targets the stock public @open-gitagent/gitagent@2.0.0 package. A complete self-contained reproducer is linked above and builds the public package in an isolated Docker workspace.
GitAgent can duplicate tool execution under repeated tool-use state
Summary
Severity / performance impact: High. A repeated tool-use state can lead to a high-volume provider/tool-result loop in a repository workspace.
Affected target
GitAgent@open-gitagent/gitagent 2.0.0gpt-4Steps to reproduce
Prerequisites: Docker, Python 3, and the GitHub CLI (
gh) for the clone command below. The linked reproducer is self-contained and uses only Python standard-library modules plus Docker. It builds the affected CLI version from the public package registry, starts a local mock provider, and runs the CLI in an isolated workspace. The Docker run is limited to 2 CPUs and 4 GiB RAM by default.Complete self-contained reproducer: https://gist.github.com/N0zoM1z0/f63d9147d36cbce66937e6602068e2a0
The Gist contains
gitagent-empty-write-duplicate-execution.reproduce.py. Download and run:gh gist clone f63d9147d36cbce66937e6602068e2a0 gitagent-empty-write-duplicate-execution-reproducer cd gitagent-empty-write-duplicate-execution-reproducer python3 gitagent-empty-write-duplicate-execution.reproduce.pyTo reuse an already-built local image:
Expected successful reproduction output includes:
Actual behavior
The local provider repeats a tool call after tool results arrive. The script checks for at least 100 provider requests, duplicated tool results, and timeout/signal termination.
Expected behavior
GitAgent should bound repeated tool-use state and avoid repeatedly resubmitting the same tool result.
Public-upstream status
This report targets the stock public
@open-gitagent/gitagent@2.0.0package. A complete self-contained reproducer is linked above and builds the public package in an isolated Docker workspace.