Feather request context to shell tool env

[mautops]

Description

[Describe what this PR does and why]

Related Issue: Fixes #(issue_number) or Relates to #(issue_number)

Security Considerations: [If applicable, e.g. channel auth, env/config handling]

Type of Change

• Bug fix
• New feature
• Breaking change
• Documentation
• Refactoring

Component(s) Affected

• Core / Backend (app, agents, config, providers, utils, local_models)
• Console (frontend web UI)
• Channels (DingTalk, Feishu, QQ, Discord, iMessage, etc.)
• Skills
• CLI
• Documentation (website)
• Tests
• CI/CD
• Scripts / Deploy

Checklist

• I ran pre-commit run --all-files locally and it passes
• If pre-commit auto-fixed files, I committed those changes and reran checks
• I ran tests locally (pytest or as relevant) and they pass
• Documentation updated (if needed)
• Ready for review

Testing

[How to test these changes]

Local Verification Evidence

pre-commit run --all-files
# paste summary result

pytest
# paste summary result

Additional Notes

[Optional: any other context]

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a significant enhancement to the agent's ability to interact with shell tools by providing a secure and controlled way to pass contextual information. By injecting request context as read-only environment variables and implementing safeguards against environment manipulation, the change improves both the functionality and security of shell command execution within the agent's ecosystem.

Highlights

• Secure Context Injection for Shell Tools: Implemented a mechanism to securely inject request-specific context into the environment variables of shell commands executed by the agent. This allows shell tools to access relevant contextual data.
• Environment Variable Tampering Prevention: Added security measures within the shell tool wrapper to block common commands used for environment variable manipulation (e.g., export, unset, declare -x, env), preventing malicious or accidental tampering.
• Enhanced Shell Command Execution: Modified the execute_shell_command function to accept and merge custom environment variables, providing greater flexibility and control over the execution environment for shell tools.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• src/copaw/agents/react_agent.py
  • Added functools and re imports for new functionality.
  • Introduced _wrap_shell_tool method to inject _request_context into shell tool environment variables, prefixed with COPAW_, and enforce read-only status.
  • Implemented security checks within _wrap_shell_tool to block shell commands attempting to manipulate environment variables.
  • Modified _create_toolkit to apply _wrap_shell_tool specifically to the execute_shell_command tool during registration.
  • Refactored a conditional expression in the reply method for conciseness.
• src/copaw/agents/tools/shell.py
  • Added an optional env parameter to the execute_shell_command function signature.
  • Updated the execute_shell_command implementation to merge the provided env dictionary with the current process's environment variables before executing subprocesses.
  • Adjusted calls to _execute_subprocess_sync and asyncio.create_subprocess_shell to pass the newly prepared exec_env.
  • Applied minor formatting adjustment to a timeout_msg string.

Activity

• The pull request was created as a new feature.
• No specific review comments or activity have been recorded yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Generative AI Prohibited Use Policy, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a feature to pass request context to the shell tool as environment variables. The implementation includes security measures like blocking environment manipulation commands and making the injected variables read-only. My review focuses on improving cross-platform compatibility, code style, and maintainability. I've identified a high-severity issue where the new feature would fail on Windows, and a couple of medium-severity issues related to code style and duplication.

[mautops]

😔

[xieyxclack]

@mautops hello, is there anything I can help with?

[mautops]

@mautops hello, is there anything I can help with?

一直没合并，代码现在冲突了，暂时先不合并了，我先自用；

这个 feather 绝大多数人可能都用不到；

[xieyxclack]

@mautops Sorry for not reviewing and merging in time. We have been working on the multi-workspace in #1375 since yesterday, which will cause some breaking changes.

Feel free to reopen the PR if you are willing to contribute :)

[mautops]

@mautops Sorry for not reviewing and merging in time. We have been working on the multi-workspace in #1375 since yesterday, which will cause some breaking changes.

Feel free to reopen the PR if you are willing to contribute :)

👌🏻，得空修复后再提；3Q