Summary

run_scheduler_loop() in handle_plan_confirm() blocks the entire agent message loop while executing a plan. This means /plan cancel cannot interrupt a running plan execution (SEC-M34-001).

Currently documented as a known limitation with a comment in the code.

Expected behavior

User should be able to send /plan cancel while a plan is executing to gracefully cancel all running sub-agents and stop the tick loop.

Proposed implementation

1. Add a plan_cancel_tx: Option<tokio::sync::watch::Sender<bool>> field to Agent.
2. Pass a watch::Receiver<bool> into run_scheduler_loop().
3. In the tick loop, add a tokio::select! arm on the cancellation signal in wait_event().
4. When cancel signal fires, call scheduler.cancel_all() and break the loop.
5. In handle_plan_cancel(), if plan_cancel_tx is set, send true to signal cancellation.

Alternatives

A CancellationToken from tokio_util::sync could also be used.

Identified as SEC-M34-001 in security audit of PR for issue #1434.