fix(core,mcp): provider display name and MCP injection false positive#2177
Merged
fix(core,mcp): provider display name and MCP injection false positive#2177
Conversation
github-actions
bot
added
documentation
…#2173, #2170) - Store active_provider_name in RuntimeConfig; handle_provider_switch and handle_provider_status now display the configured name field from [[llm.providers]] instead of the provider type string (fixes #2173) - Narrow new_directive injection pattern to require colon suffix, preventing false positive on "new persona" in Todoist MCP tool descriptions; add regression test (fixes #2170)
bug-ops
force-pushed
the
2173-provider-name-display
branch
from
c88ebdf to
7204e59
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
/providerswitch and/provider statusnow show the configurednamefrom[[llm.providers]]instead of the provider type string (e.g.openai) — fixes fix(core): /provider switch shows provider type instead of configured name #2173new_directiveinjection pattern to require a colon suffix, eliminating false positive on "new persona" in Todoist MCP tool descriptions — fixes fix(mcp): false positive injection detection in Todoist MCP tool descriptions #2170Changes
#2173 — provider name display:
RuntimeConfig: addedactive_provider_name: Stringfieldbuilder.rs:with_active_provider_name()builder methodprovider_cmd.rs: switch/status/list handlers useactive_provider_name(fallback toprovider.name()when empty)runner.rs: initializesactive_provider_namefrom first pool entry at startup#2170 — MCP injection false positive:
patterns.rs:new_directiveregex narrowed fromnew\s+(instructions?|directives?|roles?|personas?)tonew\s+(instructions?|directives?)\s*:— colon suffix requiredsanitize.rs: regression testnew_persona_in_tool_description_not_flaggedaddedTest plan
cargo +nightly fmt --check— cleancargo clippy --features full --workspace --lib --bins -- -D warnings— cleancargo nextest run --workspace --features full --lib --bins— 6469 passed, 0 failednew_persona_in_tool_description_not_flaggedpasses/providertests pass (list/status/switch/already-active paths)