fix(webfetch): guard redirect loops in built-in flow#2810
Merged
code-yeongyu merged 2 commits intodevfrom Mar 24, 2026
Merged
Conversation
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 10 files
Confidence score: 2/5
- There is a high-confidence, high-severity compatibility risk in
src/plugin/tool-execute-after.ts, so merge risk is elevated rather than routine. - The redirect guard added in
tool.execute.afteris reported to not catchwebfetch/native fetch redirect-loop exceptions in the Opencode SDK, which can leave crashes unhandled and user-facing failures unresolved. - Given the concrete behavior mismatch (severity 8/10, confidence 10/10), this is likely to cause a real regression unless addressed before merge.
- Pay close attention to
src/plugin/tool-execute-after.ts- redirect-loop exceptions may bypass the new guard and still crash tool execution.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="src/plugin/tool-execute-after.ts">
<violation number="1" location="src/plugin/tool-execute-after.ts:128">
P1: Custom agent: **Opencode Compatibility**
Adding the redirect guard to `tool.execute.after` will not intercept `webfetch` crashes. In the Opencode SDK, tool execution exceptions (like native `fetch` redirect loop errors) cause the wrapper to throw, bypassing the `tool.execute.after` hook entirely.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| await hooks.taskResumeInfo?.["tool.execute.after"]?.(input, output) | ||
| await hooks.readImageResizer?.["tool.execute.after"]?.(input, output) | ||
| await hooks.hashlineReadEnhancer?.["tool.execute.after"]?.(input, output) | ||
| await hooks.webfetchRedirectGuard?.["tool.execute.after"]?.(input, output) |
There was a problem hiding this comment.
P1: Custom agent: Opencode Compatibility
Adding the redirect guard to tool.execute.after will not intercept webfetch crashes. In the Opencode SDK, tool execution exceptions (like native fetch redirect loop errors) cause the wrapper to throw, bypassing the tool.execute.after hook entirely.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At src/plugin/tool-execute-after.ts, line 128:
<comment>Adding the redirect guard to `tool.execute.after` will not intercept `webfetch` crashes. In the Opencode SDK, tool execution exceptions (like native `fetch` redirect loop errors) cause the wrapper to throw, bypassing the `tool.execute.after` hook entirely.</comment>
<file context>
@@ -125,6 +125,7 @@ export function createToolExecuteAfterHandler(args: {
await hooks.taskResumeInfo?.["tool.execute.after"]?.(input, output)
await hooks.readImageResizer?.["tool.execute.after"]?.(input, output)
await hooks.hashlineReadEnhancer?.["tool.execute.after"]?.(input, output)
+ await hooks.webfetchRedirectGuard?.["tool.execute.after"]?.(input, output)
await hooks.jsonErrorRecovery?.["tool.execute.after"]?.(input, output)
}
</file context>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The webfetch tool crashes with 'The response redirected too many times' when encountering redirect loops. No graceful handling — the error propagates raw to the user.
Fix
Verification
bun run typecheck— passbun run build— passbun test src/hooks/webfetch-redirect-guard— passSummary by cubic
Prevents
webfetchcrashes on redirect loops by adding a guard that pre-resolves redirects and normalizes errors. Users now get a clear message instead of raw “too many redirects,” and successful content stays unchanged.webfetch-redirect-guardhook to pre-resolve redirects (manual follow) and cap at 10.formatandtimeoutargs with sane headers and timeout caps.tool.execute.beforeandtool.execute.after; hook is toggleable via config schema.webfetchno-op.Written for commit 971912e. Summary will update on new commits.