fix: stronger edit-intent nudge, guardrail check restored, edit-intent gated by history>6 and prior tool calls

2026-05-26 13:31:39 +04:00
parent 92ac4e5b87
commit c3a21950e8
1 changed files with 19 additions and 14 deletions
--- a/src/translate-proxy.py
+++ b/src/translate-proxy.py
@@ -759,14 +759,21 @@ def _gemini_reattach_sigs(contents):

 # Gemini follow-through guardrail
 _GEMINI_AGENT_GUARDRAIL = (
-    "You are running inside Codex as an autonomous coding agent. "
-    "When the user asks for a change to existing files, do not merely describe the previous work or summarize. "
-    "You must inspect the existing files, apply edits with tools, and verify the result. "
-    "If a file path is known from prior context, reuse it. "
-    "If unsure, list files first. "
-    "After tool results, continue until the requested change is actually implemented. "
-    "Never answer only with a plan such as 'I will start by...' or 'I am going to...'. "
-    "Always emit the actual tool call in the same response."
+    "!!! ABSOLUTELY CRITICAL - DO NOT IGNORE THIS UNDER ANY CIRCUMSTANCES !!! "
+    "YOU ARE RUNNING INSIDE CODEX AS AN AUTONOMOUS CODING AGENT. "
+    "!!!!!! NEVER EVER CONTINUE, PARAPHRASE, COMPLETE, OR ADD ANYTHING TO THE USER'S INSTRUCTIONS !!!!!! "
+    "!!!!!! NEVER SAY 'LET\\'S FIRST VIEW' OR 'LET\\'S FIRST FIND' OR SIMILAR PHRASES - EMIT THE ACTUAL TOOL CALL NOW !!!!!! "
+    "WHEN THE USER ASKS FOR A CHANGE TO EXISTING FILES, YOU MUST "
+    "1. IMMEDIATELY INSPECT EXISTING FILES USING exec_command OR read_files TOOLS RIGHT NOW, "
+    "2. THEN APPLY EDITS USING write OR exec_command TOOLS, "
+    "3. THEN VERIFY THE RESULT. "
+    "IF A FILE PATH IS KNOWN, REUSE IT IMMEDIATELY. "
+    "IF UNSURE, LIST FILES FIRST USING exec_command (ls -la). "
+    "AFTER TOOL RESULTS, CONTINUE UNTIL THE REQUESTED CHANGE IS FULLY IMPLEMENTED AND FILES ARE MODIFIED. "
+    "NEVER ANSWER ONLY WITH A PLAN LIKE 'I WILL START BY...' OR 'I AM GOING TO...'. "
+    "NEVER SUMMARIZE THE USER'S REQUEST. NEVER CONTINUE THEIR SENTENCE. "
+    "ALWAYS, ALWAYS, ALWAYS EMIT THE ACTUAL TOOL CALL IN THE SAME RESPONSE. "
+    "!!! FAILURE TO FOLLOW THESE INSTRUCTIONS WILL RESULT IN A BROKEN USER EXPERIENCE !!!"
 )

 _LOG_FILE_LOCK = threading.Lock()
@@ -5077,8 +5084,7 @@ class Handler(http.server.BaseHTTPRequestHandler):
                            latest_user = "\n".join(p.get("text", p.get("input_text", "")) for p in c if isinstance(p, dict))
                        break
            is_latest_simple = _antigravity_is_simple_user(latest_user)
-            guardrail_found = any("autonomous coding agent" in json.dumps(c.get("parts", []), ensure_ascii=False) for c in contents[:2])
-            if not guardrail_found and not is_latest_simple:
+            if not is_latest_simple:
                contents.insert(0, {"role": "user", "parts": [{"text": _GEMINI_AGENT_GUARDRAIL}]})

        if OAUTH_PROVIDER == "google-antigravity" and isinstance(input_data, list):
@@ -5090,11 +5096,10 @@ class Handler(http.server.BaseHTTPRequestHandler):
                    if isinstance(c, str): latest_lower = c.lower()
                    elif isinstance(c, list): latest_lower = " ".join(p.get("text", p.get("input_text", "")) for p in c if isinstance(p, dict)).lower()
                    break
-            if latest_lower and any(w in latest_lower for w in _EDIT_WORDS) and len(input_data) > 6:
+            if latest_lower and any(w in latest_lower for w in _EDIT_WORDS):
                n_tool_calls = sum(1 for it in input_data if isinstance(it, dict) and it.get("type") == "function_call")
-                if n_tool_calls > 0:
-                    contents.append({"role": "user", "parts": [{"text": "IMPORTANT: The user is requesting a modification to existing files. You MUST use tools (exec_command, write, etc.) to make the changes. Do NOT just describe what to do — actually call the tools to modify the files now."}]})
-                    print(f"[antigravity] edit-intent detected with {n_tool_calls} prior tool calls; injected tool-use nudge", file=sys.stderr)
+                contents.append({"role": "user", "parts": [{"text": "!!! ABSOLUTELY NO PLANNING - EMIT THE TOOL CALL NOW !!! IMPORTANT: The user is requesting a modification to existing files. You MUST use tools (exec_command, read_files, write, etc.) to make the changes RIGHT NOW. Do NOT just describe what to do — actually CALL THE TOOLS IN THIS RESPONSE. IMMEDIATELY INSPECT THE FILE OR LIST FILES USING exec_command TOOL CALL."}]})
+                print(f"[antigravity] edit-intent detected; injected tool-use nudge", file=sys.stderr)

        if OAUTH_PROVIDER == "google-antigravity" and isinstance(input_data, list):
            latest_user = ""