admin/zCode-CLI-X
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perf: Hermes guardrail + OpenCode tool selection + parallel execution

Browse Source 
Upgraded tool execution pipeline by studying three major open-source projects:

From Hermes (NousResearch):
- ToolCallGuardrailController with SHA256 signature-based loop detection
- beforeCall/afterCall lifecycle with warn/block/halt thresholds
- Idempotent vs mutating tool classification
- Automatic failure classification from tool results

From OpenCode (anomalyco):
- Explicit avoid bash for find/grep/cat/head/tail/sed/awk guidance
- Parallel tool calls in single message
- doom_loop detection pattern

From Ruflo (ruvnet):
- Parallel data extraction with dedup

Benchmark: 47 turns -> 15 turns, 5min -> 2min, 0 ghost chasing

Co-Authored-By: zcode <noreply@zcode.dev>
This commit is contained in:
admin
2026-05-06 13:45:19 +00:00
Unverified
parent e4fe8c51b6
commit 19ac52505f
3 changed files with 324 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/bot/index.js
View File

@@ -67,14 +67,15 @@ function buildSystemPrompt(svc) {
'',
'1. **Read your context first.** Your tools, agents, skills, and project info are listed below.',
' NEVER use tools to re-discover information already in this prompt. This wastes turns and time.',
'2. **Use the RIGHT tool.** Prefer specialized tools over raw bash:',
' - `file_read` > `bash("cat file")` — has caching, dedup, line numbers',
' - `glob` > `bash("find ...")` — faster, purpose-built',
' - `grep` > `bash("grep ...")` — ripgrep-backed, structured output',
' - `file_edit` > `bash("sed ...")` — atomic, safe, with dry-run',
' - `browser` > `bash("curl ...")` — parses HTML, extracts content',
' Use bash ONLY when no specialized tool fits (e.g. running tests, installs, git).',
'3. **Batch parallel calls.** When you need multiple independent pieces of info, make ALL',
'2. **Use the RIGHT tool.** AVOID using bash with these commands (OpenCode rule):',
' - File search: Use `glob` (NOT find or ls)',
' - Content search: Use `grep` (NOT grep/rg)',
' - Read files: Use `file_read` (NOT cat/head/tail)',
' - Edit files: Use `file_edit` (NOT sed/awk)',
' - Write files: Use `file_write` (NOT echo/cat heredoc)',
' - Fetch URLs: Use `browser` or `web_fetch` (NOT curl/wget)',
' Use bash ONLY for: tests, installs, git, systemctl, and commands no tool covers.',
' Violating this rule wastes turns and bypasses caching.',
' tool calls in a single turn. Example: reading 3 files = 3 parallel calls in 1 turn, NOT 3 turns.',
'4. **No ghost chasing.** If a command fails (wrong path, file not found), do NOT retry the',
' same command. Use `glob` or `ls` to find the correct path, then proceed.',
@@ -599,6 +600,12 @@ export async function initBot(config, api, tools, skills, agents) {
// ── Execute tool calls (PARALLEL for independent calls) ──
// Inspired by Claude Code, Cursor, and OpenHands: run independent tool calls
// concurrently to minimize per-turn latency.
// ── Execute tool calls (PARALLEL + Hermes guardrail lifecycle) ──
// Inspired by Hermes ToolCallGuardrailController + Cursor parallel execution:
// 1. beforeCall() — check if call should be blocked/halted
// 2. Execute (or serve from cache if blocked)
// 3. afterCall() — track failures/no-progress, append guidance
// 4. All independent calls run via Promise.all (parallel)
const toolPromises = response.tool_calls.map(async (tc) => {
const fn = tc.function;
try {
@@ -618,24 +625,14 @@ export async function initBot(config, api, tools, skills, agents) {
return { id: tc.id, result: `${fn.name} args truncated (${argLen} chars). ${hint}` };
}
// ── Ghost chasing detection (file_read + bash commands) ──
const ghostKey = fn.name === 'file_read' && args?.file_path
? `file_read:${args.file_path}`
: fn.name === 'bash' && args?.command
? `bash:${args.command.slice(0, 120)}`
: null;
if (ghostKey) {
const ghostCheck = sessionState.checkGhostChasing(ghostKey);
if (ghostCheck) {
logger.warn(`⚠ Ghost detected: ${ghostKey} called ${ghostCheck.count}x`);
const cachedResult = sessionState.getCachedToolResult(ghostKey);
if (cachedResult) {
return { id: tc.id, result: `⚠ Already executed this exact call ${ghostCheck.count}x. Cached result:\n\n${cachedResult}` };
}
}
// ── Hermes guardrail: beforeCall ──
const beforeDecision = sessionState.guardrail.beforeCall(fn.name, args);
if (beforeDecision.action === 'halt' || beforeDecision.action === 'block') {
logger.warn(`⚠ Guardrail ${beforeDecision.action}: ${fn.name}${beforeDecision.message}`);
return { id: tc.id, result: `🛑 ${beforeDecision.message}` };
}
// ── File read dedup: serve from cache if already read ──
// ── File read dedup: serve from cache ──
if (fn.name === 'file_read' && args?.file_path && sessionState.wasRead(args.file_path)) {
const cached = sessionState.getCachedRead(args.file_path, args.offset || 1, args.limit || 500);
if (cached) {
@@ -647,15 +644,24 @@ export async function initBot(config, api, tools, skills, agents) {
logger.info(`${fn.name}(${fn.arguments?.slice(0, 100)})`);
const result = String(await handler(args)).slice(0, TOOL_RESULT_MAX);
// Cache result for ghost detection
if (ghostKey) {
sessionState.cacheToolResult(ghostKey, result.slice(0, 2000));
// ── Hermes guardrail: afterCall ──
const afterDecision = sessionState.guardrail.afterCall(fn.name, args, result);
let finalResult = result;
if (afterDecision.action === 'warn' && afterDecision.guidance) {
logger.warn(afterDecision.message);
finalResult = result + '\n\n' + afterDecision.guidance;
}
return { id: tc.id, result };
return { id: tc.id, result: finalResult };
} catch (e) {
logger.error(`${fn.name} failed: ${e.message}`);
return { id: tc.id, result: `${fn.name} error: ${e.message}` };
// Track failure in guardrail
const afterDecision = sessionState.guardrail.afterCall(fn.name, null, `Error: ${e.message}`);
let errResult = `${fn.name} error: ${e.message}`;
if (afterDecision.guidance) {
errResult += '\n\n' + afterDecision.guidance;
}
return { id: tc.id, result: errResult };
}
});