Add stricter validation for prune tool IDs

Tarquinen · Tarquinen · commit ed2d32d14e91 · 2025-12-18T16:21:11.000-05:00
Reject prune requests for IDs not found in the tool cache, which catches
both hallucinated IDs and turn-protected tools that aren't shown in the
&lt;prunable-tools&gt; list.
diff --git a/lib/strategies/prune-tool.ts b/lib/strategies/prune-tool.ts
@@ -83,11 +83,17 @@ export function createPruneTool(
                 return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."
             }
 
-            // Check for protected tools (model hallucinated an ID not in the prunable list)
+            // Validate that all IDs exist in cache and aren't protected
+            // (rejects hallucinated IDs and turn-protected tools not shown in <prunable-tools>)
             for (const index of numericToolIds) {
                 const id = toolIdList[index]
                 const metadata = state.toolParameters.get(id)
-                if (metadata && config.strategies.pruneTool.protectedTools.includes(metadata.tool)) {
+                if (!metadata) {
+                    logger.debug("Rejecting prune request - ID not in cache (turn-protected or hallucinated)", { index, id })
+                    return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."
+                }
+                if (config.strategies.pruneTool.protectedTools.includes(metadata.tool)) {
+                    logger.debug("Rejecting prune request - protected tool", { index, id, tool: metadata.tool })
                     return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."
                 }
             }

Original file line number	Diff line number	Diff line change
`@@ -83,11 +83,17 @@ export function createPruneTool(`
`83`	`83`	`return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."`
`84`	`84`	`}`
`85`	`85`
`86`		`- // Check for protected tools (model hallucinated an ID not in the prunable list)`
	`86`	`+ // Validate that all IDs exist in cache and aren't protected`
	`87`	`+ // (rejects hallucinated IDs and turn-protected tools not shown in <prunable-tools>)`
`87`	`88`	`for (const index of numericToolIds) {`
`88`	`89`	`const id = toolIdList[index]`
`89`	`90`	`const metadata = state.toolParameters.get(id)`
`90`		`- if (metadata && config.strategies.pruneTool.protectedTools.includes(metadata.tool)) {`
	`91`	`+ if (!metadata) {`
	`92`	`+ logger.debug("Rejecting prune request - ID not in cache (turn-protected or hallucinated)", { index, id })`
	`93`	`+ return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."`
	`94`	`+ }`
	`95`	`+ if (config.strategies.pruneTool.protectedTools.includes(metadata.tool)) {`
	`96`	`+ logger.debug("Rejecting prune request - protected tool", { index, id, tool: metadata.tool })`
`91`	`97`	`return "Invalid IDs provided. Only use numeric IDs from the <prunable-tools> list."`
`92`	`98`	`}`
`93`	`99`	`}`