From 373e6abfb42b3a90fc541337fe99c63a97ea01ed Mon Sep 17 00:00:00 2001 From: c <37263590+Aphroq@users.noreply.github.com> Date: Sat, 2 May 2026 14:06:45 +0000 Subject: [PATCH] fix: reject string-like shell commands --- src/agents/run_internal/tool_execution.py | 8 ++++++-- tests/test_shell_call_serialization.py | 10 ++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/src/agents/run_internal/tool_execution.py b/src/agents/run_internal/tool_execution.py index 421ee05a54..b72b51c537 100644 --- a/src/agents/run_internal/tool_execution.py +++ b/src/agents/run_internal/tool_execution.py @@ -619,8 +619,12 @@ def coerce_shell_call(tool_call: Any) -> ShellCallData: raise ModelBehaviorError("Shell call is missing an action payload.") commands_value = get_mapping_or_attr(action_payload, "commands") - if not isinstance(commands_value, Sequence): - raise ModelBehaviorError("Shell call action is missing commands.") + if isinstance(commands_value, str | bytes | bytearray) or not isinstance( + commands_value, Sequence + ): + raise ModelBehaviorError( + "Shell call action commands must be a sequence of command strings." + ) commands: list[str] = [] for entry in commands_value: if entry is None: diff --git a/tests/test_shell_call_serialization.py b/tests/test_shell_call_serialization.py index f21f028a72..de6f81e865 100644 --- a/tests/test_shell_call_serialization.py +++ b/tests/test_shell_call_serialization.py @@ -29,6 +29,16 @@ def test_coerce_shell_call_requires_commands() -> None: run_loop.coerce_shell_call(tool_call) +@pytest.mark.parametrize("commands", ["echo hi", b"echo hi", bytearray(b"echo hi")]) +def test_coerce_shell_call_rejects_string_like_commands(commands: object) -> None: + tool_call = {"call_id": "shell-3", "action": {"commands": commands}} + with pytest.raises( + ModelBehaviorError, + match="Shell call action commands must be a sequence of command strings.", + ): + run_loop.coerce_shell_call(tool_call) + + def test_normalize_shell_output_handles_timeout() -> None: entry = { "stdout": "",