increase timeout indefinetely in agentlab-mentor #293
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![korbit-ai[bot]](https://avatars.githubusercontent.com/in/322216?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review by Korbit AI
Korbit automatically attempts to detect when you fix issues in new commits.
| Category | Issue | Status |
|---|---|---|
 |
Infinite Wait Vulnerability ▹ view |
Files scanned
| File Path | Reviewed |
|---|---|
| src/agentlab/agents/hitl_agent/hitl_agent.py | ✅ |
| src/agentlab/agents/hitl_agent/generic_human_guided_agent.py | ✅ |
Explore our documentation to understand the languages and file types we support and the files we ignore.
Check out our docs on how you can make Korbit work best for you and your team.
| @@ -75,7 +75,7 @@ def get_action(self, obs): | |||
| ) | |||
|
|
|||
| self.ui.update_context(hint_labeling_inputs) | |||
| response = self.ui.wait_for_response(timeout=600) | |||
| response = self.ui.wait_for_response(timeout=None) | |||
There was a problem hiding this comment.
Infinite Wait Vulnerability 
Tell me more
What is the issue?
The timeout for the UI response wait has been changed from 600 seconds to None, effectively removing the timeout limit.
Why this matters
Without a timeout limit, the application becomes vulnerable to potential Denial of Service (DoS) attacks where a malicious user could intentionally hang the system indefinitely by never providing a response.
Suggested change ∙ Feature Preview
response = self.ui.wait_for_response(timeout=600) # Or another reasonable timeout valueProvide feedback to improve future suggestions
💬 Looking for more details? Reply to this comment to chat with Korbit.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request removes the timeout for waiting on user responses in both the
generic_human_guided_agent.pyandhitl_agent.pyagents. Now, the system will wait indefinitely for user input instead of timing out after 600 seconds.User input handling:
wait_for_responsemethod in bothgeneric_human_guided_agent.pyandhitl_agent.pyto wait indefinitely for user responses by settingtimeout=Noneinstead of a 600-second timeout. [1] [2]Description by Korbit AI
What change is being made?
Set the timeout parameter to
Nonefor thewait_for_responsefunction in thegeneric_human_guided_agent.pyandhitl_agent.pymodules.Why are these changes being made?
This change allows the human-in-the-loop (HITL) agents to wait indefinitely for user responses, ensuring that the system does not prematurely time out after 600 seconds if the response takes longer. This is important for scenarios where human inputs have unpredictable delays, thus providing more flexibility and preventing potential interruption in user interactions.