fix(agent-memory): yaml-escape hint values in memory_observe and add max_hint_bytes config#1154
Open
ralf003 wants to merge 1 commit into
Open
fix(agent-memory): yaml-escape hint values in memory_observe and add max_hint_bytes config#1154ralf003 wants to merge 1 commit into
ralf003 wants to merge 1 commit into
Conversation
…max_hint_bytes config - Add yaml_escape_hint() to safely double-quote hint values in YAML frontmatter, preventing corruption from '#', ':', quotes, and control characters (previously only newlines were handled). - Add max_hint_bytes (default 512) to MemoryConfig to cap hint length and prevent a rogue model from injecting oversized hints. - Add MEMORY_MAX_HINT_BYTES env var override. - Add 9 unit tests for yaml_escape_hint covering special chars, multiline, empty, control chars, and normal text. - Update memory_observe signature to accept &MemoryConfig for limit enforcement; propagate config through MemoryService facade and MCP server.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
memory_observewrites the model-providedhintvalue into YAML frontmatter with minimal sanitization — only newlines are replaced with spaces. YAML special characters (#comment,:key-value separator, quotes, backslashes) can corrupt the frontmatter block. For example,hint: fix #123 and #456is truncated by the YAML parser atfixbecause#starts a comment.Additionally, there is no size limit on the hint field, unlike
max_read_bytes/max_write_bytes/max_append_bytesfor other MemoryConfig fields. A rogue or misconfigured model could inject arbitrarily long hints.Changes (116 lines, 3 files)
src/tools/memory_observe.rsyaml_escape_hint()function (~20 lines) that double-quotes hint values and escapes",\,\n/\r, and ASCII control characters for safe YAML inclusionmax_hint_bytesenforcement (default 512) — hints exceeding the limit are rejected withInvalidArgument#comment characters, colons, quotes, backslashes, multiline, empty strings, control chars, and normal textsrc/config.rsmax_hint_bytes: u64toMemoryConfigwith default 512default_max_hint_bytes()functionMEMORY_MAX_HINT_BYTESenv var override inapply_env_overrides()Service layer propagation
src/service/mod.rs: pass&self.config.memorythrough totools::memory_observe(no signature change at service level)Verification
yaml_escape_hinttests pass