`HANDOFF_RE` used a non-greedy `.*?\}`, so the match ended at the first
closing brace. Every real `handoff_request` nests objects (`payload`,
and `payload.params`), so the captured substring was truncated
mid-object and `json.loads` raised — `extract_handoff` rejected every
well-formed handoff as `invalid_json` before the target allowlist and
schema validators ever ran. In practice the cross-agent handoff path
did not function for any realistic payload.
Replace the full-match regex with a start anchor (`HANDOFF_START_RE`)
and extract the complete object with `json.JSONDecoder().raw_decode`,
which is string- and brace-nesting aware and returns exactly one
complete JSON value plus its end offset. Multi-line payloads now parse
as well. The audit log's `raw_len` field, previously `len(m.group(0))`,
is now derived from the decoded object's span (`end - m.start()`), and
its three later uses on the target/schema/params rejection paths are
updated to the new variable. Downstream validation — target allowlist,
payload and per-intent schemas, sanitize/frame — is unchanged.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
88c8906831