mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-05-06 22:32:39 +02:00
36 lines
1.6 KiB
Markdown
36 lines
1.6 KiB
Markdown
# After Work Fixes
|
|
|
|
## Middleware Risk Flags (new_chat)
|
|
|
|
These are known "policy/routing via middleware" risks to review later.
|
|
|
|
1. `FileIntentMiddleware`
|
|
- Risk: `file_write` classification can force `write_file`/`edit_file` and override deliverable or connector tool selection.
|
|
- Example failure: user asks for video/report artifact, agent writes into `/documents/*` instead.
|
|
|
|
2. `KnowledgePriorityMiddleware`
|
|
- Risk: KB planner and injected priority hints can over-anchor turns to KB reads when connector action is the better path.
|
|
|
|
3. `KnowledgeTreeMiddleware`
|
|
- Risk: injected workspace tree can bias behavior toward file navigation/writes by default.
|
|
|
|
4. `SurfSenseFilesystemMiddleware` + `KnowledgeBasePersistenceMiddleware`
|
|
- Risk: mistaken `write_file` actions become persisted NOTE documents in KB, making wrong-path behavior durable.
|
|
|
|
5. `PermissionMiddleware`
|
|
- Risk: deny/ask rules can hide or block the correct tool, appearing as "model chose wrong tool" when it never had access.
|
|
|
|
6. Subagent middleware parity (`chat_deepagent.py`)
|
|
- Risk: parent vs subagent stack differences can produce inconsistent behavior across similar tasks.
|
|
|
|
7. `SpillingContextEditingMiddleware` + compaction
|
|
- Risk: context trimming can remove critical tool evidence and cause wrong retries/tool choices.
|
|
|
|
8. `ToolCallNameRepairMiddleware`
|
|
- Risk: malformed calls may be auto-repaired to unintended tools in edge cases.
|
|
|
|
9. `DedupHITLToolCallsMiddleware` / `DoomLoopMiddleware`
|
|
- Risk: legitimate repeated calls can be suppressed or stopped early.
|
|
|
|
10. `MemoryInjectionMiddleware`
|
|
- Risk: injected memory may bias tool choice away from fresh connector/KB evidence.
|