Skip to content

fix(agent-builder): resolve target revision for set_secret/connect_mcp punch-outs#3323

Open
dmarticus wants to merge 3 commits into
mainfrom
posthog-code/fix-agent-builder-set-secret-revision
Open

fix(agent-builder): resolve target revision for set_secret/connect_mcp punch-outs#3323
dmarticus wants to merge 3 commits into
mainfrom
posthog-code/fix-agent-builder-set-secret-revision

Conversation

@dmarticus

Copy link
Copy Markdown
Contributor

Problem

Every set_secret (and connect_mcp) punch-out in the agent builder fails with missing_arg: revision_id. Since secrets moved to per-revision scope (#2749), the client tool handler requires a target revision — but the agent-builder's tool schemas don't define revision_id, so the meta-agent never sends one, and the intended fallback (the revision open on the agent-config page) was dead code: nothing ever populated revision in that page context. The result is that agents built in the builder can't get credentials set at all.

Changes

  • useAgentBuilderClientTools: when revision_id isn't in the args, resolve it — the revision the user is viewing on this agent's config page, else via the API. New secrets and MCP connections target the newest draft (secrets only copy forward at draft creation, and spec PATCHes only land on drafts); rotations target the live revision.
  • Thread the resolved revision from AgentConfigurationPane into the agent-builder page context (previously never set), and only trust it when it belongs to the agent the tool call targets.
  • Expose the viewed revision as revision_id in the get_context payload so the agent can target a revision explicitly.

How did you test this?

  • Added useAgentBuilderClientTools.test.ts (9 tests) covering explicit-arg, page-context, slug-mismatch, draft-vs-live preference by mode, newest fallback, no-revision and API-failure error paths, and connect_mcp draft targeting — all pass.
  • pnpm --filter @posthog/ui typecheck and biome check clean.

Automatic notifications

  • Publish to changelog?
  • Alert Sales and Marketing teams?

Created with PostHog Code

…p punch-outs

Since secrets moved to per-revision scope, the set_secret/connect_mcp
client tools required a revision_id the agent never sends (the tool
schemas don't define it) and fell back to an agent-config page context
whose `revision` field was never populated — so every punch-out failed
with `missing_arg: revision_id`.

Resolve the target revision instead: explicit arg → the revision open
on this agent's config page (now actually threaded from the
configuration pane) → API fallback (newest draft for new secrets and
MCP connections, live for rotations). Also expose the viewed revision
in the get_context payload so the agent can target one explicitly.

Generated-By: PostHog Code
Task-Id: 2a145449-d5be-47f3-bee6-cf91a7baae89
@trunk-io

trunk-io Bot commented Jul 9, 2026

Copy link
Copy Markdown

Merging to main in this repository is managed by Trunk.

  • To merge this pull request, check the box to the left or comment /trunk merge below.

After your PR is submitted to the merge queue, this comment will be automatically updated with its status. If the PR fails, failure details will also be posted here

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown

React Doctor found no issues in the changed files. 🎉

Reviewed by React Doctor for commit 1e0b1bc.

@dmarticus dmarticus marked this pull request as ready for review July 9, 2026 21:40
@greptile-apps

greptile-apps Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Security Review

The client now trusts explicit revision_id values from tool calls. If server-side nested revision validation is not strict, this can cross an agent ownership boundary.

Reviews (1): Last reviewed commit: "fix(agent-builder): resolve target revis..." | Re-trigger Greptile

dmarticus added 2 commits July 9, 2026 14:55
…targeting

Review feedback: with mode "rotate", the page-context fallback could
return the draft the user is viewing, writing the rotated secret to the
draft while the running (live) revision kept the old value. Only honor
the viewed revision for draft-preference resolution (new secrets, MCP
connections); rotations always resolve live via the API.

Generated-By: PostHog Code
Task-Id: 2a145449-d5be-47f3-bee6-cf91a7baae89
… agent

An explicit revision_id arg is now checked against the target agent (via the nested revision route, which 404s on mismatch) before the punch-out form is parked. The backend rejects mismatched writes anyway, but that failure would only surface at submit, after the user has already typed the secret into a doomed form.

Generated-By: PostHog Code
Task-Id: d37eba08-19ac-40f5-8035-e68f91f39ebc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant