Skip to content

Add invinoveritas_review tool: independent review before irreversible actions#2086

Open
babyblueviper1 wants to merge 1 commit into
FoundationAgents:mainfrom
babyblueviper1:add-invinoveritas-review-tool
Open

Add invinoveritas_review tool: independent review before irreversible actions#2086
babyblueviper1 wants to merge 1 commit into
FoundationAgents:mainfrom
babyblueviper1:add-invinoveritas-review-tool

Conversation

@babyblueviper1

Copy link
Copy Markdown

Summary

New tool, invinoveritas_review (metagpt/tools/libs/invinoveritas_review.py), registered in tools/libs/__init__.py alongside terminal/editor/browser/deployer/git — no other files changed.

Why

Terminal.forbidden_commands is a small, hardcoded denylist ("run dev", "serve " today). It's a good first line of defense, but it can only catch the exact patterns someone thought to list — anything else (a broad rm -rf, a destructive SQL migration, an unbounded chmod, a risky deploy config) passes through unchecked.

This tool is the general-purpose complement: sends the exact artifact (a shell command, a git diff, a config change) to invinoveritas — an independent, model-agnostic reviewer — and returns a structured verdict (approve / approve_with_concerns / reject) + ranked issues, so an agent can check something novel before Terminal.run_command or Deployer.deploy_to_public, not just the two hardcoded strings.

Free registration (/register) returns an api_key with trial calls per tool; no crypto/payment setup needed to try it.

Verified before submitting

Real calls against the live API, not mocks:

artifact: rm -rf /var/log/*.log && systemctl restart nginx
-> verdict: approve_with_concerns, confidence: 0.85
   "will delete all log files... could lead to loss of important log data"
INVINOVERITAS_API_KEY unset -> {"verdict": "unavailable", "confidence": 0.0,
"summary": "...register free...", "issues": []} — the documented fallback,
not an unhandled exception.

Ran the actual submitted function end-to-end (stubbed only metagpt.tools.tool_registry.register_tool so it imports without the full framework install — the httpx call and response-shaping logic is the real, unmodified code).

Happy to adjust naming/placement/style to match project conventions more closely.

… actions

New tool (metagpt/tools/libs/invinoveritas_review.py) + registration in
tools/libs/__init__.py -- no other files changed.

Terminal's forbidden_commands is a 2-entry hardcoded denylist ("run dev",
"serve "). This tool is the general-purpose check for everything that
list doesn't cover: sends the exact artifact (a shell command, a git
diff, a config change) to invinoveritas (https://api.babyblueviper.com),
an independent, model-agnostic reviewer, and returns a structured verdict
(approve / approve_with_concerns / reject) + ranked issues before the
agent proceeds. Free registration returns an api_key with trial calls;
no crypto/payment setup needed to try it.

Verified before submitting (real calls against the live API, not mocks):
- A genuine risky command (`rm -rf /var/log/*.log && systemctl restart
  nginx`) -> verdict=approve_with_concerns, confidence=0.85, correctly
  flagging the log-data-loss risk.
- Missing INVINOVERITAS_API_KEY -> the documented
  {"verdict": "unavailable", ...} fallback, not an exception.
- Ran the actual submitted function (stubbed only
  metagpt.tools.tool_registry.register_tool so it imports without the
  full framework install; the httpx call + response-shaping logic is the
  real, unmodified code).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant