From 6ec01537a696d80c85ab815dc186267a2f88ebb1 Mon Sep 17 00:00:00 2001 From: Lauren ten Hoor <32955832+laurentenhoor@users.noreply.github.com> Date: Tue, 10 Feb 2026 00:54:36 +0800 Subject: [PATCH] fix: block sessions_send in addition to sessions_spawn (#19) (#20) Workers shouldn't spawn sub-agents or message other sessions directly. All coordination should go through DevClaw tools (task_pickup, task_complete, etc.). --- lib/setup.ts | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/setup.ts b/lib/setup.ts index 770bfc9..988f265 100644 --- a/lib/setup.ts +++ b/lib/setup.ts @@ -279,7 +279,8 @@ async function resolveWorkspacePath(agentId: string): Promise { /** * Write DevClaw model tier config and devClawAgentIds to openclaw.json plugins section. - * Also adds tool restrictions (deny sessions_spawn) to DevClaw agents. + * Also adds tool restrictions (deny sessions_spawn, sessions_send) to DevClaw agents. + * This prevents workers from spawning sub-agents or messaging other sessions directly. * Configures subagent cleanup interval to keep development sessions alive. * Read-modify-write to preserve existing config. */ @@ -325,13 +326,15 @@ async function writePluginConfig( config.plugins.entries.devclaw.config.devClawAgentIds = [...existing, agentId]; } - // Add tool restrictions (deny sessions_spawn) to the agent + // Add tool restrictions to the agent + // Workers shouldn't spawn sub-agents or message other sessions directly + // All coordination should go through DevClaw tools (task_pickup, task_complete, etc.) const agent = config.agents?.list?.find((a: { id: string }) => a.id === agentId); if (agent) { if (!agent.tools) { agent.tools = {}; } - agent.tools.deny = ["sessions_spawn"]; + agent.tools.deny = ["sessions_spawn", "sessions_send"]; // Clear any conflicting allow list delete agent.tools.allow; }