fix(task): respect agent task permission for nested sub-agents (#8111)

2026-02-01 22:48:16 +00:00 · 2026-01-13 05:37:42 +03:00
parent 20088a87b0
commit 5d37e58d34
1 changed files with 13 additions and 6 deletions
--- a/packages/opencode/src/tool/task.ts
+++ b/packages/opencode/src/tool/task.ts
@@ -56,6 +56,9 @@ export const TaskTool = Tool.define("task", async (ctx) => {

      const agent = await Agent.get(params.subagent_type)
      if (!agent) throw new Error(`Unknown agent type: ${params.subagent_type} is not a valid agent type`)
+
+      const hasTaskPermission = agent.permission.some((rule) => rule.permission === "task")
+
      const session = await iife(async () => {
        if (params.session_id) {
          const found = await Session.get(params.session_id).catch(() => {})
@@ -76,11 +79,15 @@ export const TaskTool = Tool.define("task", async (ctx) => {
              pattern: "*",
              action: "deny",
            },
-            {
-              permission: "task",
-              pattern: "*",
-              action: "deny",
-            },
+            ...(hasTaskPermission
+              ? []
+              : [
+                  {
+                    permission: "task" as const,
+                    pattern: "*" as const,
+                    action: "deny" as const,
+                  },
+                ]),
            ...(config.experimental?.primary_tools?.map((t) => ({
              pattern: "*",
              action: "allow" as const,
@@ -146,7 +153,7 @@ export const TaskTool = Tool.define("task", async (ctx) => {
        tools: {
          todowrite: false,
          todoread: false,
-          task: false,
+          ...(hasTaskPermission ? {} : { task: false }),
          ...Object.fromEntries((config.experimental?.primary_tools ?? []).map((t) => [t, false])),
        },
        parts: promptParts,