wenjin272 commented on code in PR #854:
URL: https://github.com/apache/flink-agents/pull/854#discussion_r3510955666
##########
python/flink_agents/runtime/python_java_utils.py:
##########
@@ -149,7 +151,9 @@ def get_python_tool_metadata(module: str, qual_name: str)
-> Dict[str, str]:
callable_ = descriptor.as_callable()
name = callable_.__name__
description = (parse(callable_.__doc__).description or "") if
callable_.__doc__ else ""
- args_schema_model = create_schema_from_function(name, callable_)
+ args_schema_model = create_schema_from_function(
+ name, callable_, injected_args=injected_args
Review Comment:
get_python_tool_metadata builds the schema from only the Java-passed
injected_args, never the callable's own `_injected_args`.
The pure-Python paths (`Tool.from_callable`,
`_eager_derive_python_metadata`) both `merge_injected_args(getattr(callable_,
"_injected_args", None), ...)`, so a Python tool authored with
`@tool(injected_args=...)` and used in a Java-orchestrated plan (YAML omitting
the arg) gets its injected param neither hidden from the schema nor injected at
call time — the model-supplied value flows into the real call, the exact
spoofing case this feature prevents.
Suggest merging the callable's _injected_args here (as the docstring's
"mirrors the Python-side derivation" claim implies).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]