From e5de61d68279c65b5581e2836bafd894d9a75dbd Mon Sep 17 00:00:00 2001 From: Enrico Ros Date: Tue, 28 Apr 2026 18:24:00 -0700 Subject: [PATCH] AIX: Anthropic: do not turn on code execution just for dynamic filtering. #1087 --- .../adapters/anthropic.messageCreate.ts | 13 ++++++++++--- .../llms/server/anthropic/anthropic.access.ts | 3 ++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/modules/aix/server/dispatch/chatGenerate/adapters/anthropic.messageCreate.ts b/src/modules/aix/server/dispatch/chatGenerate/adapters/anthropic.messageCreate.ts index 90ed5bae8..1778a1d24 100644 --- a/src/modules/aix/server/dispatch/chatGenerate/adapters/anthropic.messageCreate.ts +++ b/src/modules/aix/server/dispatch/chatGenerate/adapters/anthropic.messageCreate.ts @@ -35,7 +35,7 @@ export function aixAnthropicHostedFeatures(model: AixAPI_Model, chatGenerate: Ai const _hasAixToolRestrictivePolicy = chatGenerate.toolsPolicy?.type === 'any' || chatGenerate.toolsPolicy?.type === 'function_call'; // Dynamic web tools (20260209) require code execution for programmatic tool calling - const hasDynamicWebTools = model.vndAntWebDynamic === true && (model.vndAntWebSearch === 'auto' || model.vndAntWebFetch === 'auto'); + // const hasDynamicWebTools = model.vndAntWebDynamic === true && (model.vndAntWebSearch === 'auto' || model.vndAntWebFetch === 'auto'); // Programmatic Tool Calling - tools with allowed_callers or input_examples const programmaticToolCalling = chatGenerate.tools?.some(tool => @@ -45,10 +45,15 @@ export function aixAnthropicHostedFeatures(model: AixAPI_Model, chatGenerate: Ai ), ) ?? false; + // [Anthropic, issue #1087] Dynamic web tools (20260209) have INTERNAL code execution. We do not + // explicitly add the code_execution tool nor the beta header for them: Anthropic enables what is + // needed implicitly behind the scenes. Adding our own creates two execution environments and + // confuses the model (e.g. bash searches for inlined attachments, web tools called from scripts + // without `allowed_callers` permission, runaway tool loops). return { disableAllHostedTools: !!(_hasAixCustomTools && _hasAixToolRestrictivePolicy), enable1MContext: model.vndAnt1MContext === true, - enableCodeExecution: !!model.vndAntSkills || !!model.vndAntContainerId || hasDynamicWebTools || programmaticToolCalling, + enableCodeExecution: !!model.vndAntSkills || !!model.vndAntContainerId || programmaticToolCalling, enableFastMode: model.vndAntInfSpeed === 'fast', enableSkills: !!model.vndAntSkills, enableStrictOutputs: !!model.strictJsonOutput || !!model.strictToolInvocations, @@ -284,7 +289,9 @@ export function aixToAnthropicMessageCreate(model: AixAPI_Model, _chatGenerate: name: 'tool_search_tool_bm25', }); - // Code Execution tool - required for dynamic filtering, Skills, etc. + // Code Execution tool - for Skills, container reuse, and Programmatic Tool Calling. + // Note: NOT added for dynamic web tools (_20260209) - they execute code internally and adding + // a standalone environment confuses the model (issue #1087). if (enableCodeExecution) hostedTools.push({ type: 'code_execution_20260120', name: 'code_execution' }); diff --git a/src/modules/llms/server/anthropic/anthropic.access.ts b/src/modules/llms/server/anthropic/anthropic.access.ts index 8bc91c92d..704e499dc 100644 --- a/src/modules/llms/server/anthropic/anthropic.access.ts +++ b/src/modules/llms/server/anthropic/anthropic.access.ts @@ -177,7 +177,8 @@ export function anthropicBetaFeatures(options?: AnthropicHostedFeatures): string if (options?.enable1MContext) bf.add('context-1m-2025-08-07'); - // Code execution (for dynamic web tools PFC, or Skills) + files API for container downloads + // Code execution (for Skills, container reuse, Programmatic Tool Calling) + files API for container downloads. + // NOT enabled for dynamic web tools (_20260209): those have internal code execution managed by Anthropic. // Note: SDK defines code-execution-2025-05-22; we use 2025-08-25 (newer iteration, not yet in SDK types). // Code execution may be GA now (most SDK examples skip the beta namespace), but keeping for safety. if (options?.enableCodeExecution) {