Skip to content

security(tool_loader): prevent tool name and sys modules collisions i…#1214

Merged
JackYPCOnline merged 1 commit intostrands-agents:mainfrom
dbschmigelski:loader
Nov 21, 2025
Merged

security(tool_loader): prevent tool name and sys modules collisions i…#1214
JackYPCOnline merged 1 commit intostrands-agents:mainfrom
dbschmigelski:loader

Conversation

@dbschmigelski
Copy link
Member

@dbschmigelski dbschmigelski commented Nov 19, 2025

Description

This PR adds a prefix when we load modules in the tool loader. This addresses the risk that an engineer, or adversary, writes a tool with a conflicting name with an existing sys module.

Related Issues

strands-agents/docs#338

Documentation PR

strands-agents/docs#338

Type of Change

New feature

Testing

How have you tested the change? Verify that the changes do not break functionality or introduce warnings in consuming repositories: agents-docs, agents-tools, agents-cli

  • I ran hatch run prepare

Checklist

  • I have read the CONTRIBUTING document
  • I have added any necessary tests that prove my fix is effective or my feature works
  • I have updated the documentation accordingly
  • I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
  • My changes generate no new warnings
  • Any dependent changes have been merged and published

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@dbschmigelski dbschmigelski marked this pull request as ready for review November 19, 2025 22:15
@codecov
Copy link

codecov bot commented Nov 19, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@JackYPCOnline JackYPCOnline merged commit 87e0f34 into strands-agents:main Nov 21, 2025
19 of 24 checks passed
pgrayy pushed a commit to pgrayy/sdk-python that referenced this pull request Nov 24, 2025
@dbschmigelski @pgrayy
security(tool_loader): prevent tool name and sys modules collisions i…
7fce03e 
…n tool_loader (strands-agents#1214)
dbschmigelski added a commit to dbschmigelski/sdk-python that referenced this pull request Dec 9, 2025
@dbschmigelski
security(tool_loader): prevent tool name and sys modules collisions i…
c02966c 
…n tool_loader (strands-agents#1214)
@github-actions github-actions bot mentioned this pull request Dec 12, 2025
Closed
JackYPCOnline pushed a commit to CrysisDeu/sdk-python that referenced this pull request Dec 19, 2025
@dbschmigelski @JackYPCOnline
security(tool_loader): prevent tool name and sys modules collisions i…
0234d02 
…n tool_loader (strands-agents#1214)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JackYPCOnline JackYPCOnline JackYPCOnline approved these changes

@pgrayy pgrayy pgrayy approved these changes

Assignees

No one assigned

Labels

size/s

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dbschmigelski @JackYPCOnline @pgrayy