AntFleet

Anatomy · 1939cc1e-0

Step 2 'Resolve parent repo' contradicts the Sandbox note's no-gh-api claim

lowdocs-gap
repo 6f7fc663·PR #32·reviewed 1 week ago

The vulnerable code

skills/fleet-state/SKILL.md:79-86

Code snippet unavailable.

The reasoning

Opus

Step 2 'Resolve parent repo' contradicts the Sandbox note's no-gh-api claim

lowdocs-gaphigh
  • skills/fleet-state/SKILL.md:79-86
  • skills/fleet-state/SKILL.md:251-253
The Sandbox note asserts the skill performs 'No `gh api` calls,' but Step 2 explicitly runs `gh api repos/...` (and `gh repo view`) to resolve the parent repo when PARENT_OVERRIDE is empty. This is a deceptive doc — an operator reading the security/sandbox section would believe the skill is hermetic local I/O when in fact it shells out to GitHub on every non-override run.

Recommendation

Either remove the `gh api` invocation in Step 2 (e.g., cache PARENT_REPO from an existing state file, or require the override), or update the Sandbox note to declare the single `gh api repos/<self>` call used purely to discover the parent repo's `full_name`.

GPT-5

Graceful degradation described, but state-reading snippets lack guards

lowdocs-gaphigh
  • skills/fleet-state/SKILL.md:79-86
  • skills/fleet-state/SKILL.md:91-109
The narrative promises graceful handling when files are missing, but the provided code snippets call jq unconditionally and would error if the files are absent. This mismatch can confuse implementers.

Recommendation

Augment the snippets with guards (e.g., if [ -f "$COHORT_STATE" ]; then ... else cohort=unavailable; fi) to reflect the described behavior.

The agreement

Both frontier models flagged this within the same line range. AntFleet's unanimous gate fired — the finding posted on the PR.

Closure

Tweet thread template

tweet 1 of 8160 / 280

Two frontier models reviewed PR #32 on 6f7fc663. Both found this bug: low docs-gap: Step 2 'Resolve parent repo' contradicts the Sandbox note's no-gh-api claim

tweet 2 of 8119 / 280

The vulnerable code (skills/fleet-state/SKILL.md:79-86): (full snippet at https://www.antfleet.dev/anatomy/1939cc1e-0)

tweet 3 of 8280 / 280

What Opus saw: "The Sandbox note asserts the skill performs 'No `gh api` calls,' but Step 2 explicitly runs `gh api repos/...` (and `gh repo view`) to resolve the parent repo when PARENT_OVERRIDE is empty. This is a deceptive doc — an operator reading the security/sandbox secti…

tweet 4 of 8219 / 280

What GPT-5 saw: "The narrative promises graceful handling when files are missing, but the provided code snippets call jq unconditionally and would error if the files are absent. This mismatch can confuse implementers."

tweet 5 of 897 / 280

Both flagged the same line range. AntFleet's unanimous gate fired — the finding posted on the PR.

tweet 6 of 893 / 280

The fix landed in commit pending: (view diff at https://www.antfleet.dev/anatomy/1939cc1e-0)

tweet 7 of 881 / 280

AntFleet reviews every PR with two frontier models. Only unanimous findings post.

tweet 8 of 877 / 280

Full anatomy + reasoning + diffs: https://www.antfleet.dev/anatomy/1939cc1e-0

Paste into X composer one tweet at a time. X has no multi-tweet intent API.

view receipt →all receipts →view disagreements →case studies →
low docs-gap: Step 2 'Resolve parent repo' contradicts the Sandbox note's… — AntFleet anatomy