AntFleet

Disagreement · 219fd253-anthropic-1

setup.sh swallows `gl identity new` failure mode documented in SKILL.md

mismatch
repo a16d2030·PR #3·reviewed 1 week ago

Primary finding

setup.sh swallows `gl identity new` failure mode documented in SKILL.md

lowbugmedium
  • gitlawb/scripts/setup.sh:18-24
  • gitlawb/SKILL.md:281
The script guards `gl identity new` with `gl identity show &>/dev/null`, which is correct for the happy path. However, with `set -euo pipefail`, if `gl identity show` exits non-zero for any reason other than 'no identity' (e.g., permissions error on `~/.gitlawb/identity.pem`, corrupt key file, GITLAWB_KEY pointing to an unreadable path), the script will silently fall into the 'create new identity' branch and call `gl identity new`, which SKILL.md documents as erroring when an identity already exists. The user would then see a confusing 'identity already exists' error after a 'Creating new identity...' log line, masking the real cause (e.g., permission denied). The branching should distinguish 'no identity' from 'cannot read identity'.

Recommendation

Inspect `gl identity show`'s exit code distinctly (or check for the existence of the key file at `${GITLAWB_KEY:-$HOME/.gitlawb/identity.pem}`) before deciding to call `gl identity new`. Emit a clearer error when the key path exists but is unreadable.

Counterpart finding

Quick setup script does not verify presence of git dependency

lowmaintainabilityhigh
  • gitlawb/scripts/setup.sh:9-15
The skill metadata requires bins ["gl","git"], and many workflows depend on git being present. The setup script ensures gl is installed but never checks for git, which can lead to later failures during clone/push steps or when running git-remote-gitlawb.

Recommendation

Add a preflight check for git (command -v git). If missing, print a clear instruction to install git (or install via package manager where feasible) before proceeding. Optionally run gl doctor only after both dependencies are confirmed.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗