AntFleet

Disagreement · b7190c33-anthropic-4

session-override may persist override pointing at a cooled-down-only-profile without notifying caller

solo Opus
repo 5149da9d·PR #2·reviewed 2 days ago

Opus finding

session-override may persist override pointing at a cooled-down-only-profile without notifying caller

lowbugmedium
  • src/agents/auth-profiles/session-override.ts:90-102
When every profile is in cooldown, both `pickFirstAvailable` and `pickNextAvailable` fall back to returning a cooled-down profile (`order[0]` / `order[startIndex]`). The caller then persists this as the auto override, but downstream code expecting `isProfileInCooldown(store, next) === false` will still hit the cooldown. Caller has no signal that no usable profile exists. Severity low because the behavior degrades gracefully (returns something), but it can mask configuration issues.

Recommendation

When all candidates are in cooldown, return undefined or include a flag so callers can surface a warning rather than silently picking a cooled-down profile.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →
← back to all disagreementsview public receiptssee unanimous findings + anatomies →
Tweet ↗