Skip to content

[AAASM-4252] 🐛 (openai-agents): Fix fail-open bug in _is_governance_error#220

Merged
Chisanan232 merged 1 commit into
masterfrom
v0.0.1/AAASM-4252/fix/governance_error_detection
Jul 7, 2026
Merged

[AAASM-4252] 🐛 (openai-agents): Fix fail-open bug in _is_governance_error#220
Chisanan232 merged 1 commit into
masterfrom
v0.0.1/AAASM-4252/fix/governance_error_detection

Conversation

@Chisanan232

Copy link
Copy Markdown
Contributor

Description

Fixes a security vulnerability in the OpenAI Agents adapter where _is_governance_error() unconditionally returned True, causing ALL exceptions during governance checks to be swallowed. This made the system fail-open instead of fail-closed.

The fix changes _is_governance_error() to properly detect governance-specific errors by checking if the exception is an instance of AssemblyError (the base class for all SDK governance exceptions like GatewayError, PolicyError, etc.).

Before (buggy):

  • ANY exception during governance check → swallowed → tool executes (fail-open)

After (fixed):

  • AssemblyError subclasses → handled → tool executes (intended fail-open for known governance errors)
  • Other exceptions (RuntimeError, ValueError, network errors) → propagate → tool blocked (fail-closed)

Type of Change

  • ✨ New feature
  • 🔧 Bug fix
  • ♻️ Refactoring
  • 🍀 Performance improvement
  • 📚 Documentation update
  • 🚀 Release

Breaking Changes

Does this PR introduce any breaking changes?

  • No
  • Yes (please describe below)

Note: This is a security fix that changes fail-open to fail-closed behavior for non-governance errors. This is the intended, more secure behavior.

Related Issues

  • Related JIRA ticket: AAASM-4252

Testing

Describe the testing performed for this PR:

  • Unit tests added/updated
  • Integration tests added/updated
  • Manual testing performed
  • No tests required (explain why)

Updated tests to verify:

  1. test_non_governance_error_propagates_fail_closed - RuntimeError propagates (fail-closed)
  2. test_governance_error_allows_fail_open - GatewayError (AssemblyError subclass) allows fail-open
  3. test_value_error_propagates_fail_closed - ValueError propagates (fail-closed)

Checklist

  • Code follows project style guidelines
  • Self-review completed
  • Comments added for complex logic
  • Documentation updated if needed
  • All tests passing

…osture

The _is_governance_error() function unconditionally returned True, causing
ALL exceptions during governance checks to be swallowed. This made the
system fail-open instead of fail-closed, a security vulnerability.

Now only AssemblyError subclasses (GovernanceError, PolicyError, etc.) are
caught and result in fail-open behavior. Non-governance errors (RuntimeError,
ValueError, network errors, etc.) propagate up, blocking the tool call.

Closes AAASM-4252

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@codecov

codecov Bot commented Jul 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@sonarqubecloud

sonarqubecloud Bot commented Jul 7, 2026

Copy link
Copy Markdown

@Chisanan232

Copy link
Copy Markdown
Contributor Author

🤖 Claude Code Review

CI Status

All checks PASS: CodeQL, SonarCloud, codecov, all test matrix jobs, LangChain contract test, dependency audit

Scope Verification

Covers ticket AAASM-4252: _is_governance_error always returns True — fail-open bug

Changes reviewed:

  • agent_assembly/adapters/openai_agents/patch.py:
    • _is_governance_error() now checks isinstance(error, AssemblyError) instead of returning True
    • Added docstring explaining fail-closed security rationale
  • test/unit/adapters/openai_agents/test_patch.py:
    • test_non_governance_error_propagates_fail_closed: RuntimeError propagates (fail-closed)
    • test_governance_error_allows_fail_open: GatewayError allows fail-open (intentional)
    • test_value_error_propagates_fail_closed: ValueError propagates (fail-closed)

Security Analysis

Critical security fix: System now maintains fail-closed posture for unexpected errors
Intentional fail-open preserved: Known governance errors (AssemblyError subclasses) still allow fail-open
Well-tested: Three test cases cover both security paths

Side Effects Analysis

⚠️ Behavior change (intentional): Non-governance exceptions now propagate instead of being swallowed
This is the correct, secure behavior: Aligns with documented fail-closed security posture

Recommendation

Ready for approval and merge


🤖 Reviewed by Claude Code

@Chisanan232 Chisanan232 merged commit 4ed42db into master Jul 7, 2026
26 checks passed
@Chisanan232 Chisanan232 deleted the v0.0.1/AAASM-4252/fix/governance_error_detection branch July 7, 2026 05:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant