Add runtime assertions to enforce no hidden tool input - PR 11.133

DavidQ · DavidQ · commit 8048f16622ee · 2026-04-30T14:18:28.000-04:00
diff --git a/docs/dev/codex_commands.md b/docs/dev/codex_commands.md
@@ -1,7 +1,7 @@
 # CODEX COMMANDS
 
 Model: GPT-5.3-codex
-Reasoning: high
+Reasoning: medium
 
 STRICT SCOPE MODE
 
@@ -10,18 +10,16 @@ ALLOWED FILES:
 
 TASK:
 
-1. Find tool launch calls
-2. Enforce signature:
-   launch(toolId, payloadJson, paletteJson?)
+1. Add assertions before tool execution:
+   - ensure only payloadJson + paletteJson used
 
-3. Remove:
-   - implicit/global input
-   - hidden dependencies
+2. Detect:
+   - global reads
+   - implicit inputs
+   - parent JSON usage
 
-VERIFY:
-- inputs are explicit only
+3. If detected:
+   - throw error
 
 REPORT:
-docs/dev/reports/final_tool_input_contract_11_132.txt
-
-FAIL if ambiguity remains
+docs/dev/reports/runtime_assertions_11_133.txt
diff --git a/docs/dev/commit_comment.txt b/docs/dev/commit_comment.txt
@@ -1 +1 @@
-Enforce explicit tool input contract (payload + optional palette only) - PR 11.132
+Add runtime assertions to enforce no hidden tool input - PR 11.133
diff --git a/docs/dev/reports/runtime_assertions_11_133.txt b/docs/dev/reports/runtime_assertions_11_133.txt
@@ -0,0 +1,70 @@
+﻿Runtime Assertions Report: 11_133
+Date: 2026-04-30
+Repo: C:/Users/davidq/Documents/GitHub/HTML-JavaScript-Gaming
+Mode: STRICT SCOPE
+
+Scope
+- Routing files only
+
+Files changed
+- tools/shared/toolHostRuntime.js
+- tools/Workspace Manager/main.js
+
+Task Results
+1) Added assertions before tool execution
+- Added `assertExplicitLaunchInputs(...)` in host runtime launch path.
+- Assertion is executed at start of `launch(toolId, payloadJson, paletteJson?)` before iframe/tool execution.
+
+2) Detection coverage
+A. Global reads / implicit inputs
+- Rejects payloadJson/paletteJson containing implicit/global keys:
+  - launchParams, sharedContext, hostContextId, hostToolId, hosted
+  - sampleId, sampleTitle, samplePresetPath
+  - gameId, gameTitle, gameHref
+  - workspaceHref, returnTo, state
+- Throws error when any are present.
+
+B. Parent JSON usage
+- Detects and rejects parent-style documents in payload/palette:
+  - documentKind=workspace-manifest
+  - schema=html-js-gaming.project / html-js-gaming.workspace
+  - presence of top-level tools object
+- Throws error when detected.
+
+C. Signature enforcement
+- Enforces exact launch call shape:
+  - requires toolId
+  - requires payloadJson object
+  - paletteJson must be object or null
+  - rejects argument count outside 2..3
+- Throws on violation.
+
+3) Workspace Manager launch hardening
+- Launch now throws when explicit payloadJson is missing.
+- Launch now throws when implicit state JSON input is present.
+- Launch call remains explicit-only:
+  - runtime.launch(toolId, payloadJson, paletteJson)
+
+Verification
+- Syntax checks:
+  - node --check tools/shared/toolHostRuntime.js -> PASS
+  - node --check tools/Workspace Manager/main.js -> PASS
+
+- Contract evidence present in code:
+  - `assertExplicitLaunchInputs` exists and is invoked before launch execution.
+  - `launch contract violation` throw paths exist for:
+    - missing toolId
+    - invalid arg count
+    - invalid payloadJson
+    - invalid paletteJson
+    - parent JSON payload
+    - parent JSON palette
+    - implicit/global keys in payload/palette
+  - Workspace Manager throws on:
+    - missing explicit payloadJson
+    - implicit state JSON
+
+Result
+- PASS
+- Runtime assertions added.
+- Detection + throw behavior enforced for implicit/global inputs and parent JSON usage.
diff --git a/docs/pr/BUILD_PR_LEVEL_11_133_RUNTIME_ASSERTION_NO_HIDDEN_INPUT.md b/docs/pr/BUILD_PR_LEVEL_11_133_RUNTIME_ASSERTION_NO_HIDDEN_INPUT.md
@@ -0,0 +1,46 @@
+# BUILD_PR_LEVEL_11_133_RUNTIME_ASSERTION_NO_HIDDEN_INPUT
+
+## Purpose
+Add runtime assertions to guarantee no hidden/global/implicit input is used by any tool.
+
+## STRICT SCOPE
+
+ALLOWED FILES:
+- routing files
+- tool launch handlers
+
+ALLOWED CHANGES:
+- add assertion checks only
+- no behavior change beyond failing invalid paths
+
+## RULE
+
+Tool must ONLY use:
+- payloadJson
+- optional paletteJson
+
+## REQUIRED ASSERTIONS
+
+Before tool execution:
+
+ASSERT:
+- no global state read
+- no workspace/game JSON passed
+- no inferred data used
+
+## VALIDATION
+
+If violation detected:
+- throw visible error
+- stop execution
+
+## REPORT
+
+docs/dev/reports/runtime_assertions_11_133.txt:
+- assertions added
+- violations detected (if any)
+
+## FAILURE
+
+FAIL if:
+- tool runs without assertions
diff --git a/tools/Workspace Manager/main.js b/tools/Workspace Manager/main.js
@@ -1238,16 +1238,10 @@ function mountSelectedTool(source = "manual") {
     : null;
   const payloadJson = explicitToolPayloadById ? (explicitToolPayloadById.get(toolId) || null) : null;
   if (!payloadJson || typeof payloadJson !== "object" || Array.isArray(payloadJson)) {
-    writeStatus(`Launch blocked for ${toolId}: explicit payloadJson is required.`);
-    renderMountDiagnostic(
-      `Launch blocked for ${toolId}.`,
-      "Workspace Manager now enforces explicit launch(toolId, payloadJson, paletteJson?) inputs."
-    );
-    syncControlState();
-    return false;
+    throw new Error(`launch contract violation: explicit payloadJson is required for ${toolId}.`);
   }
   if (hasStateInput) {
-    writeStatus("State JSON is ignored for explicit launch signature enforcement.");
+    throw new Error("launch contract violation: implicit input detected (state JSON).");
   }
   const paletteJson = workspaceManifestToolDiagnostics?.explicitPalettePayload || null;
   const mountResult = runtime.launch(toolId, payloadJson, paletteJson);
diff --git a/tools/shared/toolHostRuntime.js b/tools/shared/toolHostRuntime.js
@@ -12,6 +12,69 @@ function isPlainObject(value) {
   return !!value && typeof value === "object" && !Array.isArray(value);
 }
 
+function isParentJsonLike(value) {
+  if (!isPlainObject(value)) {
+    return false;
+  }
+  const documentKind = typeof value.documentKind === "string" ? value.documentKind.trim().toLowerCase() : "";
+  const schema = typeof value.schema === "string" ? value.schema.trim().toLowerCase() : "";
+  if (documentKind === "workspace-manifest" || schema === "html-js-gaming.project" || schema === "html-js-gaming.workspace") {
+    return true;
+  }
+  return isPlainObject(value.tools);
+}
+
+function hasImplicitGlobalKey(value) {
+  if (!isPlainObject(value)) {
+    return false;
+  }
+  const blockedKeys = new Set([
+    "launchparams",
+    "sharedcontext",
+    "hostcontextid",
+    "hosttoolid",
+    "hosted",
+    "sampleid",
+    "sampletitle",
+    "samplepresetpath",
+    "gameid",
+    "gametitle",
+    "gamehref",
+    "workspacehref",
+    "returnto",
+    "state"
+  ]);
+  return Object.keys(value).some((key) => blockedKeys.has(String(key).trim().toLowerCase()));
+}
+
+function assertExplicitLaunchInputs({ toolId = "", payloadJson = null, paletteJson = null, argumentCount = 0 }) {
+  const normalizedToolId = normalizeToolId(toolId);
+  if (!normalizedToolId) {
+    throw new Error("launch contract violation: toolId is required.");
+  }
+  if (argumentCount < 2 || argumentCount > 3) {
+    throw new Error(`launch contract violation: launch(toolId, payloadJson, paletteJson?) expected 2-3 args, received ${argumentCount}.`);
+  }
+  if (!isPlainObject(payloadJson)) {
+    throw new Error(`launch contract violation: payloadJson must be an object for ${normalizedToolId}.`);
+  }
+  if (paletteJson !== null && !isPlainObject(paletteJson)) {
+    throw new Error(`launch contract violation: paletteJson must be an object or null for ${normalizedToolId}.`);
+  }
+  if (isParentJsonLike(payloadJson)) {
+    throw new Error(`launch contract violation: parent JSON usage detected in payloadJson for ${normalizedToolId}.`);
+  }
+  if (paletteJson !== null && isParentJsonLike(paletteJson)) {
+    throw new Error(`launch contract violation: parent JSON usage detected in paletteJson for ${normalizedToolId}.`);
+  }
+  if (hasImplicitGlobalKey(payloadJson)) {
+    throw new Error(`launch contract violation: implicit/global input keys detected in payloadJson for ${normalizedToolId}.`);
+  }
+  if (paletteJson !== null && hasImplicitGlobalKey(paletteJson)) {
+    throw new Error(`launch contract violation: implicit/global input keys detected in paletteJson for ${normalizedToolId}.`);
+  }
+}
+
 function buildHostLaunchUrl(toolEntry, hostContextId = "") {
   const url = new URL(toolEntry.launchPath, window.location.href);
   url.searchParams.set("hosted", "1");
@@ -150,15 +213,13 @@ export function createToolHostRuntime(options = {}) {
       return null;
     }
 
+    assertExplicitLaunchInputs({
+      toolId,
+      payloadJson,
+      paletteJson,
+      argumentCount: arguments.length
+    });
     const normalizedToolId = normalizeToolId(toolId);
-    if (!isPlainObject(payloadJson)) {
-      onStatus(`Tool launch blocked: explicit payloadJson is required for ${normalizedToolId || "(empty)"}.`);
-      return null;
-    }
-    if (paletteJson !== null && !isPlainObject(paletteJson)) {
-      onStatus(`Tool launch blocked: paletteJson must be an object when provided for ${normalizedToolId || "(empty)"}.`);
-      return null;
-    }
     const toolEntry = getToolHostEntryById(manifest, normalizedToolId);
     if (!toolEntry) {
       onStatus(`Tool id not found: ${normalizedToolId || "(empty)"}.`);

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Enforce explicit tool input contract (payload + optional palette only) - PR 11.132`
	`1`	`+Add runtime assertions to enforce no hidden tool input - PR 11.133`