From 6c395f740d1b57fe56d0f7ee3facd7f821643fc5 Mon Sep 17 00:00:00 2001
From: Bill <bill@bballou.com>
Date: Sun, 2 Nov 2025 23:30:49 -0500
Subject: [PATCH] fix: always override context parameters in ContextInjector

Root cause: AI models were hallucinating signature/job_id/today_date values
and passing them in tool calls. The ContextInjector was checking
"if param not in request.args" before injecting, which failed when AI
provided (incorrect) values.

Fix: Always override context parameters, never trust AI-provided values.

Evidence from logs:
- ContextInjector had correct values (self.signature=gpt-5, job_id=6dabd9e6...)
- But AI was passing signature=None or hallucinated values like "fundamental-bot-v1"
- After injection, args showed the AI's (wrong) values, not the interceptor's

This ensures runtime context is ALWAYS injected regardless of what the AI sends.

Fixes #TBD
---
 agent/context_injector.py | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/agent/context_injector.py b/agent/context_injector.py
index 03984af..0873d2d 100644
--- a/agent/context_injector.py
+++ b/agent/context_injector.py
@@ -51,15 +51,14 @@ class ContextInjector:
         if request.name in ["buy", "sell"]:
             # Debug: Log self attributes BEFORE injection
             print(f"[ContextInjector.__call__] ENTRY: id={id(self)}, self.signature={self.signature}, self.today_date={self.today_date}, self.job_id={self.job_id}, self.session_id={self.session_id}")
+            print(f"[ContextInjector.__call__] Args BEFORE injection: {request.args}")
 
-            # Add signature and today_date to args if not present
-            if "signature" not in request.args:
-                request.args["signature"] = self.signature
-            if "today_date" not in request.args:
-                request.args["today_date"] = self.today_date
-            if "job_id" not in request.args and self.job_id:
+            # ALWAYS inject/override context parameters (don't trust AI-provided values)
+            request.args["signature"] = self.signature
+            request.args["today_date"] = self.today_date
+            if self.job_id:
                 request.args["job_id"] = self.job_id
-            if "session_id" not in request.args and self.session_id:
+            if self.session_id:
                 request.args["session_id"] = self.session_id
 
             # Debug logging