Skip to content

feat: expose AGENT_SESSION_ID env var to extension child processes#7072

Merged
tlongwell-block merged 2 commits intomainfrom
feat/expose-agent-session-id-env
Feb 8, 2026
Merged

feat: expose AGENT_SESSION_ID env var to extension child processes#7072
tlongwell-block merged 2 commits intomainfrom
feat/expose-agent-session-id-env

Conversation

@tlongwell-block
Copy link
Collaborator

@tlongwell-block tlongwell-block commented Feb 7, 2026

Inject the agent session ID as an environment variable into extension child processes and shell commands, enabling scripts and tools to identify which goose session they belong to.

Two injection paths cover all extension types that spawn processes:

  • Stdio extensions: session_id is inserted into the merged env HashMap before spawning the child process via Command::envs()
  • Developer shell (builtin): session_id is extracted from MCP request metadata headers per command and pushed into ShellConfig.envs

Per-child-process injection (not process-wide std::env::set_var) keeps this safe for concurrent sessions in goose-server.

Closes #6308

@tlongwell-block
feat: expose AGENT_SESSION_ID env var to extension child processes
2bd58cd 
Inject the agent session ID as an environment variable into extension
child processes and shell commands, enabling scripts and tools to
identify which goose session they belong to.

Two injection paths cover all extension types that spawn processes:

- Stdio extensions: session_id is inserted into the merged env HashMap
  before spawning the child process via Command::envs()
- Developer shell (builtin): session_id is extracted from MCP request
  metadata headers per command and pushed into ShellConfig.envs

Per-child-process injection (not process-wide std::env::set_var) keeps
this safe for concurrent sessions in goose-server.

Closes #6308
@tlongwell-block

This comment was marked as outdated.

Sign in to view
@github-actions

This comment was marked as outdated.

Sign in to view
@block block deleted a comment from github-actions bot Feb 7, 2026
@block block deleted a comment from github-actions bot Feb 7, 2026
@tlongwell-block
Copy link
Collaborator Author

tlongwell-block commented Feb 7, 2026

/goose

@github-actions
Copy link
Contributor

github-actions bot commented Feb 7, 2026

Summary: This PR adds AGENT_SESSION_ID environment variable injection to extension child processes via two paths: stdio extensions (via ExtensionManager's env HashMap) and developer shell commands (via MCP metadata headers). The implementation follows existing patterns and includes good security practices.

✅ Highlights

  1. Good security practice: Null-byte filtering was added for both working_dir and session_id in rmcp_developer.rs:

    fn extract_session_id_from_meta(meta: &MetaExtensions) -> Option<String> {
    // ...
    .filter(|s| !s.is_empty() && !s.contains('\0'))

    This prevents potential command injection via null bytes in the metadata.

  2. Consistent pattern: The implementation follows the existing WORKING_DIR_HEADER pattern for the new SESSION_ID_HEADER, making the code predictable and maintainable.

  3. Two-path approach is correct: Stdio extensions receive the env var at process spawn time via ExtensionManager, while the developer extension receives it per-command via MCP metadata. This correctly handles the different lifecycles.

  4. Environment variable name consistency: AGENT_SESSION_ID is used consistently across CLI (term.rs), extension_manager.rs, and rmcp_developer.rs.

🟢 Suggestions

  1. Constant duplication (crates/goose-mcp/src/developer/rmcp_developer.rs:18-19): SESSION_ID_HEADER and WORKING_DIR_HEADER are duplicated between session_context.rs and rmcp_developer.rs.

    This is acceptable since goose-mcp can't depend on goose (would be circular or undesirable), and follows the pre-existing pattern. Consider adding a comment noting the intentional duplication:

    // Note: Intentionally duplicated from goose/src/session_context.rs 
// since goose-mcp cannot depend on the goose crate
const SESSION_ID_HEADER: &str = "agent-session-id";

  2. Consider documenting the env var: Since this is a user-facing feature (scripts can now access AGENT_SESSION_ID), consider adding documentation about:

    • When/where the env var is available
    • The format of session IDs (e.g., YYYYMMDD_N)
    • Any caveats (e.g., not available for frontend tools)

Review generated by goose

@tlongwell-block tlongwell-block marked this pull request as ready for review February 7, 2026 22:07
codefromthecrypt
codefromthecrypt approved these changes Feb 7, 2026
View reviewed changes
Copy link
Collaborator

@codefromthecrypt codefromthecrypt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me!

I might as a follow-up see if I can get a test for this maybe a fake command that echo's the ENV. Don't block on this.

@codefromthecrypt codefromthecrypt added this pull request to the merge queue Feb 7, 2026
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Feb 7, 2026
@tlongwell-block tlongwell-block added this pull request to the merge queue Feb 8, 2026
Merged via the queue into main with commit f338e36 Feb 8, 2026
18 checks passed
@tlongwell-block tlongwell-block deleted the feat/expose-agent-session-id-env branch February 8, 2026 00:07
tlongwell-block added a commit that referenced this pull request Feb 9, 2026
@tlongwell-block
Merge remote-tracking branch 'origin/main' into summon_extension
0332ddc 
* origin/main: (55 commits)
  test(mcp): add image tool test and consolidate MCP test fixtures (#7019)
  fix: remove Option from model listing return types, propagate errors (#7074)
  fix: lazy provider creation for goose acp (#7026) (#7066)
  Smoke tests: split compaction test and use debug build (#6984)
  fix(deps): trim bat to resolve RUSTSEC-2024-0320 (#7061)
  feat: expose AGENT_SESSION_ID env var to extension child processes (#7072)
  fix: add XML tool call parsing fallback for Qwen3-coder via Ollama (#6882)
  Remove clippy too_many_lines lint and decompose long functions (#7064)
  refactor: move disable_session_naming into AgentConfig (#7062)
  Add global config switch to disable automatic session naming (#7052)
  docs: add blog post - 8 Things You Didn't Know About Code Mode (#7059)
  fix: ensure animated elements are visible when prefers-reduced-motion is enabled (#7047)
  Show recommended model on failture (#7040)
  feat(ui): add session content search via API (#7050)
  docs: fix img url (#7053)
  Desktop UI for deleting custom providers (#7042)
  Add blog post: How I Used RPI to Build an OpenClaw Alternative (#7051)
  Remove build-dependencies section from Cargo.toml (#6946)
  add /rp-why skill blog post (#6997)
  fix: fix snake_case function names in code_execution instructions (#7035)
  ...

# Conflicts:
#	scripts/test_subrecipes.sh
lifeizhou-ap added a commit that referenced this pull request Feb 9, 2026
@lifeizhou-ap
Merge branch 'main' into lifei/build-monitor
0f8a539 
* main: (101 commits)
  fix: lazy provider creation for goose acp (#7026) (#7066)
  Smoke tests: split compaction test and use debug build (#6984)
  fix(deps): trim bat to resolve RUSTSEC-2024-0320 (#7061)
  feat: expose AGENT_SESSION_ID env var to extension child processes (#7072)
  fix: add XML tool call parsing fallback for Qwen3-coder via Ollama (#6882)
  Remove clippy too_many_lines lint and decompose long functions (#7064)
  refactor: move disable_session_naming into AgentConfig (#7062)
  Add global config switch to disable automatic session naming (#7052)
  docs: add blog post - 8 Things You Didn't Know About Code Mode (#7059)
  fix: ensure animated elements are visible when prefers-reduced-motion is enabled (#7047)
  Show recommended model on failture (#7040)
  feat(ui): add session content search via API (#7050)
  docs: fix img url (#7053)
  Desktop UI for deleting custom providers (#7042)
  Add blog post: How I Used RPI to Build an OpenClaw Alternative (#7051)
  Remove build-dependencies section from Cargo.toml (#6946)
  add /rp-why skill blog post (#6997)
  fix: fix snake_case function names in code_execution instructions (#7035)
  Document max_turns settings for recipes and subagents (#7044)
  feat: update Groq declarative data with Preview Models (#7023)
  ...
jh-block added a commit that referenced this pull request Feb 9, 2026
@jh-block
Merge remote-tracking branch 'origin/main' into local-models-candle
a62b0d8 
* origin/main: (54 commits)
  chore: strip posthog for sessions/models/daily only (#7079)
  tidy: clean up old benchmark and add gym (#7081)
  fix: use command.process_group(0) for CLI providers, not just MCP (#7083)
  added build notify (#6891)
  test(mcp): add image tool test and consolidate MCP test fixtures (#7019)
  fix: remove Option from model listing return types, propagate errors (#7074)
  fix: lazy provider creation for goose acp (#7026) (#7066)
  Smoke tests: split compaction test and use debug build (#6984)
  fix(deps): trim bat to resolve RUSTSEC-2024-0320 (#7061)
  feat: expose AGENT_SESSION_ID env var to extension child processes (#7072)
  fix: add XML tool call parsing fallback for Qwen3-coder via Ollama (#6882)
  Remove clippy too_many_lines lint and decompose long functions (#7064)
  refactor: move disable_session_naming into AgentConfig (#7062)
  Add global config switch to disable automatic session naming (#7052)
  docs: add blog post - 8 Things You Didn't Know About Code Mode (#7059)
  fix: ensure animated elements are visible when prefers-reduced-motion is enabled (#7047)
  Show recommended model on failture (#7040)
  feat(ui): add session content search via API (#7050)
  docs: fix img url (#7053)
  Desktop UI for deleting custom providers (#7042)
  ...
@github-actions github-actions bot mentioned this pull request Feb 10, 2026
Open
Tyler-Hardin pushed a commit to Tyler-Hardin/goose that referenced this pull request Feb 11, 2026
@tlongwell-block @Tyler-Hardin
feat: expose AGENT_SESSION_ID env var to extension child processes (b…
17627fe 
…lock#7072)
Tyler-Hardin pushed a commit to Tyler-Hardin/goose that referenced this pull request Feb 11, 2026
@tlongwell-block @Tyler-Hardin
feat: expose AGENT_SESSION_ID env var to extension child processes (b…
79f783e 
…lock#7072)
@BrewTestBot BrewTestBot mentioned this pull request Feb 12, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@codefromthecrypt codefromthecrypt codefromthecrypt approved these changes

@jamadeo jamadeo Awaiting requested review from jamadeo

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Expose GOOSE_SESSION_ID environment variable in CLI sessions

2 participants

@tlongwell-block @codefromthecrypt