feat(agents): agent runs in inbox#2840
Conversation
jordan-umusu
force-pushed
the
feat/visualize-agent-runs
branch
from
8877cb4 to
e4bbe94
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Prioritize pending approvals before limiting agent runs
When a workspace has more than the fetched window of newer non-pending Claude Code runs, this limit is applied before _enrich_sessions() computes whether any older session has pending approvals. The inbox UI calls inboxListItems with the default created-at ordering, so a pending approval can be omitted from the returned rows even though count_pending_items() still includes it, leaving the Review required section empty while the badge shows pending work. Fetch pending-approval sessions separately or order them ahead of ordinary runs before applying the limit.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
5 issues found across 16 files
Confidence score: 3/5
- There is a concrete privacy/RBAC risk in
packages/tracecat-ee/tracecat_ee/inbox/providers/agent_runs.py: creator email/name can be pulled from globaluserrecords without workspace-membership scoping, which could expose PII in inbox responses. - This is not a merge-blocker by itself, but the combination of medium-severity behavior changes in search paths (
frontend/src/hooks/use-inbox.ts,tracecat/inbox/router.py) adds regression risk for user-visible filtering and query handling. - UI behavior in
frontend/src/components/inbox/runs-table.tsxmay trigger unintended row selection/navigation when activating the nested delete button, so keyboard interactions need a quick validation pass. - Pay close attention to
packages/tracecat-ee/tracecat_ee/inbox/providers/agent_runs.py,frontend/src/hooks/use-inbox.ts,tracecat/inbox/router.py,frontend/src/components/inbox/runs-table.tsx- privacy scoping and search/interaction edge cases are the main risk areas.
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
|
✅ No security or compliance issues detected. Reviewed everything up to d86d592. Security Overview
Detected Code Changes
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d86d5921e6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 922e19a9cc
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
5 issues found across 13 files (changes from recent commits).
Tip: Review your code locally with the cubic CLI to iterate faster.
Re-trigger cubic
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a2792cc53b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| if group is not None: | ||
| return await self._list_items_grouped( | ||
| limit=limit, | ||
| cursor=cursor, | ||
| order_by=order_by, | ||
| sort=sort, | ||
| search=search, | ||
| group=group, | ||
| ) |
There was a problem hiding this comment.
When a client asks for a previous page with group=...&reverse=true&cursor=..., this branch never passes reverse into the grouped scanner, so _list_items_grouped always applies the forward keyset predicate and returns the next older page rather than the newer items before the cursor. The route still exposes reverse and grouped responses can return prev_cursor, so back-pagination for grouped inbox results is broken unless reverse is handled here (or previous cursors are not advertised for grouped pages).
Useful? React with 👍 / 👎.
1 participant
Summary by cubic
Show agent runs in the Inbox with a grouped, sortable table and per‑group pagination. Adds an EE provider, creator context, search/group filters, and switches the sidebar to “Inbox”; single‑provider requests now use SQL keyset pagination for better performance.
New Features
agent_runitem type andcreated_by(UserSummary) with avatar/name in UI.AgentRunsInboxProvider(root Claude Code runs + legacy workflow approvals) with status/preview, pending count, and grouped listing with server-side cursors; service now delegates SQL keyset pagination when only one provider.GET /inbox/itemsaddssearch(title/ID/workflow alias/title) andgroup(filter byInboxGroup); client/schemas updated.Migration
InboxGroup,group,search,UserSummary, andagent_run.tracecat-eewith the newAgentRunsInboxProvider.Written for commit a2792cc. Summary will update on new commits.