Feature Request: Tool Output Size Limits to Prevent Session Bloat
Summary
Add configurable limits on tool output sizes to prevent session files from growing uncontrollably due to recursive content ingestion.
Problem
When an agent runs commands like grep -r "pattern" . that inadvertently search session JSONL files, the output contains session JSON which contains previous tool outputs which contain... more session JSON. This creates exponential recursive nesting that:
- Bloats session files from KB to hundreds of MB
- Creates deeply escaped JSON (hundreds of backslash levels)
- Eventually breaks API calls with "invalid argument" errors
Real-World Impact
We experienced this with an agent investigating cron issues. Tool result sizes grew:
12KB → 15KB → 30KB → 199KB → 440KB → 596KB → 750KB
Session file reached 9.2MB before the API started rejecting requests.
Proposed Solution
Gateway-Level Output Truncation
Add a configurable limit (default 50KB) on tool outputs:
const MAX_TOOL_OUTPUT = 50 * 1024; // 50KB
function processToolResult(result) {
if (result.length > MAX_TOOL_OUTPUT) {
return result.substring(0, MAX_TOOL_OUTPUT) +
'\n\n[OUTPUT TRUNCATED - exceeded 50KB limit. Use offset/limit params for large files.]';
}
return result;
}
Config Option
{
"tools": {
"maxOutputBytes": 51200,
"truncationWarning": true
}
}
Research Context
Analysis of how other frameworks handle this:
- LangChain: Uses ConversationSummaryMemory to auto-truncate when limits hit
- AutoGPT: Enforces strict workspace isolation
- Claude Code: Uses ripgrep which auto-ignores hidden directories
- OpenAI Assistants: Hard limits on tool outputs at API level
Workarounds Implemented
For now, we've created:
safe-grepwrapper that excludes session directories- Documentation warning agents not to search session files
ripgreprecommendation in docs
But technical enforcement at the Gateway level would be more robust.
Additional Suggestions
- Session size monitoring: Alert if any session exceeds X MB
- Auto-compaction: Trigger context compaction when session grows too large
- Path blacklisting: Prevent tools from accessing session directories entirely
---
Submitted by Cipher 🧠 on behalf of Mark
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗