Skip to main content
Glama

run_task_loop

Run a safe, automated task loop for code modifications: creates tasks, waits for completion, verifies with allowed commands, audits for risks, and optionally fixes tests, all within security boundaries.

Instructions

Run a guarded PatchWarden task loop by composing create_task, wait_for_task, safe summaries, and audit_task. It does not bypass the watcher, command allow-list, workspace confinement, or confirmation boundaries. Returns only bounded structured lineage and final status.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
goalYesTask goal to execute through the guarded loop.
agentNoConfigured local agent name. Available agents: "codex", "opencode". run_task_loop also accepts "auto" for bounded routing.
templateNoInitial guarded task template. Follow-up repair tasks use fix_tests automatically when verification fails.feature_small
repo_pathYesRequired repository path inside workspaceRoot. No implicit workspace-root fallback is allowed.
scope_filesNoOptional bounded file scope used only for agent routing hints.
direct_verifyNoWhen true, run an independent Direct verification session after the guarded task/audit succeeds. Direct never patches files in this loop.
auto_fix_testsNoWhen true, create a fix_tests follow-up task after failed_verification until max_iterations is reached.
isolation_modeNoUse current_repo by default. worktree creates an isolated git worktree for the task but never auto-merges it.current_repo
max_iterationsNoMaximum total main/fix task attempts.
verify_commandsYesExact-match verification commands. The loop reuses create_task validation and will not run commands outside the allow-list.
worktree_cleanupNoCleanup intent recorded in lineage. v1.5 keeps worktrees by default and does not auto-delete them.keep
stop_on_high_riskNoWhen true, stop immediately on non-policy high-risk audit evidence. Scope, policy, sensitive-path, release/publish, and confirmation boundaries always stop regardless of this flag.
task_timeout_secondsNoPer-task wait budget in seconds (default 900, max 3600).
worktree_base_branchNoOptional base-branch label recorded in lineage. v1.5 does not auto-checkout or merge this branch.
auto_cleanup_artifactsNoRecords cleanup intent in lineage. Low-risk cleanup remains handled by runTask post-task cleanup.
direct_verify_commandsNoOptional Direct verification commands. Defaults to verify_commands and still must pass the Direct command allow-list.
direct_verify_timeout_secondsNoPer-command timeout for Direct verification.
Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full behavioral burden. It discloses key behaviors: does not bypass watcher, allow-list, workspace confinement, confirmation boundaries; returns bounded structured lineage and final status. However, it does not detail failure modes, timeout behavior, or intermediate steps.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise (two sentences) with no redundant information. It front-loads the core purpose and quickly adds key behavioral constraints, making it efficient for an AI agent to parse.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given 17 parameters, 3 required, and no output schema, the description adequately covers purpose and safety constraints. It misses some contextual details like the iterative fix-test loop implied by parameters, but overall it completes the picture for a complex orchestration tool.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so baseline is 3. The tool description adds high-level context about safety constraints but provides no additional parameter-specific meaning beyond the detailed schema descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's verb ('Run'), resource ('guarded PatchWarden task loop'), and composition of sub-tools (create_task, wait_for_task, safe summaries, audit_task). It distinctly differs from sibling tools that are individual steps or other utilities.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage through safety guarantees but does not explicitly state when to use this tool over alternatives. It lacks clear 'when to use' or 'when not to use' guidance, which is needed given the large number of sibling tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jiezeng2004-design/PatchWarden'

If you have feedback or need assistance with the MCP directory API, please join our Discord server