feat(pi): add pi coding agent harness by icecrasher321 · Pull Request #5178 · simstudioai/sim

icecrasher321 · 2026-06-23T03:32:33Z

Summary

Add the pi coding agent harness for local + cloud development.
Operates with our skills, tools, memories structures.

Type of Change

New feature

Testing

Tested manually

Checklist

Code follows project style guidelines
Self-reviewed my changes
Tests added/updated and passing
No new warnings introduced
I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

gitguardian · 2026-06-23T03:32:37Z

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
34197725	Triggered	Basic Auth String	`835ba61`	apps/sim/executor/handlers/pi/cloud-backend.test.ts	View secret

🛠 Guidelines to remediate hardcoded secrets

Understand the implications of revoking this secret by investigating where it is used in your code.
Replace and store your secret safely. Learn here the best practices.
Revoke and rotate this secret.
If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

following these best practices for managing and storing secrets including API keys and other credentials
install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

vercel · 2026-06-23T03:32:38Z

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Skipped		Jun 23, 2026 4:42am

cursor · 2026-06-23T03:32:43Z

PR Summary

High Risk
Touches credentials (BYOK-only keys in sandboxes, GitHub tokens, SSH), remote code execution (E2B + user machines), and git push/PR automation with deliberate secret-handling complexity that needs careful review.

Overview
Introduces a Pi Coding Agent workflow block that runs the Pi harness against a real repo, with Cloud (E2B sandbox, git clone/push, draft PR) and Local (SSH-scoped read/write/bash, optional Sim integration tools) modes. Execution is wired through a new PiBlockHandler with shared skills/memory from the Agent block, filtered model options, streaming output, and extensive unit tests.

Cloud adds E2B_PI_TEMPLATE_ID, withPiSandbox, and a build script for a Pi+git E2B image; the cloud backend isolates GitHub vs model API keys per command, writes prompts/commits via sandbox files (not shell), and hardens git steps against repo-planted config.

Local embeds @earendil-works/pi-coding-agent (externalized in Next/Trigger) with SSH repo tools and executeTool-backed Sim tools; MCP/custom tools are blocked via new unsupportedToolTypes on tool-input (greyed UI + tooltips on the Pi block).

Docs add pi.mdx to Core Blocks; minor change sets default User-Agent on custom tool HTTP calls.

^{Reviewed by Cursor Bugbot for commit c7b1d4e. Configure here.}

greptile-apps · 2026-06-23T03:38:02Z

Greptile Summary

This PR introduces the Pi Coding Agent block, a new executor that runs the Pi harness against a real repository in either cloud mode (E2B sandbox → GitHub clone → PR) or local mode (SSH into the user's own machine). It wires a new PiBlockHandler into the executor registry, adds a corresponding block definition with credential fields, and reuses the Agent block's skills and memory subsystems.

Cloud backend (cloud-backend.ts): clones a repo into an isolated E2B sandbox, runs the Pi CLI in JSON-streaming mode, then stages/commits/pushes and opens a PR. Secret isolation is well-designed: the GitHub token is scoped only to the clone and push steps (and stripped from the remote between them), while the Pi loop runs with only the model key.
Local backend (local-backend.ts): loads the Pi SDK dynamically, opens a single reused SSH connection and SFTP channel for the run, exposes read/write/edit/bash tools confined to the configured repo path, and captures the working-tree diff over the same session.
Key resolution (keys.ts): enforces BYOK-only for cloud mode (model key goes into an untrusted sandbox), allows hosted keys for local mode mirroring the Agent block.

Confidence Score: 5/5

Safe to merge; no correctness or data-integrity issues found on the changed paths

The two backends are well-isolated (BYOK enforcement, per-command secret scoping, SSH connection and temp-dir cleanup correctly guarded). The only findings are two dead/premature checks in the cloud backend and a || vs ?? edge case in token accumulation — none affect run correctness in practice.

cloud-backend.ts has the dead isBYOK guard and the vertex-wastes-sandbox path; events.ts has the || vs ?? accumulation issue

Important Files Changed

Filename	Overview
apps/sim/executor/handlers/pi/pi-handler.ts	Main block handler: resolves model key, skills, memory, dispatches to local/cloud backend, handles streaming — no logic issues found
apps/sim/executor/handlers/pi/cloud-backend.ts	Cloud (E2B) backend with good secret isolation; two minor issues: dead `isBYOK` guard and vertex provider rejection happens after sandbox creation rather than before
apps/sim/executor/handlers/pi/local-backend.ts	SSH-local backend: temp-dir and SSH-connection cleanup are correctly guarded; abort handling and SDK teardown look correct
apps/sim/executor/handlers/pi/ssh-tools.ts	SSH file/bash tools with path confinement; SFTP channel failure now closes the SSH connection before re-throwing; `escapeShellArg` usage is correct
apps/sim/executor/handlers/pi/events.ts	Event normalization and token accumulation; `
apps/sim/executor/handlers/pi/keys.ts	Key resolution with cloud/local mode split; BYOK enforcement for cloud, hosted-key allowed for local — logic matches documented intent
apps/sim/blocks/blocks/pi.ts	Block definition with credential fields correctly marked `paramVisibility: 'user-only'` and `password: true`; mode-conditional subblocks look correct
apps/sim/lib/execution/e2b.ts	Adds `pi` sandbox kind with fail-closed template check; `withPiSandbox` isolates per-command secrets and always kills sandbox in finally
apps/sim/executor/handlers/pi/context.ts	Reuses Agent block's memory and skill subsystems for Pi; prompt assembly and memory append/load look correct
apps/sim/executor/handlers/pi/sim-tools.ts	Adapts Sim tools to Pi's backend-neutral PiToolSpec; `_context` override is spread last preventing LLM injection; MCP/custom-tool correctly excluded

Sequence Diagram

%%{init: {'theme': 'neutral'}}%%
sequenceDiagram
    participant UI as Block UI
    participant H as PiBlockHandler
    participant K as keys.ts
    participant CB as CloudBackend
    participant LB as LocalBackend
    participant E2B as E2B Sandbox
    participant SSH as SSH Session

    UI->>H: execute(inputs)
    H->>K: resolvePiModelKey(model, mode)
    K-->>H: "{providerId, apiKey, isBYOK}"

    alt Cloud mode
        H->>CB: runCloudPi(params, context)
        CB->>E2B: withPiSandbox()
        CB->>E2B: CLONE_SCRIPT (GITHUB_TOKEN scoped here only)
        CB->>E2B: writeFile(pi-prompt.txt)
        CB->>E2B: PI_SCRIPT (model key only, no GITHUB_TOKEN)
        CB->>E2B: PREPARE_SCRIPT (no secrets)
        CB->>E2B: PUSH_SCRIPT (GITHUB_TOKEN scoped here only)
        CB->>CB: openPullRequest via executeTool
        CB-->>H: "{totals, changedFiles, diff, prUrl}"
    else Local mode
        H->>LB: runLocalPi(params, context)
        LB->>SSH: openSshSession()
        LB->>LB: loadPiSdk() + createAgentSession()
        LB->>SSH: read/write/edit/bash tools
        LB->>SSH: captureRepoChanges()
        SSH-->>LB: "{changedFiles, diff}"
        LB-->>H: "{totals, changedFiles, diff}"
    end

    H->>H: appendPiMemory()
    H-->>UI: BlockOutput (content, tokens, cost, diff, prUrl)

%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
sequenceDiagram
    participant UI as Block UI
    participant H as PiBlockHandler
    participant K as keys.ts
    participant CB as CloudBackend
    participant LB as LocalBackend
    participant E2B as E2B Sandbox
    participant SSH as SSH Session

    UI->>H: execute(inputs)
    H->>K: resolvePiModelKey(model, mode)
    K-->>H: "{providerId, apiKey, isBYOK}"

    alt Cloud mode
        H->>CB: runCloudPi(params, context)
        CB->>E2B: withPiSandbox()
        CB->>E2B: CLONE_SCRIPT (GITHUB_TOKEN scoped here only)
        CB->>E2B: writeFile(pi-prompt.txt)
        CB->>E2B: PI_SCRIPT (model key only, no GITHUB_TOKEN)
        CB->>E2B: PREPARE_SCRIPT (no secrets)
        CB->>E2B: PUSH_SCRIPT (GITHUB_TOKEN scoped here only)
        CB->>CB: openPullRequest via executeTool
        CB-->>H: "{totals, changedFiles, diff, prUrl}"
    else Local mode
        H->>LB: runLocalPi(params, context)
        LB->>SSH: openSshSession()
        LB->>LB: loadPiSdk() + createAgentSession()
        LB->>SSH: read/write/edit/bash tools
        LB->>SSH: captureRepoChanges()
        SSH-->>LB: "{changedFiles, diff}"
        LB-->>H: "{totals, changedFiles, diff}"
    end

    H->>H: appendPiMemory()
    H-->>UI: BlockOutput (content, tokens, cost, diff, prUrl)

_{Reviews (3): Last reviewed commit: "fix tests" | Re-trigger Greptile}

icecrasher321 · 2026-06-23T03:43:44Z

@greptile

icecrasher321 · 2026-06-23T03:43:48Z

bugbot run

icecrasher321 · 2026-06-23T04:03:49Z

@greptile

icecrasher321 · 2026-06-23T04:03:52Z

bugbot run

icecrasher321 · 2026-06-23T04:42:07Z

bugbot run

cursor

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR

^{Reviewed by Cursor Bugbot for commit c7b1d4e. Configure here.}

icecrasher321 added 3 commits June 22, 2026 20:17

feat(pi): add pi coding agent harness

835ba61

formatting

12a7f9c

update docs

8796db1

icecrasher321 requested a review from a team as a code owner June 23, 2026 03:32

vercel Bot had a problem deploying to Preview June 23, 2026 03:32 Failure

cursor Bot reviewed Jun 23, 2026

View reviewed changes

Comment thread apps/sim/executor/handlers/pi/cloud-backend.ts

change version num

bac9331

greptile-apps Bot reviewed Jun 23, 2026

View reviewed changes

Comment thread apps/sim/blocks/blocks/pi.ts

guard to prevent prs on error

8ff71e4

vercel Bot deployed to Preview June 23, 2026 03:43 View deployment

update param visibility

991f047

vercel Bot temporarily deployed to Preview June 23, 2026 03:43 Inactive

cursor Bot reviewed Jun 23, 2026

View reviewed changes

Comment thread apps/sim/executor/handlers/pi/cloud-backend.ts

Comment thread apps/sim/executor/handlers/pi/keys.ts

greptile-apps Bot reviewed Jun 23, 2026

View reviewed changes

Comment thread apps/sim/executor/handlers/pi/ssh-tools.ts

address security concerns

4fb788b

vercel Bot temporarily deployed to Preview June 23, 2026 03:55 Inactive

fix tests

49cf895

vercel Bot temporarily deployed to Preview June 23, 2026 04:02 Inactive

cursor Bot reviewed Jun 23, 2026

View reviewed changes

Comment thread apps/sim/executor/handlers/pi/local-backend.ts

reorder:

c7b1d4e

vercel Bot temporarily deployed to Preview June 23, 2026 04:42 Inactive

cursor Bot reviewed Jun 23, 2026

View reviewed changes

icecrasher321 merged commit 6333919 into staging Jun 23, 2026
16 checks passed

Conversation

icecrasher321 commented Jun 23, 2026

Summary

Type of Change

Testing

Checklist

Uh oh!

gitguardian Bot commented Jun 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Uh oh!

vercel Bot commented Jun 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

cursor Bot commented Jun 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

PR Summary

Uh oh!

Uh oh!

greptile-apps Bot commented Jun 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Greptile Summary

Confidence Score: 5/5

Important Files Changed

Sequence Diagram

Uh oh!

Uh oh!

icecrasher321 commented Jun 23, 2026

Uh oh!

icecrasher321 commented Jun 23, 2026

Uh oh!

Uh oh!

Uh oh!

Uh oh!

icecrasher321 commented Jun 23, 2026

Uh oh!

icecrasher321 commented Jun 23, 2026

Uh oh!

Uh oh!

icecrasher321 commented Jun 23, 2026

Uh oh!

cursor Bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

gitguardian Bot commented Jun 23, 2026 •

edited

Loading

vercel Bot commented Jun 23, 2026 •

edited

Loading

cursor Bot commented Jun 23, 2026 •

edited

Loading

greptile-apps Bot commented Jun 23, 2026 •

edited

Loading