Bug: Live Editor testing broken + security scanner false positives on string content #218
Description
Bugs
1. Live Editor testing does not trigger abilities
Hotwords do not fire in Live Test mode. The only way to test is to publish the ability, enable it on an agent, and trigger it live. No way to override agent or voice settings from the editor.
2. Security scanner flags words inside strings
The scanner matches forbidden module names as substrings in string literals.
Example: "I've watched a lot of pilots answer this signal." → Forbidden usage of module: signal
This is dialogue text, not a Python import. The scanner should use AST-based checking or skip string content.
Current developer workflow
- Edit code → zip → delete old ability → upload new zip
- Go to Installed Abilities → toggle on
- Wait (no deploy status shown)
- Hit false positive scan errors on string content → reword text → re-zip → repeat
- Trigger on live agent to test
Expected workflow
- Edit in Live Editor → click "Start Live Test" → ability triggers
- Iterate until working
- Publish when ready (separate step)
Suggested priority
- Fix security scanner — skip string literals
- Fix Live Editor testing — hotwords should trigger
- In-place update — no delete + re-upload needed
- Deploy status — show deploying / live / failed
See also
- Bug: New ability commits only update in editor, not in main agent flow #220 — New commits don't deploy to main agent flow
- Feature request: CLI tool + git-based development workflow #219 — CLI tool + git-based workflow (feature request)
Community developer + community manager. Happy to help test fixes.