Summary
PipelineContext is a flat, global map[string]string. Any node can read and overwrite any key set by any other node. No namespacing, no scoping, no read/write visibility constraints.
Impact
- Node B can accidentally overwrite Node A's output via key collision
- No way to express "this value is private to this subgraph"
- The
context. prefix in variable resolution is a naming convention, not enforcement
- Works fine for well-authored small pipelines; becomes a hazard at scale
Recommendation
Sources
Found by: Grad Student AI Researcher, OpenAI Researcher (expert panel review)
Summary
PipelineContextis a flat, globalmap[string]string. Any node can read and overwrite any key set by any other node. No namespacing, no scoping, no read/write visibility constraints.Impact
context.prefix in variable resolution is a naming convention, not enforcementRecommendation
node.<id>.last_response)NodeIO(see fix(pipeline): NodeIO reads/writes and workflow.Version dropped by adapter #25)Sources
Found by: Grad Student AI Researcher, OpenAI Researcher (expert panel review)