Bug Description
When using certain LLM providers (specifically qwen3.7-max via Alibaba DashScope OpenAI-compatible endpoint), the create_agent and load_skill tools fail with a Pydantic validation error because the model passes the skills parameter as a JSON-encoded string ('["sql_injection"]') instead of an actual JSON array (["sql_injection"]).
This causes all create_agent calls to fail, preventing the agent from spawning specialist child agents for parallel testing. The agent falls back to serial execution and often gets stuck browsing Caido proxy history instead of actively testing.
Error Message
Tool create_agent failed
An error occurred while running the tool. Please try again. Error: Invalid JSON input for tool create_agent: 1 validation error for create_agent_args
skills
Input should be a valid list [type=list_type, input_value='["sql_injection"]', input_type=str]
For further information, visit https://errors.pydantic.dev/2.13/v/list_type
The same error occurs for load_skill:
Invalid JSON input for tool load_skill: 1 validation error for load_skill_args
skills
Input should be a valid list [type=list_type, input_value='["xss"]', input_type=str]
Steps to Reproduce
- Configure Strix with qwen3.7-max via DashScope (OpenAI-compatible endpoint):
// ~/.strix/cli-config.json
{
"env": {
"STRIX_LLM": "openai/qwen3.7-max",
"LLM_API_BASE": "https://dashscope.aliyuncs.com/compatible-mode/v1",
"LLM_API_KEY": "sk-..."
}
}
- Run a scan that triggers
create_agent:
strix --target http://example.com --instruction "Use create_agent to spawn a SQL injection specialist with skills=[\"sql_injection\"]"
- Observe in
strix.log that every create_agent call fails:
DEBUG openai.agents: Invoking tool create_agent
DEBUG openai.agents: Tool create_agent failed
- Check
agents.db (SQLite) to confirm the error is a Pydantic validation failure on the skills parameter.
Root Cause
The skills parameter is typed as list[str] in both create_agent and load_skill. When the LLM provider serializes function call arguments, some providers (notably qwen3.7-max via DashScope) pass array-typed parameters as JSON-encoded strings rather than native JSON arrays. Pydantic's strict validation then rejects the string input before the function body executes.
This is a provider compatibility issue — the same LLM model works correctly for scalar parameters (strings, booleans) but fails for array parameters.
Environment
- OS: Windows 11
- Strix Version: 1.0.4 (also confirmed present in v1.1.0 source)
- Python Version: 3.13
- LLM Used: qwen3.7-max via Alibaba DashScope (OpenAI-compatible mode)
Impact
- Severity: High — completely breaks multi-agent orchestration
- Agent cannot spawn specialist child agents (SQL injection tester, XSS specialist, etc.)
- Falls back to serial execution, significantly reducing test coverage
- In our penetration test of a ZDNS DDI appliance, this caused 3 out of 6 scan runs to produce zero vulnerability findings because the agent never executed injection payloads
Proposed Fix
We have a working fix that adds type tolerance for string-encoded arrays:
- Widen the type annotation:
skills: list[str] -> skills: str | list[str]
- Add
strict_mode=False to the @function_tool decorator
- Parse string inputs in the function body:
if isinstance(skills, str):
try:
skills = json.loads(skills)
except json.JSONDecodeError:
skills = [s.strip() for s in skills.split(",") if s.strip()]
This fix has been tested and verified: after applying it, create_agent successfully spawns child agents that execute 23+ exec_command calls for SQL injection testing.
Files to fix:
strix/tools/agents_graph/tools.py (create_agent)
strix/tools/load_skill/tool.py (load_skill)
We will submit a PR with this fix.
Bug Description
When using certain LLM providers (specifically qwen3.7-max via Alibaba DashScope OpenAI-compatible endpoint), the
create_agentandload_skilltools fail with a Pydantic validation error because the model passes theskillsparameter as a JSON-encoded string ('["sql_injection"]') instead of an actual JSON array (["sql_injection"]).This causes all
create_agentcalls to fail, preventing the agent from spawning specialist child agents for parallel testing. The agent falls back to serial execution and often gets stuck browsing Caido proxy history instead of actively testing.Error Message
The same error occurs for
load_skill:Steps to Reproduce
create_agent:strix --target http://example.com --instruction "Use create_agent to spawn a SQL injection specialist with skills=[\"sql_injection\"]"strix.logthat everycreate_agentcall fails:agents.db(SQLite) to confirm the error is a Pydantic validation failure on theskillsparameter.Root Cause
The
skillsparameter is typed aslist[str]in bothcreate_agentandload_skill. When the LLM provider serializes function call arguments, some providers (notably qwen3.7-max via DashScope) pass array-typed parameters as JSON-encoded strings rather than native JSON arrays. Pydantic's strict validation then rejects the string input before the function body executes.This is a provider compatibility issue — the same LLM model works correctly for scalar parameters (strings, booleans) but fails for array parameters.
Environment
Impact
Proposed Fix
We have a working fix that adds type tolerance for string-encoded arrays:
skills: list[str]->skills: str | list[str]strict_mode=Falseto the@function_tooldecoratorThis fix has been tested and verified: after applying it,
create_agentsuccessfully spawns child agents that execute 23+exec_commandcalls for SQL injection testing.Files to fix:
strix/tools/agents_graph/tools.py(create_agent)strix/tools/load_skill/tool.py(load_skill)We will submit a PR with this fix.