Hide clickup_task_id from LLM tool schema to prevent hallucination

Removed clickup_task_id from write_press_releases function signature
so the LLM cannot see or fabricate a task ID. The parameter is now
passed through ctx by the ToolRegistry — the scheduler sets it in
args, and execute() moves it into the ctx dict before filtering.
Only system-injected task IDs can reach the tool.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

cheddahbot/tools/__init__.py

@@ -152,13 +152,17 @@ class ToolRegistry:
             # Inject context if the function expects it
             sig = inspect.signature(tool_def.func)
             if "ctx" in sig.parameters:
-                args["ctx"] = {
+                ctx = {
                     "config": self.config,
                     "db": self.db,
                     "agent": self.agent,
                     "memory": self.agent._memory,
                     "agent_registry": self.agent_registry,
                 }
+                # Pass scheduler-injected metadata through ctx (not LLM-visible)
+                if "clickup_task_id" in args:
+                    ctx["clickup_task_id"] = args.pop("clickup_task_id")
+                args["ctx"] = ctx
 
             # Filter args to only params the function accepts (plus **kwargs)
             has_var_keyword = any(

cheddahbot/tools/press_release.py

@@ -403,7 +403,6 @@ def write_press_releases(
     url: str = "",
     lsi_terms: str = "",
     required_phrase: str = "",
-    clickup_task_id: str = "",
     ctx: dict | None = None,
 ) -> str:
     """Run the full press-release pipeline and return results + cost summary."""
@@ -412,6 +411,9 @@ def write_press_releases(
 
     agent = ctx["agent"]
 
+    # clickup_task_id is injected via ctx by the ToolRegistry (never from LLM)
+    clickup_task_id = ctx.get("clickup_task_id", "")
+
     # ── ClickUp: set "in progress" and post starting comment ────────────
     cu_client = None
     if clickup_task_id: