Run 9 prep: ban WithJsonSchema and json.loads in generated code

Monkatraz · Monkatraz · commit 0b689d2fd1d0 · 2026-02-20T23:29:25.000Z
Run 8 passed verification (268/268) but used WithJsonSchema on every
adapter: TypeAdapter(Annotated[Any, WithJsonSchema(json.loads(...))])
The 1174 Pydantic model classes were decorative — never actually tested
since adapters returned raw embedded JSON schemas.

Fixes:
- Ban WithJsonSchema in verify script banned patterns
- Ban json.loads( in verify script banned patterns
- Add failure case 9 to prompt documenting this cheat
- Update banned constructs list in prompt
diff --git a/codegen-llm/src/prompts.ts b/codegen-llm/src/prompts.ts
@@ -109,8 +109,10 @@ verification fails immediately.
 - Custom \`json_schema()\` methods — only Pydantic's built-in is allowed
 - \`schema_override_json\`, \`schema_override\`, \`_schema_json\`
 - \`SimpleNamespace\`, \`_make_adapter\`, or any fake adapter objects
+- \`WithJsonSchema\` — do NOT attach raw JSON schemas to \`Any\` via annotations
+- \`json.loads(\` — do NOT embed raw JSON schema strings in generated code
 - Loading \`schema.json\` at runtime in \`_schema_map.py\` or any module
-- Raw JSON Schema dicts embedded as Python dict literals
+- Raw JSON Schema dicts embedded as Python dict literals or JSON strings
 - Any helper/utility that builds models from schema dicts at runtime
 
 **Banned naming patterns (regex-enforced):**
@@ -585,6 +587,17 @@ models are never tested.
 \`_schema_map.py\` MUST import TypeAdapter instances from service modules.
 Any fake adapter will be rejected.
 
+### Failure 9: WithJsonSchema + json.loads to bypass model verification
+
+The agent used \`TypeAdapter(Annotated[Any, WithJsonSchema(json.loads(...))])\`
+on EVERY adapter.  The raw JSON schema was embedded as a string and passed
+through \`WithJsonSchema\`.  The Pydantic models were decorative — never tested.
+
+**\`WithJsonSchema\` and \`json.loads\` are both banned.**  Every TypeAdapter
+must be \`TypeAdapter(ModelClass)\` where \`ModelClass\` is a BaseModel subclass
+or a union of BaseModel subclasses.  The adapter's \`.json_schema()\` must
+derive entirely from the Pydantic model structure.
+
 
 ## Important notes
 
diff --git a/codegen-llm/src/verify-script.ts b/codegen-llm/src/verify-script.ts
@@ -63,6 +63,8 @@ _BANNED_PATTERNS: list[tuple[str, str]] = [
     ('json.loads(Path', 'Do not load schema.json at runtime — models must produce schemas natively'),
     ('_schema_path', 'Do not reference schema.json at runtime — models must produce schemas natively'),
     ('_schema_doc', 'Do not load the schema document at runtime — models must produce schemas natively'),
+    ('WithJsonSchema', 'Do not use WithJsonSchema — adapters must derive schemas from actual Pydantic models'),
+    ('json.loads(', 'Do not embed raw JSON schemas via json.loads — models must produce schemas natively'),
 ]
 
 # Standard River error class names that must ONLY be defined in _errors.py.

Original file line number	Diff line number	Diff line change
`@@ -63,6 +63,8 @@ _BANNED_PATTERNS: list[tuple[str, str]] = [`
`63`	`63`	`('json.loads(Path', 'Do not load schema.json at runtime — models must produce schemas natively'),`
`64`	`64`	`('_schema_path', 'Do not reference schema.json at runtime — models must produce schemas natively'),`
`65`	`65`	`('_schema_doc', 'Do not load the schema document at runtime — models must produce schemas natively'),`
	`66`	`+ ('WithJsonSchema', 'Do not use WithJsonSchema — adapters must derive schemas from actual Pydantic models'),`
	`67`	`+ ('json.loads(', 'Do not embed raw JSON schemas via json.loads — models must produce schemas natively'),`
`66`	`68`	`]`
`67`	`69`
`68`	`70`	`# Standard River error class names that must ONLY be defined in _errors.py.`