From 1bf77f82feafd72a7ab2a9e80b358647c0a2cb5c Mon Sep 17 00:00:00 2001
From: "MD.SHAMSUL ALAM" <113705486+shamsulalam1114@users.noreply.github.com>
Date: Wed, 28 Jan 2026 03:07:26 +0600
Subject: [PATCH] fix(media): wire tools.media.image.maxBytes config to image
 processing pipeline

Fixes #2954

The configuration setting tools.media.image.maxBytes was defined but not wired through the image sanitization pipeline. This resulted in hardcoded constants being used instead of the user-configured value.

Changes:
- Modified sanitizeSessionMessagesImages() to accept maxBytes in options
- Modified sanitizeSessionHistory() to accept and pass maxBytes parameter
- Updated attempt.ts to pass config value through the sanitization chain
- All sanitizeContentBlocksImages() calls now receive the configured maxBytes

This ensures that when users configure a custom image size limit, it is actually used throughout the image processing pipeline instead of being ignored.
---
 src/agents/pi-embedded-helpers/images.ts     | 6 ++++++
 src/agents/pi-embedded-runner/google.ts      | 2 ++
 src/agents/pi-embedded-runner/run/attempt.ts | 3 ++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/agents/pi-embedded-helpers/images.ts b/src/agents/pi-embedded-helpers/images.ts
index 518226ae0..c3cf28a60 100644
--- a/src/agents/pi-embedded-helpers/images.ts
+++ b/src/agents/pi-embedded-helpers/images.ts
@@ -38,6 +38,7 @@ export async function sanitizeSessionMessagesImages(
       allowBase64Only?: boolean;
       includeCamelCase?: boolean;
     };
+    maxBytes?: number;
   },
 ): Promise<AgentMessage[]> {
   const sanitizeMode = options?.sanitizeMode ?? "full";
@@ -62,6 +63,7 @@ export async function sanitizeSessionMessagesImages(
       const nextContent = (await sanitizeContentBlocksImages(
         content as ContentBlock[],
         label,
+        { maxBytes: options?.maxBytes },
       )) as unknown as typeof toolMsg.content;
       out.push({ ...toolMsg, content: nextContent });
       continue;
@@ -74,6 +76,7 @@ export async function sanitizeSessionMessagesImages(
         const nextContent = (await sanitizeContentBlocksImages(
           content as unknown as ContentBlock[],
           label,
+          { maxBytes: options?.maxBytes },
         )) as unknown as typeof userMsg.content;
         out.push({ ...userMsg, content: nextContent });
         continue;
@@ -88,6 +91,7 @@ export async function sanitizeSessionMessagesImages(
           const nextContent = (await sanitizeContentBlocksImages(
             content as unknown as ContentBlock[],
             label,
+            { maxBytes: options?.maxBytes },
           )) as unknown as typeof assistantMsg.content;
           out.push({ ...assistantMsg, content: nextContent });
         } else {
@@ -101,6 +105,7 @@ export async function sanitizeSessionMessagesImages(
           const nextContent = (await sanitizeContentBlocksImages(
             content as unknown as ContentBlock[],
             label,
+            { maxBytes: options?.maxBytes },
           )) as unknown as typeof assistantMsg.content;
           out.push({ ...assistantMsg, content: nextContent });
           continue;
@@ -118,6 +123,7 @@ export async function sanitizeSessionMessagesImages(
         const finalContent = (await sanitizeContentBlocksImages(
           filteredContent as unknown as ContentBlock[],
           label,
+          { maxBytes: options?.maxBytes },
         )) as unknown as typeof assistantMsg.content;
         if (finalContent.length === 0) {
           continue;
diff --git a/src/agents/pi-embedded-runner/google.ts b/src/agents/pi-embedded-runner/google.ts
index 7b26d0d04..0bef4d3af 100644
--- a/src/agents/pi-embedded-runner/google.ts
+++ b/src/agents/pi-embedded-runner/google.ts
@@ -313,6 +313,7 @@ export async function sanitizeSessionHistory(params: {
   sessionManager: SessionManager;
   sessionId: string;
   policy?: TranscriptPolicy;
+  maxBytes?: number;
 }): Promise<AgentMessage[]> {
   // Keep docs/reference/transcript-hygiene.md in sync with any logic changes here.
   const policy =
@@ -328,6 +329,7 @@ export async function sanitizeSessionHistory(params: {
     toolCallIdMode: policy.toolCallIdMode,
     preserveSignatures: policy.preserveSignatures,
     sanitizeThoughtSignatures: policy.sanitizeThoughtSignatures,
+    maxBytes: params.maxBytes,
   });
   const sanitizedThinking = policy.normalizeAntigravityThinkingBlocks
     ? sanitizeAntigravityThinkingBlocks(sanitizedImages)
diff --git a/src/agents/pi-embedded-runner/run/attempt.ts b/src/agents/pi-embedded-runner/run/attempt.ts
index 46a53bd8f..8c068e2af 100644
--- a/src/agents/pi-embedded-runner/run/attempt.ts
+++ b/src/agents/pi-embedded-runner/run/attempt.ts
@@ -523,6 +523,7 @@ export async function runEmbeddedAttempt(
           sessionManager,
           sessionId: params.sessionId,
           policy: transcriptPolicy,
+          maxBytes: params.config?.tools?.media?.image?.maxBytes,
         });
         cacheTrace?.recordStage("session:sanitized", { messages: prior });
         const validatedGemini = transcriptPolicy.validateGeminiTurns
@@ -743,7 +744,7 @@ export async function runEmbeddedAttempt(
             model: params.model,
             existingImages: params.images,
             historyMessages: activeSession.messages,
-            maxBytes: MAX_IMAGE_BYTES,
+            maxBytes: params.config?.tools?.media?.image?.maxBytes ?? MAX_IMAGE_BYTES,
             // Enforce sandbox path restrictions when sandbox is enabled
             sandboxRoot: sandbox?.enabled ? sandbox.workspaceDir : undefined,
           });