A subagent defined with enable_write_tools=true via define_subagent cannot write files — the edit_file / write_to_file calls are denied with "permission denied."
The parent agent's policies=[policy.allow_all()] does not propagate to subagent trajectories. This means there is no way to create a subagent that can write files, even when explicitly enabled.
Related: #65 (MCP tool isolation flags also not enforced)
Steps to reproduce
- Configure agent with
policies=[policy.allow_all()] and enable_subagents=True
- Define a subagent:
define_subagent(name='writer', enable_write_tools=true, ...)
- Invoke the subagent with a prompt to create a file
- Subagent's
write_to_file call is denied
Expected behavior
With enable_write_tools=true, the subagent should be able to create/edit files.
Actual behavior
Write tools are denied regardless of the flag. The subagent reports "permission for the tool call was denied."
Environment
- SDK: google-antigravity (latest from PyPI as of 2026-06-15)
- Model: gemini-3.1-pro-preview-customtools
- Platform: macOS 26, Python 3.14
See #65 for full reproduction code and results table.
A subagent defined with
enable_write_tools=trueviadefine_subagentcannot write files — theedit_file/write_to_filecalls are denied with "permission denied."The parent agent's
policies=[policy.allow_all()]does not propagate to subagent trajectories. This means there is no way to create a subagent that can write files, even when explicitly enabled.Related: #65 (MCP tool isolation flags also not enforced)
Steps to reproduce
policies=[policy.allow_all()]andenable_subagents=Truedefine_subagent(name='writer', enable_write_tools=true, ...)write_to_filecall is deniedExpected behavior
With
enable_write_tools=true, the subagent should be able to create/edit files.Actual behavior
Write tools are denied regardless of the flag. The subagent reports "permission for the tool call was denied."
Environment
See #65 for full reproduction code and results table.