Update tool.py

malhotra5 · malhotra5 · commit 248648fef407 · 2025-11-07T10:24:34.000-05:00
diff --git a/openhands-sdk/openhands/sdk/tool/tool.py b/openhands-sdk/openhands/sdk/tool/tool.py
@@ -364,16 +364,16 @@ def _get_tool_schema(
         action_type: type[Schema] | None = None,
     ) -> dict[str, Any]:
         action_type = action_type or self.action_type
+        action_type_with_risk = _create_action_type_with_risk(action_type)
 
-        if add_security_risk_prediction:
-            # Always include security_risk field when prediction is enabled
-            # This ensures consistent tool schemas regardless of tool type
-            # (including read-only tools)
-            action_type_with_risk = _create_action_type_with_risk(action_type)
-            schema = action_type_with_risk.to_mcp_schema()
-        else:
-            schema = action_type.to_mcp_schema()
-
+        add_security_risk_prediction = add_security_risk_prediction and (
+            self.annotations is None or (not self.annotations.readOnlyHint)
+        )
+        schema = (
+            action_type_with_risk.to_mcp_schema()
+            if add_security_risk_prediction
+            else action_type.to_mcp_schema()
+        )
         return schema
 
     def to_openai_tool(
@@ -384,9 +384,10 @@ def to_openai_tool(
         """Convert a Tool to an OpenAI tool.
 
         Args:
-            add_security_risk_prediction: Whether to include the `security_risk`
-                field in the tool schema. When enabled, the field is included
-                for all tool types (including read-only tools).
+            add_security_risk_prediction: Whether to add a `security_risk` field
+                to the action schema for LLM to predict. This is useful for
+                tools that may have safety risks, so the LLM can reason about
+                the risk level before calling the tool.
             action_type: Optionally override the action_type to use for the schema.
                 This is useful for MCPTool to use a dynamically created action type
                 based on the tool's input schema.
@@ -411,12 +412,6 @@ def to_responses_tool(
 
         For Responses API, function tools expect top-level keys:
         { "type": "function", "name": ..., "description": ..., "parameters": ... }
-
-        Args:
-            add_security_risk_prediction: Whether to include the `security_risk`
-                field in the tool schema. When enabled, the field is included
-                for all tool types (including read-only tools).
-            action_type: Optionally override the action_type to use for the schema.
         """
 
         return {
