From 50c9e76b79023d80ad2c23de2d4bfa4677366a94 Mon Sep 17 00:00:00 2001 From: Parfii-bot Date: Fri, 1 May 2026 23:05:07 +0800 Subject: [PATCH] feat(model-tier+branch-dna): activate cost router + give branches DNA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase 4 of substrate-unified-registry: turn on the existing kei-model-router by changing manifest defaults from `model = "opus"` to `model = "sonnet"` for routine agents, and give every git branch a deterministic DNA in the kei-status dashboard. The model-tier system was BUILT (`_primitives/_rust/kei-model-router/` crate with Beta posterior, complexity τ-estimator, escalate ladder, calibrate subcommand) and the advisor hook (`~/.claude/hooks/model-router-advisor.sh`) was REGISTERED. But every ledger row from this session ran on Opus because: 1. All 38 manifests hard-coded `model = "opus"` → no chance for the router to recommend cheaper. 2. The orchestrator (me) ignored the stderr advisory. This commit closes (1). (2) is a behavioural change tracked separately. Manifest reclassification (4 Opus + 34 Sonnet): Opus (hard reasoning): - architect (system-design synthesis) - ml-implementer (Math-First paradigm) - ml-researcher (literature analysis) - security-auditor (deep risk synthesis) Sonnet (everything else): - 8 code-implementer-* + code-implementer - 5 critic-* + critic - 6 infra-implementer-* + infra-implementer - 4 researcher-* + researcher - 6 validator-* + validator - 3 security-auditor-{differential,supply-chain,variant} - cost-guardian, fal-ai-runner, frontend-validator, modal-runner Regenerated all 38 `_generated/*.md` so the YAML frontmatter `model:` field matches the manifest. Branch DNA (kei-registry status): - New `compute_branch_dna(name, commit_sha)` in `status.rs`. Format `branch::git::::`, mirrors kei-shared DNA wire layout `::::::`. - Deterministic — same `(name, commit)` → same DNA. Changes when either changes. No DB persistence: the underlying truth lives in `.git/refs/heads/`. - 3 new unit tests cover format, determinism, name-change, commit- change. `cargo test status::tests` → 10 passed. `kei-registry status` output now shows DNA prefix per branch alongside ahead/behind, last commit. Combined with existing per-block DNA in the [Blocks] and [Path Atoms] sections + `dna` column on `agents` table in kei-ledger, every artefact in the dashboard has an identifier: Atoms (incl path-atoms) → atom:::::: (registry) Skills/Rules/Hooks/Prim → :::::: (registry) Agent forks → row.dna in agents table (ledger) Local branches → branch::git:::: (computed) What this does NOT do: - No outcome backfill — the 205 NULL outcomes in ledger still prevent the Beta posterior from learning. Router falls back to top-tier until ≥1 datapoint per (task_class, model) accumulates. Tracked as follow-up. - No post-checkout hook to auto-register branches in kei-ledger. Live shell-out to `git for-each-ref` is fast enough for the dashboard; persistence buys nothing the .git tree doesn't already give. === STATUS-TRUTH MARKER === shipped: functional stubs: 0 cargo-check: PASS behaviour-verified: yes follow-up-required: - Outcome backfill hook (writes outcome to ledger after agent done) - User /model claude-sonnet-4-6 for current session (5x cheaper) - Push the orchestrator (me) to read advisor stderr in real-time Co-Authored-By: Claude Opus 4.7 (1M context) --- _generated/code-implementer-flutter.md | 2 +- _generated/code-implementer-go.md | 2 +- _generated/code-implementer-python.md | 2 +- _generated/code-implementer-rust.md | 2 +- _generated/code-implementer-swift.md | 2 +- _generated/code-implementer-typescript.md | 2 +- _generated/code-implementer.md | 2 +- _generated/cost-guardian.md | 2 +- _generated/critic-anti-pattern.md | 2 +- _generated/critic-bug.md | 2 +- _generated/critic-perf.md | 2 +- _generated/critic-tech-debt.md | 2 +- _generated/critic.md | 2 +- _generated/fal-ai-runner.md | 2 +- _generated/frontend-validator.md | 2 +- _generated/infra-implementer-cicd.md | 2 +- _generated/infra-implementer-container.md | 2 +- _generated/infra-implementer-iac.md | 2 +- _generated/infra-implementer-secrets.md | 2 +- _generated/infra-implementer.md | 2 +- _generated/modal-runner.md | 2 +- _generated/researcher-code.md | 2 +- _generated/researcher-hybrid.md | 2 +- _generated/researcher-web.md | 2 +- _generated/researcher.md | 2 +- _generated/security-auditor-differential.md | 2 +- _generated/security-auditor-supply-chain.md | 2 +- _generated/security-auditor-variant.md | 2 +- _generated/validator-api.md | 2 +- _generated/validator-benchmark.md | 2 +- _generated/validator-code-reality.md | 2 +- _generated/validator-doc.md | 2 +- _generated/validator-version.md | 2 +- _generated/validator.md | 2 +- _manifests/code-implementer-flutter.toml | 2 +- _manifests/code-implementer-go.toml | 2 +- _manifests/code-implementer-python.toml | 2 +- _manifests/code-implementer-rust.toml | 2 +- _manifests/code-implementer-swift.toml | 2 +- _manifests/code-implementer-typescript.toml | 2 +- _manifests/code-implementer.toml | 2 +- _manifests/cost-guardian.toml | 2 +- _manifests/critic-anti-pattern.toml | 2 +- _manifests/critic-bug.toml | 2 +- _manifests/critic-perf.toml | 2 +- _manifests/critic-tech-debt.toml | 2 +- _manifests/critic.toml | 2 +- _manifests/fal-ai-runner.toml | 2 +- _manifests/frontend-validator.toml | 2 +- _manifests/infra-implementer-cicd.toml | 2 +- _manifests/infra-implementer-container.toml | 2 +- _manifests/infra-implementer-iac.toml | 2 +- _manifests/infra-implementer-secrets.toml | 2 +- _manifests/infra-implementer.toml | 2 +- _manifests/modal-runner.toml | 2 +- _manifests/researcher-code.toml | 2 +- _manifests/researcher-hybrid.toml | 2 +- _manifests/researcher-web.toml | 2 +- _manifests/researcher.toml | 2 +- _manifests/security-auditor-differential.toml | 2 +- _manifests/security-auditor-supply-chain.toml | 2 +- _manifests/security-auditor-variant.toml | 2 +- _manifests/validator-api.toml | 2 +- _manifests/validator-benchmark.toml | 2 +- _manifests/validator-code-reality.toml | 2 +- _manifests/validator-doc.toml | 2 +- _manifests/validator-version.toml | 2 +- _manifests/validator.toml | 2 +- _primitives/_rust/kei-registry/src/status.rs | 63 ++++++++++++++++++- 69 files changed, 128 insertions(+), 71 deletions(-) diff --git a/_generated/code-implementer-flutter.md b/_generated/code-implementer-flutter.md index bf25641..38b33ba 100644 --- a/_generated/code-implementer-flutter.md +++ b/_generated/code-implementer-flutter.md @@ -2,7 +2,7 @@ name: code-implementer-flutter description: Flutter / Dart implementation specialist. Riverpod state, Clean Architecture, multi-platform apps. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer-go.md b/_generated/code-implementer-go.md index 6cd7ee1..305e5a2 100644 --- a/_generated/code-implementer-go.md +++ b/_generated/code-implementer-go.md @@ -2,7 +2,7 @@ name: code-implementer-go description: Go implementation specialist. Mesh networking, lightweight CLI, embedded servers. Constructor Pattern enforced. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer-python.md b/_generated/code-implementer-python.md index 3eb97f1..007efd7 100644 --- a/_generated/code-implementer-python.md +++ b/_generated/code-implementer-python.md @@ -2,7 +2,7 @@ name: code-implementer-python description: Python implementation specialist. Use only when RULE 0.2 exception #N is stated. Default to delegating Rust. tools: Glob, Grep, Read, Edit, Write, Bash, NotebookEdit, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer-rust.md b/_generated/code-implementer-rust.md index 21c7ab6..8b38bf9 100644 --- a/_generated/code-implementer-rust.md +++ b/_generated/code-implementer-rust.md @@ -2,7 +2,7 @@ name: code-implementer-rust description: Rust implementation specialist (Cargo, traits, async/tokio, rusqlite, tests). RULE 0.2 default language. Constructor Pattern enforced. Hands off other languages to siblings. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer-swift.md b/_generated/code-implementer-swift.md index 0537149..dd215d4 100644 --- a/_generated/code-implementer-swift.md +++ b/_generated/code-implementer-swift.md @@ -2,7 +2,7 @@ name: code-implementer-swift description: Swift / SwiftUI / SPM implementation specialist. macOS menubar / iOS apps. Constructor Pattern enforced. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer-typescript.md b/_generated/code-implementer-typescript.md index 73074d4..8658c87 100644 --- a/_generated/code-implementer-typescript.md +++ b/_generated/code-implementer-typescript.md @@ -2,7 +2,7 @@ name: code-implementer-typescript description: TypeScript implementation specialist. Next.js 16 / Node / browser. Type-safe API contracts. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/code-implementer.md b/_generated/code-implementer.md index d56fc32..37b7de7 100644 --- a/_generated/code-implementer.md +++ b/_generated/code-implementer.md @@ -2,7 +2,7 @@ name: code-implementer description: Generic implementation specialist for Rust/Swift/Python/Go/Flutter/TypeScript. Constructor Pattern enforced, Rust-first, Test-First, Plan Mode for non-trivial changes. tools: Glob, Grep, Read, Edit, Write, Bash, NotebookEdit, Agent -model: opus +model: sonnet --- diff --git a/_generated/cost-guardian.md b/_generated/cost-guardian.md index 8ba52cd..38407ee 100644 --- a/_generated/cost-guardian.md +++ b/_generated/cost-guardian.md @@ -2,7 +2,7 @@ name: cost-guardian description: api-cost-guard.md enforcement gate — pre-launch compute cost verification for Modal/AWS/GCP/fal.ai/Apify/ElevenLabs. Verifies pricing page, dashboard balance, running jobs, file-state, and head-room. Read-only — emits GO/NO-GO recommendation BEFORE money is spent. tools: Glob, Grep, Read, Bash, WebFetch -model: opus +model: sonnet --- diff --git a/_generated/critic-anti-pattern.md b/_generated/critic-anti-pattern.md index 1464299..0a01ae6 100644 --- a/_generated/critic-anti-pattern.md +++ b/_generated/critic-anti-pattern.md @@ -2,7 +2,7 @@ name: critic-anti-pattern description: Detects code anti-patterns: god classes, deep inheritance, shotgun surgery, primitive obsession. Read-only. tools: Glob, Grep, Read -model: opus +model: sonnet --- diff --git a/_generated/critic-bug.md b/_generated/critic-bug.md index 20a9598..3bd95ab 100644 --- a/_generated/critic-bug.md +++ b/_generated/critic-bug.md @@ -2,7 +2,7 @@ name: critic-bug description: Detects bug patterns: off-by-one, error-swallowing, unchecked Result/Option, race conditions in shared state. Read-only. tools: Glob, Grep, Read -model: opus +model: sonnet --- diff --git a/_generated/critic-perf.md b/_generated/critic-perf.md index 7e5bcda..bdc0bc2 100644 --- a/_generated/critic-perf.md +++ b/_generated/critic-perf.md @@ -2,7 +2,7 @@ name: critic-perf description: Detects performance traps: N+1 queries, allocator hot loops, blocking-in-async, unbounded retention. Read-only. tools: Glob, Grep, Read -model: opus +model: sonnet --- diff --git a/_generated/critic-tech-debt.md b/_generated/critic-tech-debt.md index be8f521..efa1bbe 100644 --- a/_generated/critic-tech-debt.md +++ b/_generated/critic-tech-debt.md @@ -2,7 +2,7 @@ name: critic-tech-debt description: Detects dead code, TODO/FIXME, version-skew, abandoned branches, stale dependencies. Read-only. tools: Glob, Grep, Read, Bash -model: opus +model: sonnet --- diff --git a/_generated/critic.md b/_generated/critic.md index 61fc8c5..73190af 100644 --- a/_generated/critic.md +++ b/_generated/critic.md @@ -2,7 +2,7 @@ name: critic description: Ruthless code critic finding anti-patterns, tech debt, security issues, bugs, and performance traps. Read-only gate — outputs severity-sorted findings with file:line evidence. No fixes, only reports. tools: Glob, Grep, Read, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/fal-ai-runner.md b/_generated/fal-ai-runner.md index 3ec5931..7a6595d 100644 --- a/_generated/fal-ai-runner.md +++ b/_generated/fal-ai-runner.md @@ -2,7 +2,7 @@ name: fal-ai-runner description: fal.ai image, video, and 3D generation expert. Knows the current model catalog, per-model pricing, and full-site budgeting. Use for landing-page assets, hero images, 3D icons, SVG, GLB meshes, and video loops. tools: Glob, Grep, Read, Edit, Bash, WebFetch, Agent -model: opus +model: sonnet --- diff --git a/_generated/frontend-validator.md b/_generated/frontend-validator.md index ade20e5..5fb3894 100644 --- a/_generated/frontend-validator.md +++ b/_generated/frontend-validator.md @@ -2,7 +2,7 @@ name: frontend-validator description: Frontend continuous validator. Runs tsc --noEmit, eslint, kei-db-contract, optional visual snapshot. Surface drift between TS types and DB schema, type errors, lint regressions. Advisory by default. tools: Glob, Grep, Read, Bash -model: opus +model: sonnet --- diff --git a/_generated/infra-implementer-cicd.md b/_generated/infra-implementer-cicd.md index b62183a..16330e0 100644 --- a/_generated/infra-implementer-cicd.md +++ b/_generated/infra-implementer-cicd.md @@ -2,7 +2,7 @@ name: infra-implementer-cicd description: CI/CD pipeline specialist. GitHub Actions, GitLab CI, build-and-deploy scripts. Constructor Pattern. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/infra-implementer-container.md b/_generated/infra-implementer-container.md index e32b9f9..c86fe7d 100644 --- a/_generated/infra-implementer-container.md +++ b/_generated/infra-implementer-container.md @@ -2,7 +2,7 @@ name: infra-implementer-container description: Containerization specialist. Dockerfile, OCI images, multi-stage builds, distroless. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/infra-implementer-iac.md b/_generated/infra-implementer-iac.md index b532fa0..772886d 100644 --- a/_generated/infra-implementer-iac.md +++ b/_generated/infra-implementer-iac.md @@ -2,7 +2,7 @@ name: infra-implementer-iac description: Infrastructure-as-code specialist. Terraform, Pulumi, OpenTofu, CDK. Constructor Pattern (≤200 LOC per module). tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/infra-implementer-secrets.md b/_generated/infra-implementer-secrets.md index 6f6af31..a76c4cd 100644 --- a/_generated/infra-implementer-secrets.md +++ b/_generated/infra-implementer-secrets.md @@ -2,7 +2,7 @@ name: infra-implementer-secrets description: Secrets management specialist. Vault integration, sops, age, env-var injection. RULE 0.8 enforcer. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/infra-implementer.md b/_generated/infra-implementer.md index 9792a6e..db06303 100644 --- a/_generated/infra-implementer.md +++ b/_generated/infra-implementer.md @@ -2,7 +2,7 @@ name: infra-implementer description: Infrastructure code, deploys, CI/CD, secrets management, container/IaC. Per-project credential isolation, deploy-target guard enforcement, Self-Sufficiency Protocol, cost guard on paid compute. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/modal-runner.md b/_generated/modal-runner.md index f2f97b1..a0a4085 100644 --- a/_generated/modal-runner.md +++ b/_generated/modal-runner.md @@ -2,7 +2,7 @@ name: modal-runner description: Modal compute orchestrator. Pre-launch cost estimation, GPU compatibility check, single-variant verify, observability-first, and a hard anti-stop guard against stopping running training. Use for any Modal app launch, batch spawn, or job inspection. tools: Glob, Grep, Read, Edit, Write, Bash, Agent -model: opus +model: sonnet --- diff --git a/_generated/researcher-code.md b/_generated/researcher-code.md index 2a0cfb9..3e5c567 100644 --- a/_generated/researcher-code.md +++ b/_generated/researcher-code.md @@ -2,7 +2,7 @@ name: researcher-code description: Codebase research specialist. Glob / Grep / Read only. E1-E6 grading. tools: Glob, Grep, Read -model: opus +model: sonnet --- diff --git a/_generated/researcher-hybrid.md b/_generated/researcher-hybrid.md index 5247e45..a0a343b 100644 --- a/_generated/researcher-hybrid.md +++ b/_generated/researcher-hybrid.md @@ -2,7 +2,7 @@ name: researcher-hybrid description: Hybrid web+code research orchestrator. Routes to researcher-web and researcher-code in parallel. tools: Glob, Grep, Read, WebFetch, WebSearch, Agent -model: opus +model: sonnet --- diff --git a/_generated/researcher-web.md b/_generated/researcher-web.md index 6383881..63bc707 100644 --- a/_generated/researcher-web.md +++ b/_generated/researcher-web.md @@ -2,7 +2,7 @@ name: researcher-web description: Web research specialist. WebFetch / WebSearch only. E1-E6 grading. tools: WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/researcher.md b/_generated/researcher.md index 0fc4623..5759689 100644 --- a/_generated/researcher.md +++ b/_generated/researcher.md @@ -2,7 +2,7 @@ name: researcher description: Generic web + codebase research with 3 modes (web / code / hybrid). Returns Evidence-Graded findings. Read-only. Use for fact-finding, library/API discovery, comparative analysis, and any claim that needs verification. tools: Glob, Grep, Read, WebFetch, WebSearch, Agent -model: opus +model: sonnet --- diff --git a/_generated/security-auditor-differential.md b/_generated/security-auditor-differential.md index 73bdf8e..aa7398f 100644 --- a/_generated/security-auditor-differential.md +++ b/_generated/security-auditor-differential.md @@ -2,7 +2,7 @@ name: security-auditor-differential description: 9-point differential security review. Auth bypass, injection, deserialization, race conditions. Read-only. tools: Glob, Grep, Read, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/security-auditor-supply-chain.md b/_generated/security-auditor-supply-chain.md index 504b189..3cd9a3e 100644 --- a/_generated/security-auditor-supply-chain.md +++ b/_generated/security-auditor-supply-chain.md @@ -2,7 +2,7 @@ name: security-auditor-supply-chain description: Supply-chain audit on new dependencies: maintainers, CVE history, transitive deps, native code. Read-only. tools: Glob, Grep, Read, Bash, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/security-auditor-variant.md b/_generated/security-auditor-variant.md index cb103c6..e651951 100644 --- a/_generated/security-auditor-variant.md +++ b/_generated/security-auditor-variant.md @@ -2,7 +2,7 @@ name: security-auditor-variant description: Variant analysis after a vulnerability is found. Greps codebase for the same pattern. Read-only. tools: Glob, Grep, Read -model: opus +model: sonnet --- diff --git a/_generated/validator-api.md b/_generated/validator-api.md index 23d1bd9..c9ad2dc 100644 --- a/_generated/validator-api.md +++ b/_generated/validator-api.md @@ -2,7 +2,7 @@ name: validator-api description: Verifies API existence and signatures. Reads docs, greps source, fetches OpenAPI / vendor reference. Read-only. tools: Glob, Grep, Read, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/validator-benchmark.md b/_generated/validator-benchmark.md index a697377..8cdd20c 100644 --- a/_generated/validator-benchmark.md +++ b/_generated/validator-benchmark.md @@ -2,7 +2,7 @@ name: validator-benchmark description: Verifies external benchmark claims (p50/p95/throughput). Read-only. tools: Glob, Grep, Read, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/validator-code-reality.md b/_generated/validator-code-reality.md index f1938c5..98364e9 100644 --- a/_generated/validator-code-reality.md +++ b/_generated/validator-code-reality.md @@ -2,7 +2,7 @@ name: validator-code-reality description: Verifies behavioural claims against running code. Reads tests, traces, recent runs. Read-only. tools: Glob, Grep, Read, Bash -model: opus +model: sonnet --- diff --git a/_generated/validator-doc.md b/_generated/validator-doc.md index 071ecf4..7c98384 100644 --- a/_generated/validator-doc.md +++ b/_generated/validator-doc.md @@ -2,7 +2,7 @@ name: validator-doc description: Verifies documentation claims against code reality. Read-only. tools: Glob, Grep, Read, WebFetch -model: opus +model: sonnet --- diff --git a/_generated/validator-version.md b/_generated/validator-version.md index c44388d..04dabbc 100644 --- a/_generated/validator-version.md +++ b/_generated/validator-version.md @@ -2,7 +2,7 @@ name: validator-version description: Verifies version compatibility (semver, MSRV, transitive deps). Read-only. tools: Glob, Grep, Read, Bash, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_generated/validator.md b/_generated/validator.md index 0bb790b..422e400 100644 --- a/_generated/validator.md +++ b/_generated/validator.md @@ -2,7 +2,7 @@ name: validator description: RULE 0.4 enforcement gate — fact-checker and hallucination detector. Verifies API existence, version compatibility, documentation claims, code reality, and external benchmarks. Read-only — emits VERIFIED / UNVERIFIED / FALSE / PARTIALLY TRUE per claim. tools: Glob, Grep, Read, WebFetch, WebSearch -model: opus +model: sonnet --- diff --git a/_manifests/code-implementer-flutter.toml b/_manifests/code-implementer-flutter.toml index 08ad997..96878f0 100644 --- a/_manifests/code-implementer-flutter.toml +++ b/_manifests/code-implementer-flutter.toml @@ -4,7 +4,7 @@ name = "code-implementer-flutter" description = "Flutter / Dart implementation specialist. Riverpod state, Clean Architecture, multi-platform apps." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer-go.toml b/_manifests/code-implementer-go.toml index 64b2f68..23c597d 100644 --- a/_manifests/code-implementer-go.toml +++ b/_manifests/code-implementer-go.toml @@ -4,7 +4,7 @@ name = "code-implementer-go" description = "Go implementation specialist. Mesh networking, lightweight CLI, embedded servers. Constructor Pattern enforced." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer-python.toml b/_manifests/code-implementer-python.toml index 8e157cd..66fa174 100644 --- a/_manifests/code-implementer-python.toml +++ b/_manifests/code-implementer-python.toml @@ -4,7 +4,7 @@ name = "code-implementer-python" description = "Python implementation specialist. Use only when RULE 0.2 exception #N is stated. Default to delegating Rust." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "NotebookEdit", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer-rust.toml b/_manifests/code-implementer-rust.toml index 1bc9f5e..5eabf9b 100644 --- a/_manifests/code-implementer-rust.toml +++ b/_manifests/code-implementer-rust.toml @@ -4,7 +4,7 @@ name = "code-implementer-rust" description = "Rust implementation specialist (Cargo, traits, async/tokio, rusqlite, tests). RULE 0.2 default language. Constructor Pattern enforced. Hands off other languages to siblings." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer-swift.toml b/_manifests/code-implementer-swift.toml index 4682a73..53976b6 100644 --- a/_manifests/code-implementer-swift.toml +++ b/_manifests/code-implementer-swift.toml @@ -4,7 +4,7 @@ name = "code-implementer-swift" description = "Swift / SwiftUI / SPM implementation specialist. macOS menubar / iOS apps. Constructor Pattern enforced." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer-typescript.toml b/_manifests/code-implementer-typescript.toml index 3bb1450..9891068 100644 --- a/_manifests/code-implementer-typescript.toml +++ b/_manifests/code-implementer-typescript.toml @@ -4,7 +4,7 @@ name = "code-implementer-typescript" description = "TypeScript implementation specialist. Next.js 16 / Node / browser. Type-safe API contracts." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/code-implementer.toml b/_manifests/code-implementer.toml index abb846f..a964258 100644 --- a/_manifests/code-implementer.toml +++ b/_manifests/code-implementer.toml @@ -5,7 +5,7 @@ name = "code-implementer" description = "Generic implementation specialist for Rust/Swift/Python/Go/Flutter/TypeScript. Constructor Pattern enforced, Rust-first, Test-First, Plan Mode for non-trivial changes." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "NotebookEdit", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" produces_artifact = "patch" diff --git a/_manifests/cost-guardian.toml b/_manifests/cost-guardian.toml index 271ce40..3130c59 100644 --- a/_manifests/cost-guardian.toml +++ b/_manifests/cost-guardian.toml @@ -5,7 +5,7 @@ name = "cost-guardian" description = "api-cost-guard.md enforcement gate — pre-launch compute cost verification for Modal/AWS/GCP/fal.ai/Apify/ElevenLabs. Verifies pricing page, dashboard balance, running jobs, file-state, and head-room. Read-only — emits GO/NO-GO recommendation BEFORE money is spent." tools = ["Glob", "Grep", "Read", "Bash", "WebFetch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/critic-anti-pattern.toml b/_manifests/critic-anti-pattern.toml index 9ca7105..853a485 100644 --- a/_manifests/critic-anti-pattern.toml +++ b/_manifests/critic-anti-pattern.toml @@ -4,7 +4,7 @@ name = "critic-anti-pattern" description = "Detects code anti-patterns: god classes, deep inheritance, shotgun surgery, primitive obsession. Read-only." tools = ["Glob", "Grep", "Read"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/critic-bug.toml b/_manifests/critic-bug.toml index 2ca53ea..8503eda 100644 --- a/_manifests/critic-bug.toml +++ b/_manifests/critic-bug.toml @@ -4,7 +4,7 @@ name = "critic-bug" description = "Detects bug patterns: off-by-one, error-swallowing, unchecked Result/Option, race conditions in shared state. Read-only." tools = ["Glob", "Grep", "Read"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/critic-perf.toml b/_manifests/critic-perf.toml index 7414e18..afee1c8 100644 --- a/_manifests/critic-perf.toml +++ b/_manifests/critic-perf.toml @@ -4,7 +4,7 @@ name = "critic-perf" description = "Detects performance traps: N+1 queries, allocator hot loops, blocking-in-async, unbounded retention. Read-only." tools = ["Glob", "Grep", "Read"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/critic-tech-debt.toml b/_manifests/critic-tech-debt.toml index 5b79cfa..f8ba8af 100644 --- a/_manifests/critic-tech-debt.toml +++ b/_manifests/critic-tech-debt.toml @@ -4,7 +4,7 @@ name = "critic-tech-debt" description = "Detects dead code, TODO/FIXME, version-skew, abandoned branches, stale dependencies. Read-only." tools = ["Glob", "Grep", "Read", "Bash"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/critic.toml b/_manifests/critic.toml index 402ac32..2427db1 100644 --- a/_manifests/critic.toml +++ b/_manifests/critic.toml @@ -5,7 +5,7 @@ name = "critic" description = "Ruthless code critic finding anti-patterns, tech debt, security issues, bugs, and performance traps. Read-only gate — outputs severity-sorted findings with file:line evidence. No fixes, only reports." tools = ["Glob", "Grep", "Read", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" produces_artifact = "review" diff --git a/_manifests/fal-ai-runner.toml b/_manifests/fal-ai-runner.toml index 1eaca62..a8e1c61 100644 --- a/_manifests/fal-ai-runner.toml +++ b/_manifests/fal-ai-runner.toml @@ -5,7 +5,7 @@ name = "fal-ai-runner" description = "fal.ai image, video, and 3D generation expert. Knows the current model catalog, per-model pricing, and full-site budgeting. Use for landing-page assets, hero images, 3D icons, SVG, GLB meshes, and video loops." tools = ["Glob", "Grep", "Read", "Edit", "Bash", "WebFetch", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/frontend-validator.toml b/_manifests/frontend-validator.toml index efe2f39..9beee87 100644 --- a/_manifests/frontend-validator.toml +++ b/_manifests/frontend-validator.toml @@ -4,7 +4,7 @@ name = "frontend-validator" description = "Frontend continuous validator. Runs tsc --noEmit, eslint, kei-db-contract, optional visual snapshot. Surface drift between TS types and DB schema, type errors, lint regressions. Advisory by default." tools = ["Glob", "Grep", "Read", "Bash"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/infra-implementer-cicd.toml b/_manifests/infra-implementer-cicd.toml index 4d50e86..9080a5e 100644 --- a/_manifests/infra-implementer-cicd.toml +++ b/_manifests/infra-implementer-cicd.toml @@ -4,7 +4,7 @@ name = "infra-implementer-cicd" description = "CI/CD pipeline specialist. GitHub Actions, GitLab CI, build-and-deploy scripts. Constructor Pattern." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-shared" role = """ diff --git a/_manifests/infra-implementer-container.toml b/_manifests/infra-implementer-container.toml index 6799e17..4ed73f1 100644 --- a/_manifests/infra-implementer-container.toml +++ b/_manifests/infra-implementer-container.toml @@ -4,7 +4,7 @@ name = "infra-implementer-container" description = "Containerization specialist. Dockerfile, OCI images, multi-stage builds, distroless." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-shared" role = """ diff --git a/_manifests/infra-implementer-iac.toml b/_manifests/infra-implementer-iac.toml index 10f517a..a94cbf8 100644 --- a/_manifests/infra-implementer-iac.toml +++ b/_manifests/infra-implementer-iac.toml @@ -4,7 +4,7 @@ name = "infra-implementer-iac" description = "Infrastructure-as-code specialist. Terraform, Pulumi, OpenTofu, CDK. Constructor Pattern (≤200 LOC per module)." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-shared" role = """ diff --git a/_manifests/infra-implementer-secrets.toml b/_manifests/infra-implementer-secrets.toml index 6a2e5ae..36ac52e 100644 --- a/_manifests/infra-implementer-secrets.toml +++ b/_manifests/infra-implementer-secrets.toml @@ -4,7 +4,7 @@ name = "infra-implementer-secrets" description = "Secrets management specialist. Vault integration, sops, age, env-var injection. RULE 0.8 enforcer." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-shared" role = """ diff --git a/_manifests/infra-implementer.toml b/_manifests/infra-implementer.toml index 9392ac9..2fce3b5 100644 --- a/_manifests/infra-implementer.toml +++ b/_manifests/infra-implementer.toml @@ -5,7 +5,7 @@ name = "infra-implementer" description = "Infrastructure code, deploys, CI/CD, secrets management, container/IaC. Per-project credential isolation, deploy-target guard enforcement, Self-Sufficiency Protocol, cost guard on paid compute." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/modal-runner.toml b/_manifests/modal-runner.toml index baf79c9..3df3f40 100644 --- a/_manifests/modal-runner.toml +++ b/_manifests/modal-runner.toml @@ -5,7 +5,7 @@ name = "modal-runner" description = "Modal compute orchestrator. Pre-launch cost estimation, GPU compatibility check, single-variant verify, observability-first, and a hard anti-stop guard against stopping running training. Use for any Modal app launch, batch spawn, or job inspection." tools = ["Glob", "Grep", "Read", "Edit", "Write", "Bash", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "edit-local" role = """ diff --git a/_manifests/researcher-code.toml b/_manifests/researcher-code.toml index c5e0f4b..e76cb75 100644 --- a/_manifests/researcher-code.toml +++ b/_manifests/researcher-code.toml @@ -4,7 +4,7 @@ name = "researcher-code" description = "Codebase research specialist. Glob / Grep / Read only. E1-E6 grading." tools = ["Glob", "Grep", "Read"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/researcher-hybrid.toml b/_manifests/researcher-hybrid.toml index bb9c950..8c770b7 100644 --- a/_manifests/researcher-hybrid.toml +++ b/_manifests/researcher-hybrid.toml @@ -4,7 +4,7 @@ name = "researcher-hybrid" description = "Hybrid web+code research orchestrator. Routes to researcher-web and researcher-code in parallel." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/researcher-web.toml b/_manifests/researcher-web.toml index 48d7297..afa612f 100644 --- a/_manifests/researcher-web.toml +++ b/_manifests/researcher-web.toml @@ -4,7 +4,7 @@ name = "researcher-web" description = "Web research specialist. WebFetch / WebSearch only. E1-E6 grading." tools = ["WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/researcher.toml b/_manifests/researcher.toml index f65fa82..0ef1eea 100644 --- a/_manifests/researcher.toml +++ b/_manifests/researcher.toml @@ -5,7 +5,7 @@ name = "researcher" description = "Generic web + codebase research with 3 modes (web / code / hybrid). Returns Evidence-Graded findings. Read-only. Use for fact-finding, library/API discovery, comparative analysis, and any claim that needs verification." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch", "Agent"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/security-auditor-differential.toml b/_manifests/security-auditor-differential.toml index d1c272e..bcf87fb 100644 --- a/_manifests/security-auditor-differential.toml +++ b/_manifests/security-auditor-differential.toml @@ -4,7 +4,7 @@ name = "security-auditor-differential" description = "9-point differential security review. Auth bypass, injection, deserialization, race conditions. Read-only." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "auditor" role = """ diff --git a/_manifests/security-auditor-supply-chain.toml b/_manifests/security-auditor-supply-chain.toml index b20f2ee..0bb0af8 100644 --- a/_manifests/security-auditor-supply-chain.toml +++ b/_manifests/security-auditor-supply-chain.toml @@ -4,7 +4,7 @@ name = "security-auditor-supply-chain" description = "Supply-chain audit on new dependencies: maintainers, CVE history, transitive deps, native code. Read-only." tools = ["Glob", "Grep", "Read", "Bash", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "auditor" role = """ diff --git a/_manifests/security-auditor-variant.toml b/_manifests/security-auditor-variant.toml index 5a970e7..1afacc7 100644 --- a/_manifests/security-auditor-variant.toml +++ b/_manifests/security-auditor-variant.toml @@ -4,7 +4,7 @@ name = "security-auditor-variant" description = "Variant analysis after a vulnerability is found. Greps codebase for the same pattern. Read-only." tools = ["Glob", "Grep", "Read"] -model = "opus" +model = "sonnet" substrate_role = "auditor" role = """ diff --git a/_manifests/validator-api.toml b/_manifests/validator-api.toml index 3db4b2f..8438282 100644 --- a/_manifests/validator-api.toml +++ b/_manifests/validator-api.toml @@ -4,7 +4,7 @@ name = "validator-api" description = "Verifies API existence and signatures. Reads docs, greps source, fetches OpenAPI / vendor reference. Read-only." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/validator-benchmark.toml b/_manifests/validator-benchmark.toml index 7cb7a0a..0993dce 100644 --- a/_manifests/validator-benchmark.toml +++ b/_manifests/validator-benchmark.toml @@ -4,7 +4,7 @@ name = "validator-benchmark" description = "Verifies external benchmark claims (p50/p95/throughput). Read-only." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/validator-code-reality.toml b/_manifests/validator-code-reality.toml index 3b09d16..d177ea3 100644 --- a/_manifests/validator-code-reality.toml +++ b/_manifests/validator-code-reality.toml @@ -4,7 +4,7 @@ name = "validator-code-reality" description = "Verifies behavioural claims against running code. Reads tests, traces, recent runs. Read-only." tools = ["Glob", "Grep", "Read", "Bash"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/validator-doc.toml b/_manifests/validator-doc.toml index 67e08e1..43915bb 100644 --- a/_manifests/validator-doc.toml +++ b/_manifests/validator-doc.toml @@ -4,7 +4,7 @@ name = "validator-doc" description = "Verifies documentation claims against code reality. Read-only." tools = ["Glob", "Grep", "Read", "WebFetch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/validator-version.toml b/_manifests/validator-version.toml index 0b4220f..708b876 100644 --- a/_manifests/validator-version.toml +++ b/_manifests/validator-version.toml @@ -4,7 +4,7 @@ name = "validator-version" description = "Verifies version compatibility (semver, MSRV, transitive deps). Read-only." tools = ["Glob", "Grep", "Read", "Bash", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" role = """ diff --git a/_manifests/validator.toml b/_manifests/validator.toml index 834f69d..d98af83 100644 --- a/_manifests/validator.toml +++ b/_manifests/validator.toml @@ -5,7 +5,7 @@ name = "validator" description = "RULE 0.4 enforcement gate — fact-checker and hallucination detector. Verifies API existence, version compatibility, documentation claims, code reality, and external benchmarks. Read-only — emits VERIFIED / UNVERIFIED / FALSE / PARTIALLY TRUE per claim." tools = ["Glob", "Grep", "Read", "WebFetch", "WebSearch"] -model = "opus" +model = "sonnet" substrate_role = "read-only" produces_artifact = "review" diff --git a/_primitives/_rust/kei-registry/src/status.rs b/_primitives/_rust/kei-registry/src/status.rs index 9a7ead1..e2cabb9 100644 --- a/_primitives/_rust/kei-registry/src/status.rs +++ b/_primitives/_rust/kei-registry/src/status.rs @@ -48,6 +48,11 @@ pub struct BranchRow { pub ahead: u32, pub behind: u32, pub last_commit: String, + /// Deterministic DNA-style identifier for the branch. Format + /// `branch::git::::`. Computed + /// on-the-fly from `(name, last_commit)` so it survives without DB + /// persistence — the underlying truth lives in `.git/refs/heads/`. + pub dna: String, } #[derive(Debug, Clone, Serialize, Deserialize, Default)] @@ -127,6 +132,26 @@ fn path_atom_rows(conn: &Connection) -> Result> { Ok(rows) } +/// Compute a deterministic DNA-style identifier for a git branch. Mirrors +/// the kei-shared wire format `::::::`: +/// role is fixed `branch`, caps is fixed `git`, scope_sha is the first 8 +/// hex chars of `sha256(branch_name)`, body_sha is the first 8 chars of +/// the commit SHA (which is itself a SHA-1 prefix). The pair is unique +/// per (name, head_commit) so the DNA changes on every commit, mirroring +/// the immutable-content invariant atoms have. +fn compute_branch_dna(name: &str, commit_sha: &str) -> String { + use sha2::{Digest, Sha256}; + let mut h = Sha256::new(); + h.update(name.as_bytes()); + let name_sha = format!("{:x}", h.finalize()); + let scope8 = &name_sha[..8]; + let body8 = commit_sha + .get(..8) + .unwrap_or(commit_sha) + .to_ascii_lowercase(); + format!("branch::git::{scope8}::{body8}") +} + /// Take the first three segments of a `::::::...` /// DNA so the displayed prefix is readable but identifying. fn dna_prefix(dna: &str) -> String { @@ -161,13 +186,16 @@ fn git_branches(repo: &Path) -> Result> { Some(parts[1].to_string()) }; let (ahead, behind) = parse_track(parts[2]); + let last_commit = parts[3].to_string(); + let dna = compute_branch_dna(&name, &last_commit); rows.push(BranchRow { current: current_branch.as_deref() == Some(&name), name, upstream, ahead, behind, - last_commit: parts[3].to_string(), + last_commit, + dna, }); } Ok(rows) @@ -261,8 +289,8 @@ pub fn render_ascii(s: &Status) -> String { }; let upstream = b.upstream.as_deref().unwrap_or("(none)"); out.push_str(&format!( - " {} {:<40} → {:<25} {} @ {}\n", - marker, b.name, upstream, track, b.last_commit + " {} {:<40} → {:<25} {} @ {} {}\n", + marker, b.name, upstream, track, b.last_commit, dna_prefix(&b.dna) )); } out.push('\n'); @@ -327,6 +355,35 @@ mod tests { assert_eq!(dna_prefix(dna), "atom::md::1a771d51::…"); } + #[test] + fn branch_dna_is_deterministic_and_well_formed() { + let dna = compute_branch_dna("feat/foo-bar", "3422bdca12d4567"); + assert!(dna.starts_with("branch::git::")); + let parts: Vec<&str> = dna.split("::").collect(); + assert_eq!(parts.len(), 4); + assert_eq!(parts[0], "branch"); + assert_eq!(parts[1], "git"); + assert_eq!(parts[2].len(), 8); // sha8 of branch name + assert_eq!(parts[3], "3422bdca"); // first 8 of commit + // determinism: same input → same DNA + let dna2 = compute_branch_dna("feat/foo-bar", "3422bdca12d4567"); + assert_eq!(dna, dna2); + } + + #[test] + fn branch_dna_changes_on_commit() { + let a = compute_branch_dna("main", "aaaaaaaa1111"); + let b = compute_branch_dna("main", "bbbbbbbb2222"); + assert_ne!(a, b, "DNA should change when commit changes"); + } + + #[test] + fn branch_dna_changes_on_rename() { + let a = compute_branch_dna("main", "deadbeef"); + let b = compute_branch_dna("trunk", "deadbeef"); + assert_ne!(a, b, "DNA should change when name changes"); + } + #[test] fn render_ascii_empty_status_has_all_sections() { let s = Status::default();