d72ae51f16
Single-command "prepare spawn" that emits everything orchestrator needs to invoke the Agent tool: composed prompt, subagent_type (from role's new claude-subagent-type field), isolation mode, verify command, ledger row. Before this: orchestrator ran compose + read prompt + manually constructed Agent tool call + manually built verify command. 4 steps. After: `kei-agent-runtime prepare <task.toml> --format=human` outputs a single copy-paste-ready block. Orchestrator pastes into Agent tool and records the verify command for return. Files: - src/prepare.rs (170 LOC) — prepare() returns AgentInvocation struct (agent_id, prompt, subagent_type, isolation, description, verify_command, ledger_row) - src/main.rs (+39 LOC) — Prepare subcommand with --format=human|json|toml - src/lib.rs (+2 LOC — pub mod prepare) - _roles/*.toml (5 files) — new optional claude-subagent-type field: - edit-local / edit-shared → "code-implementer" - read-only → "critic" (default; "architect" override possible) - explorer → "Explore" - git-ops → "NOT-SPAWNABLE" (refused by prepare with RULE 0.13) - tests/prepare_smoke.rs (3 tests) — happy path, unknown role, non-spawnable refusal - docs/AGENT-SUBSTRATE-SCHEMA.md (+ ## Orchestrator ergonomics section) Tests: 40/40 (was 37, +3 prepare_smoke). Same path exercised in tempfile fixtures that the real CLI would hit end-to-end. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
22 lines
1 KiB
TOML
22 lines
1 KiB
TOML
[role]
|
|
name = "git-ops"
|
|
display-name = "git operator (orchestrator-only, NOT spawnable)"
|
|
description = "Documented boundary of git authority. Per RULE 0.13, only the orchestrator (main session) holds git power: branch creation, commit, push, merge, rebase, reset, tag. This role is documented for completeness and is refused by kei-agent-runtime at spawn time."
|
|
spawnable = false
|
|
# Documented for completeness; never consumed because spawnable = false.
|
|
claude-subagent-type = "NOT-SPAWNABLE"
|
|
|
|
[capabilities]
|
|
# No capability restrictions declared here — this role is never composed into
|
|
# a prompt. The sole consumer is `kei-agent-runtime spawn`, which checks
|
|
# `spawnable = false` and refuses the invocation with a pointer to RULE 0.13.
|
|
required = []
|
|
|
|
[tools]
|
|
# Documented as "everything"; not enforced because role is non-spawnable.
|
|
allowed = ["Read", "Write", "Edit", "Glob", "Grep", "Bash", "WebFetch"]
|
|
bash-patterns-allowed = ['.*']
|
|
|
|
[escalation]
|
|
# Not reachable at runtime — orchestrator owns this context directly.
|
|
policy = "fail-fast"
|