5f7a5b2639
47 crates, 801 tests green (up from 771 at v0.34.0). Wave 18 audit
found 8 HIGH findings across architect/critic/security/validator. All
closed. Three-role pipeline REBUILT after validator discovered Wave 16
commit was a half-commit (files claimed but never tracked).
## A. Three-role pipeline (REBUILD — was missing from v0.33.0 despite
CHANGELOG claim)
Files validator flagged absent: _roles/auditor.toml + merger.toml,
4 _capabilities/{policy/git-ops-scope,output/verdict,output/merge-result,
verify/fork-audit}/text.md, kei-spawn/src/{pipeline,precedent}.rs,
pipeline_smoke.rs + pipeline_unit.rs tests. ALL NOW REAL (verified by
git log --all and `ls`).
- auditor role: claude-subagent-type=critic, handoff=[merger]
- merger role: git-ops scope, claude-subagent-type=infra-implementer,
leaf (empty handoff)
- 5 capability text.md (+ capability.toml for each) defining contracts
- kei-spawn pipeline.rs (171 LOC): pipeline_from_role, derive_steps,
emit_pipeline_json, scaffold_downstream_tasks
- kei-spawn precedent.rs (118 LOC): env-gated advisory shell-out
- --pipeline flag on spawn subcommand
- +11 tests (pipeline_smoke + pipeline_unit)
## B. kei-fork — 4 HIGH fixes (Critic F1+F7a, Security #3+#4)
- `git add -A` → explicit path list from ls-untracked + ls-modified,
with exclusion filter for .DONE / .KEI_FORK_META.toml / _archive/ /
_forks/. No more merge bleed. +1 regression test.
- create() rollback: on write_meta or ledger_fork failure, worktree
+ branch cleaned. +1 test via KEI_FORK_FORCE_LEDGER_FAIL=1.
- worktree_add arg injection: added `--` sentinel + is_safe_refname()
validator (refuses dash-leading, NUL, ..). +3 tests.
- PATH hijack: KEI_FORK_GIT_BIN env override for all Command::new(git).
+1 test.
## C. kei-spawn — 2 HIGH fixes (Security #1+#2)
- HTTP body unbounded DoS: MAX_BODY_BYTES=10MiB + content-length
pre-check + streamed cap (io::Read::take) for chunked encoding.
+2 feature-gated tests.
- PATH hijack: KEI_LEDGER_BIN env override already existed at
ledger_sh.rs:15; documented precedence + added 4 regression tests
locking the 3-tier lookup order.
## D. kei-ledger-sign — 1 HIGH fix (Security #2)
- save_keypair atomic POSIX open(2) O_CREAT|O_EXCL + mode 0o600 +
rename(2) into place. No race window where key is world-readable.
+2 tests.
## E. spawn_from_task rollback (Critic F7b)
- register_in_ledger helper: on ledger fork failure, rollback_task_dir
before error propagation. +1 test spawn_rolls_back_task_dir_on_ledger_fail.
## Audit summary
- architect: GO conditional (taxonomy 19% — defer)
- critic: HIGH closed, MEDIUM debt logged
- security: 4 HIGH closed; MEDIUM (tar symlink, watcher symlink) tracked
- validator: CHANGELOG no longer lies — three-role pipeline is real
- patent-compliance: GO / LOW risk unchanged
All 8 HIGH blockers from Wave 18 consolidated audit → GREEN.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| _rust | ||
| templates | ||
| design-scrape.sh | ||
| figma-tokens.sh | ||
| frontend-inspect.sh | ||
| harden-base.sh | ||
| kei-ci-lint.sh | ||
| kei-docs-scaffold.sh | ||
| kei-sleep-queue.sh | ||
| kei-sleep-setup.sh | ||
| kei-sleep-sync.sh | ||
| live-preview.sh | ||
| log-ship.sh | ||
| MANIFEST.toml | ||
| metrics-scrape.sh | ||
| provision-hetzner.sh | ||
| provision-vultr.sh | ||
| README.md | ||
| screenshot-decode.sh | ||
| tomd.sh | ||
_primitives — first-class building blocks
_primitives/ holds standalone utilities that agents, hooks, and skills
(including /compose-solution) depend on. Unlike _blocks/ (behavioral
markdown) or _manifests/ (agent TOML), primitives are executable shell
programs installed at $HOME/.claude/agents/_primitives/ by install.sh.
Current primitives
| Primitive | Purpose | Invocation |
|---|---|---|
tomd.sh |
Universal non-native-format → markdown converter (PDF, DOCX, XLSX, PPTX, CSV, images, code). | ~/.claude/agents/_primitives/tomd.sh <file> |
tomd.sh is a first-class primitive. Universal non-native-format →
markdown converter with configurable cache directory
(KEISEI_TOMD_CACHE) and KeiSeiKit-style error tags ([tomd]).
Hook integration
hooks/tomd-preread.sh is a PreToolUse(Read) hook that auto-redirects
Claude to the converted markdown when a Read targets .docx / .doc / .xlsx / .pptx / .csv. Cached under $KEISEI_TOMD_CACHE (default
/tmp/keisei-tomd-cache).
/compose-solution discovery
Phase 3 prior-art sweep greps _primitives/ alongside _blocks/,
_manifests/, skills/, _bridges/, hooks/. If a user task involves
file-format parsing, the meta-composer surfaces tomd automatically —
reuse over rewrite (RULE "No Patching").