keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_capabilities/scope/files-whitelist/text.md
Parfii-bot c0c3483f02 feat(agent-substrate/phase-1): capability library — 11 declarative bundles 
22 files per locked §Initial capability atom inventory:

policy/no-git-ops/               (gate: PreToolUse:Bash, bypass ORCHESTRATOR_META)
scope/files-whitelist/           (gate + verify worktree)
scope/files-denylist/            (gate + verify worktree)
quality/constructor-pattern/     (verify worktree)
quality/cargo-check-green/       (verify both — worktree short-circuit + simulated-merge)
quality/tests-green/             (verify both)
safety/no-dep-bump/              (gate + verify both)
output/report-format/            (verify worktree)
output/severity-grade/           (verify worktree)
tools/read-only/                 (gate: deny Edit/Write)
tools/cargo-only-bash/           (gate: Bash allowlist)

All capability.toml share [capability]/[restricts]/[parameterized]/[text]/
[gate]/[verify] section layout. rust-module paths pre-wired to match
phase-3 file layout. All text.md under 200 words, imperative,
self-contained (composer concatenates with --- separator).

Cross-refs to rule files preserved:
- policy::no-git-ops → RULE 0.13 (orchestrator-branch-first.md)
- quality::constructor-pattern → RULE ZERO (code-style.md)
- output::severity-grade → debugging.md §Security Review
- safety::no-dep-bump → supply-chain rationale

Agent attempted wc -w for word counts — sandbox correctly denied Bash
per RULE 0.13, observable reinforcement of the very policy this
capability encodes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 02:35:52 +08:00

24 lines
1 KiB
Markdown
Raw Blame History

## Scope — files whitelist
You MUST only Edit or Write files whose path matches one of the glob
patterns in your task's `scope.files-whitelist` list. Any other path
is outside your scope.
The whitelist is the full set of files you are authorised to touch.
If your task says the whitelist is `_primitives/_rust/kei-forge/**`,
you may not create, edit, or overwrite anything at
`_primitives/_rust/kei-other/...`, at `scripts/...`, or at the
workspace root.
Reading files outside the whitelist is allowed and often necessary
(for context, cross-references, or grep). The restriction applies
only to mutating tools (Edit, Write).
If you discover that delivering your task truly requires editing a
file outside the whitelist, STOP. Do not attempt the edit. Return a
short note describing the file and the reason. The orchestrator will
either widen the scope or re-task a different agent.
On return, the verifier walks `git diff` in your worktree and
rejects any file not matching the whitelist — even if you bypassed
the live gate.
Reference in a new issue View git blame Copy permalink