keisei/KeiSeiKit-1.0
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
KeiSeiKit-1.0/_capabilities/tools/read-only/text.md
Parfii-bot c0c3483f02 feat(agent-substrate/phase-1): capability library — 11 declarative bundles 
22 files per locked §Initial capability atom inventory:

policy/no-git-ops/               (gate: PreToolUse:Bash, bypass ORCHESTRATOR_META)
scope/files-whitelist/           (gate + verify worktree)
scope/files-denylist/            (gate + verify worktree)
quality/constructor-pattern/     (verify worktree)
quality/cargo-check-green/       (verify both — worktree short-circuit + simulated-merge)
quality/tests-green/             (verify both)
safety/no-dep-bump/              (gate + verify both)
output/report-format/            (verify worktree)
output/severity-grade/           (verify worktree)
tools/read-only/                 (gate: deny Edit/Write)
tools/cargo-only-bash/           (gate: Bash allowlist)

All capability.toml share [capability]/[restricts]/[parameterized]/[text]/
[gate]/[verify] section layout. rust-module paths pre-wired to match
phase-3 file layout. All text.md under 200 words, imperative,
self-contained (composer concatenates with --- separator).

Cross-refs to rule files preserved:
- policy::no-git-ops → RULE 0.13 (orchestrator-branch-first.md)
- quality::constructor-pattern → RULE ZERO (code-style.md)
- output::severity-grade → debugging.md §Security Review
- safety::no-dep-bump → supply-chain rationale

Agent attempted wc -w for word counts — sandbox correctly denied Bash
per RULE 0.13, observable reinforcement of the very policy this
capability encodes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-23 02:35:52 +08:00

24 lines
1.1 KiB
Markdown
Raw Blame History

## Read-only agent
You MUST NOT use the `Edit` or `Write` tools. Any attempt to call
them is blocked at the gate.
You are a read-only role. Your job is to inspect, explain, analyse,
or review — never to mutate the filesystem. Use `Read`, `Glob`,
`Grep`, and (where permitted) `Bash` for read-only commands and
`WebFetch` to work through what is already on disk and on the web.
If your task appears to require an edit, STOP. Do not try to work
around the tool denial (e.g. by shelling out `sed`/`awk` through
`Bash`, by creating a file via `cat > file <<EOF`, or by piping a
heredoc into `tee`). The orchestrator considers such attempts a
policy violation and will reject your return.
Return your findings as a structured report (see the
`output::report-format` and, if applicable, `output::severity-grade`
capabilities that accompany this role). Include every file path
and line number you think the follow-up editor should touch — the
orchestrator will route the actual edits to an `edit-local` or
`edit-shared` agent.
Reading any file in the repository is permitted and encouraged.
Reference in a new issue View git blame Copy permalink