e4b64418fc
Pre-unlock wave U2. Task 3 from CONVERGENCE-PLAN — rename misleading
capability names, keep old names as deprecated aliases.
Renames:
- tools::read-only → tools::deny-tools (mechanism is tool-name denial,
not "read-only" metaphor)
- tools::cargo-only-bash → tools::bash-allowlist (mechanism is Bash
pattern allow-list; cargo-only is one config value)
Back-compat via registry.resolve_alias():
- Old dir _capabilities/tools/{read-only,cargo-only-bash}/ retained with
capability.toml-only stub: `alias = "<new-name>"` + `deprecated` field
- registry.rs loads alias stubs, redirects lookup before dispatch
- warn_deprecated_once() emits single-shot stderr per alias per process
via OnceLock<Mutex<HashSet>>
- Zero breaking change to existing manifests / task.toml referencing
old names
Rust impl files renamed in place:
- gates/tools_read_only.rs → gates/tools_deny_tools.rs (struct
DenyTools)
- gates/tools_cargo_only_bash.rs → gates/tools_bash_allowlist.rs
(struct BashAllowlist)
- gates/mod.rs + registry.rs + gate_smoke.rs updated
Roles updated (3): read-only.toml, explorer.toml, edit-local.toml —
reference new names directly.
Tests: kei-agent-runtime 41/41 (was 40, +1 deprecated_aliases_resolve
_to_new_names), _assembler 40/40 unchanged (substrate role expansion
follows new paths).
Docs updated: AGENT-ROLES.md, AGENT-SUBSTRATE-SCHEMA.md, 4 _manifests
referencing the old names (comment-only annotations).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
30 lines
1 KiB
TOML
30 lines
1 KiB
TOML
[role]
|
|
name = "edit-local"
|
|
display-name = "code-implementer (local edit scope)"
|
|
description = "Write code within whitelisted files, run cargo check/test, emit structured report. No git, no workspace-level touches, no dep bumps."
|
|
spawnable = true
|
|
# Default Claude Code subagent_type to hand `prepare` output to.
|
|
# Overridable per-task; see docs/AGENT-SUBSTRATE-SCHEMA.md §Orchestrator ergonomics.
|
|
claude-subagent-type = "code-implementer"
|
|
|
|
[capabilities]
|
|
# Ordered list — text.md fragments concatenated in this order
|
|
required = [
|
|
"policy::no-git-ops",
|
|
"scope::files-whitelist",
|
|
"scope::files-denylist",
|
|
"quality::constructor-pattern",
|
|
"quality::cargo-check-green",
|
|
"quality::tests-green",
|
|
"safety::no-dep-bump",
|
|
"output::report-format",
|
|
]
|
|
|
|
[tools]
|
|
# Tool allowlist — anything not in this list is denied
|
|
allowed = ["Read", "Write", "Edit", "Glob", "Grep", "Bash"]
|
|
# Bash further restricted by tools::bash-allowlist-adjacent patterns
|
|
bash-patterns-allowed = ['^cargo( |$)', '^mkdir( |$)', '^rm -rf /tmp/']
|
|
|
|
[escalation]
|
|
policy = "ask-via-return"
|