Add Claude Code support, credential routing polish, and CYA-WP-0006

Mirror sibling-repo Claude setup (CLAUDE.md + .claude/rules/*), align
AGENTS.md with fleet credential-routing template, and close housekeeping
gaps (WP-0002-T05 done, WP-0005 status note). Draft CYA-WP-0006 for
Profile 1 production hardening as the proposed next slice.
This commit is contained in:
2026-06-19 20:33:13 +02:00
parent ad11632bd4
commit f4e965cc04
14 changed files with 600 additions and 3 deletions

32
.claude/rules/agents.md Normal file
View File

@@ -0,0 +1,32 @@
## Agent entry points
| Runtime | Canonical instructions |
| --- | --- |
| **Grok / Codex** (shell) | `AGENTS.md` at repo root |
| **Claude Code** | This file tree via `CLAUDE.md` |
`AGENTS.md` and `.claude/rules/` are kept in sync for repo-specific content.
Fleet-wide credential routing is mirrored in `credential-routing.md` and the
matching section of `AGENTS.md` — re-sync from `~/ops-warden/wiki/CredentialRouting.md`
when the catalog changes.
## Kaizen Agents
Specialized agent personas available on demand via the state-hub MCP.
**Discover:** `list_kaizen_agents()` — returns all agents with name, description, category
**Load:** `get_kaizen_agent("tdd-workflow")` — returns full instructions; read and follow them
Common agents:
| Agent | Category | When to use |
|-------|----------|-------------|
| `tdd-workflow` | testing | Step-by-step TDD8 workflow for any feature |
| `code-refactoring` | quality | Code quality analysis and safe refactoring |
| `test-maintenance` | testing | Diagnose and fix failing tests |
| `requirements-engineering` | process | Prevent interface/mock mismatches upfront |
| `keepaTodofile` | process | Maintain TODO.md during work |
| `project-management` | process | Track status, determine next steps |
| `datamodel-optimization` | quality | Optimize dataclasses and data structures |
All 17 agents: call `list_kaizen_agents()` for the full list.

View File

@@ -0,0 +1,23 @@
## Architecture
**Request pipeline** (`src/cya/orchestrator.py`):
1. Collect local context (`context/collector.py`)
2. Recall memory via phase-memory ports (`memory/__init__.py`)
3. Classify risk (`safety/risk.py`) — rule-based; memory signals add caution only
4. Call LLM via `LLMAdapter` Protocol (`llm/adapter.py`) — FakeLLMAdapter today
5. Render explainable response (Rich)
**Memory (Profile 0 + Profile 1 spike):**
- User-controlled local JSON behind explicit ports (`remember`, `recall`, `forget`, `export`)
- Kinds: `preference`, `retrospection`, `interaction_goal`, `reflection`
- Directory/project-bound activation via `activation_context`
- `cya retrospect` feeds higher-order memory; optional verbal lesson capture (Profile 1)
**Boundaries:** See `repo-boundary.md`. No production path bypasses the adapter or memory ports.
## Quick Reference
- Memory contract: `MemoryVision.md`
- Activation/retrospection concept: `docs/cya-memory-activation-and-retrospection-concept.md`
- phase-memory feedback: `docs/phase-memory-optimization-suggestions.md`
- `~/state-hub/mcp_server/TOOLS.md` — MCP tool reference

View File

@@ -0,0 +1,54 @@
# Credential and access routing
> Fleet template mirrored in `AGENTS.md` (Credential and access routing section).
> Re-sync both from `~/ops-warden/wiki/CredentialRouting.md` when the catalog changes.
**Audience:** Codex, Claude Code, Grok, and custodian agents that call **llm-connect**
for inference. Run this check **before** requesting secrets, API keys, SSH access,
login tokens, or database passwords — in any repo, not only `ops-warden`.
ops-warden **issues SSH certificates only** (`warden sign`, `cert_command`). Every
other credential need belongs to another subsystem. **Do not** message
`ops-warden` on State Hub expecting a secret value; the reply is a pointer, not a key.
### Lookup (do this first)
```bash
warden route find "<describe your need>" --json
warden route show <catalog-id> --json
```
Requires the `warden` CLI from `~/ops-warden` (`uv tool install .` or `uv run warden`).
| Agent runtime | How to orient |
| --- | --- |
| **Codex / Grok** (shell, HTTP State Hub) | `warden route` commands above; inbox `to_agent=can-you-assist` is for coordination, not secret vending |
| **Claude Code** (MCP when available) | `get_domain_summary("custodian")` for workstreams; **still** use `warden route` for credential ownership |
| **llm-connect** (inference service) | Never put secret retrieval in prompts; route custody to OpenBao/operator paths surfaced by `warden route` |
### Quick routing table
Prefer `warden route find` for repo-specific needs. Common routes:
| I need… | Owner | ops-warden executes? |
| --- | --- | --- |
| SSH cert (`adm`/`agt`/`atm`) | ops-warden | **Yes**`warden sign` |
| API key, DB password, provider token | OpenBao (`railiance-platform`) | No — route only |
| Login / OIDC / MFA | key-cape / Keycloak | No — route only |
| Authorization decision | flex-auth | No — route only |
| SSH tunnel | ops-bridge (+ `cert_command` from warden) | No — route only |
### Anti-patterns (do not do these)
- `POST /messages/` to `ops-warden` asking for `ISSUE_CORE_API_KEY`, `OPENROUTER_API_KEY`, etc.
- Inventing `warden secret`, `warden login`, `warden bao`, `warden tunnel` — they do not exist
- Pasting secrets into Git, State Hub, workplans, logs, or chat
### Other capabilities (reuse-surface)
Non-credential capabilities are usually discovered through **reuse-surface** federation
(`reuse-surface` registry / `capability.*` indexes). Credential routing is inlined in
every repo's agent instructions because it is high-frequency, high-risk, and easy to
get wrong.
**Canon:** `~/ops-warden/wiki/CredentialRouting.md` · catalog `~/ops-warden/registry/routing/catalog.yaml`

View File

@@ -0,0 +1,37 @@
## First Session Protocol
Triggered when `get_domain_summary("capabilities")` shows **no workstreams**.
The project is registered but work has not yet been structured.
**Step 1 — Read, don't write**
- `INTENT.md`, `README.md`, `SCOPE.md`, `AGENTS.md`, `MemoryVision.md`
- Scan repo root: `src/cya/`, `workplans/`, `tests/`
**Step 2 — Survey in-progress work**
Look for TODOs, open branches, half-finished files. Note done vs. started but incomplete.
**Step 3 — Propose workstreams to Bernd**
Propose 13 workstreams — each a coherent strand, weeks to months, anchored to
INTENT/SCOPE. **Wait for approval before creating.**
**Step 4 — Create workplan file first, then DB record (ADR-001)**
```
workplans/CYA-WP-NNNN-<slug>.md ← write this first
```
Then register in the hub:
```
create_workstream(topic_id="64418556-3206-457a-ba29-6884b5b12cf3", title="...", owner="...", description="...")
create_task(workstream_id="<id>", title="...", priority="high|medium|low")
```
**Step 5 — Record the setup**
```
add_progress_event(
summary="First session: structured capabilities/can-you-assist into N workstreams, M tasks",
event_type="milestone",
topic_id="64418556-3206-457a-ba29-6884b5b12cf3",
detail={"workstreams": [...], "tasks_created": M}
)
```
<!-- Past first session for this repo — retained for fleet consistency -->

View File

@@ -0,0 +1,11 @@
## Repo boundary
This repo owns **can-you-assist** (`cya`) only. It does not own:
- LLM provider access, API clients, or model hosting → `llm-connect`
- Durable memory storage, profile planners, graph/event stores, or lifecycle algorithms → `phase-memory`
- Global work tracking, decisions, or cross-repo coordination → State Hub / custodian
- Credential custody (API keys, DB passwords, OIDC) → OpenBao / key-cape / operator paths (route via `warden route`)
- SSH certificate issuance → `ops-warden` (`warden sign` only)
`cya` integrates via stable seams (`LLMAdapter` Protocol, memory ports). State Hub is non-runtime.

View File

@@ -0,0 +1,7 @@
**Purpose:** Console-native, backend-agnostic LLM assistant (`cya`) for practical local work from the shell, using user-controlled context, memory, and provider configuration.
**Domain:** capabilities
**Repo slug:** can-you-assist
**Topic ID:** 64418556-3206-457a-ba29-6884b5b12cf3
**Workplan prefix:** CYA-WP-
**Command name:** cya

View File

@@ -0,0 +1,90 @@
## Session Protocol
State Hub: http://127.0.0.1:8000 (remote tunnel: http://127.0.0.1:18000)
**Step 1 — Orient**
Read the offline-safe brief first — it works without a live hub connection:
```bash
cat .custodian-brief.md
```
Then call the MCP tool for richer cross-domain context when MCP tools are exposed:
```
get_domain_summary("capabilities")
```
If MCP tools are unavailable in the current agent session, use the REST API:
```bash
curl -s "http://127.0.0.1:8000/workstreams/?topic_id=64418556-3206-457a-ba29-6884b5b12cf3&status=active" \
| python3 -m json.tool
```
If the hub is offline: `cd ~/state-hub && make api`
**Step 2 — Check inbox**
With MCP tools:
```
get_messages(to_agent="can-you-assist", unread_only=True)
```
Mark read with `mark_message_read(message_id)`. Reply or act on coordination
requests before proceeding.
Without MCP tools:
```bash
curl -s "http://127.0.0.1:8000/messages/?to_agent=can-you-assist&unread_only=true" \
| python3 -m json.tool
curl -s -X PATCH "http://127.0.0.1:8000/messages/<id>/read" \
-H "Content-Type: application/json" -d '{}'
```
**Step 3 — Scan workplans**
```bash
ls workplans/
```
For each file with `status: ready`, `active`, or `blocked`, note pending
`todo`/`in_progress` tasks.
**Step 4 — Present brief**
1. **Active workstreams** for `capabilities` — title, task counts, blocking decisions
2. **Pending tasks** from `workplans/` + any `[repo:can-you-assist]` hub tasks
3. **Goal guidance** — if `goal_guidance` in summary:
- `needs_workplan`: surface as top action — *"Repo goal '{title}' has no workplan yet"*
- `alignment_warnings`: flag if active work is not aligned with current goal
4. **Suggested next action** — highest-priority open item
5. **SBOM status** — flag if `last_sbom_at` is unset for this repo
If no workstreams: follow First Session Protocol (`first-session.md`).
**During work:**
- Keep changes small and inspectable.
- Treat command execution safety as product behavior: explain destructive commands and require explicit confirmation before suggesting execution.
- Do not commit secrets, API keys, local transcripts, private notes, or hidden memory contents.
- Before requesting API keys, SSH access, login tokens, or database passwords, run `warden route find` / `warden route show` per `credential-routing.md`.
- `record_decision()` · `add_progress_event()` · `resolve_decision()`
> State Hub is a *read model*. Bootstrap tools (`create_workstream`, `create_task`)
> are First Session Protocol only. Work structure belongs in repo files (ADR-001).
**Session close:**
With MCP tools:
```
add_progress_event(summary="...", topic_id="64418556-3206-457a-ba29-6884b5b12cf3", workstream_id="<uuid>")
```
Without MCP tools:
```bash
curl -s -X POST http://127.0.0.1:8000/progress/ \
-H "Content-Type: application/json" \
-d '{"topic_id":"64418556-3206-457a-ba29-6884b5b12cf3","workstream_id":"<uuid>","event_type":"note","summary":"what changed","author":"codex"}'
```
If workplan files were modified, ensure the local copy is up to date first:
```bash
git -C <repo_path> pull --ff-only
cd ~/state-hub && make fix-consistency REPO=can-you-assist
```
For repos where implementation runs on a remote machine (e.g. CoulombCore),
use the combined target which pulls before fixing:
```bash
cd ~/state-hub && make fix-consistency-remote REPO=can-you-assist
```
**C-15** (DB task ahead of file) is normal in multi-machine workflows — writeback
will sync the file to match DB. **C-16** (repo behind remote) blocks all writes
until you pull — intentional to prevent clobbering remote progress.

View File

@@ -0,0 +1,38 @@
## Stack
- **Language:** Python 3.11+
- **CLI:** Typer + Rich
- **Config:** TOML
- **Packaging:** setuptools + setuptools_scm (`src/` layout)
- **Tests:** pytest
## Dev Commands
```bash
# Recommended: install latest development code
make dev-install
# Run tests
make test
# or: python3 -m pytest tests/ -q
# Build distribution packages
make dist
make release-prep
make check-dist
# Run the assistant
cya "your natural language request here"
cya --help
cya --explain-context "show me what context would be collected"
cya retrospect
# Version / inspection
make version
git status --short
rg --files
```
Current memory baseline: **Profile 0** (local JSON + activation + retrospection).
Profile 1 verbal reflections shipped as a minimal spike (CYA-WP-0005); production
hardening tracked in CYA-WP-0006.

View File

@@ -0,0 +1,28 @@
## Workplan Convention (ADR-001)
File location: `workplans/CYA-WP-NNNN-<slug>.md`
ID prefix: `CYA-WP-`
Work items originate as files in this repo **before** being registered in the hub.
Canonical workplan/workstream frontmatter statuses are:
`proposed`, `ready`, `active`, `blocked`, `backlog`, `finished`, `archived`.
Use `proposed` for a newly drafted plan, `ready` after review against current
repo state, and `finished` when implementation is complete. `stalled` and
`needs_review` are derived health labels, not stored statuses.
Closed workplans may be moved to `workplans/archived/` with a completion-date
prefix: `YYMMDD-CYA-WP-NNNN-<slug>.md`. The frontmatter id remains
unchanged; the prefix is only for quick visual reference.
Small opportunistic tasks discovered during another session use **Ad Hoc Tasks**:
`workplans/ADHOC-YYYY-MM-DD.md`, workstream slug `adhoc-YYYY-MM-DD`, and task ids
`ADHOC-YYYY-MM-DD-T01`, `T02`, etc. Use adhocs only for low-risk work completed
directly. Promote anything requiring analysis, design, approval, dependencies, or
multiple planned phases into a normal workplan.
Ecosystem todos from other agents arrive as `[repo:can-you-assist]` hub tasks —
visible at session start. Pick one up by creating the workplan file, then registering
the workstream.
<!-- Ralph Loop rules and HEUREKA sequence: ~/.claude/CLAUDE.md — do not duplicate here -->