feat(WARDEN-WP-0021): T3-T5 — visibility, approve loop, runbook (scheduled worker complete)

T4 (review→send loop): conservative tick persists structured drafts to
state_dir/worker-drafts.json; `warden worker drafts` lists them, `warden worker approve
<id> [--body …]` sends the reviewed draft as the reply + marks read + drops it. Escalated
plans persist no draft. Live-verified end-to-end.

T3 (visibility): `warden worker status` (pending drafts, triage count, last digest, timer
state); best-effort notify-send nudge in the tick when drafts are pending.

T5: wiki/playbooks/scheduled-worker.md (enable/disable, the approve loop, failure modes,
conservative-only posture) + SCOPE note.

WARDEN-WP-0021 finished: the conservative worker now runs on a systemd --user timer
(enabled, every 15 min), triages new inbox messages into drafts you approve with one
command, degrades gracefully, and stops with one command. 249 tests, lint clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-06-30 15:24:10 +02:00
parent 9dc1db0162
commit a10bbd2162
7 changed files with 253 additions and 6 deletions

View File

@@ -139,8 +139,10 @@ for the rest.
- Coordination worker (`warden worker`, WP-0020) — autonomous triage of ops-warden's
State Hub inbox via llm-connect. **Conservative by default** (triage + drafted replies,
sends nothing); `--full-auto` opt-in. Four guardrails (fixed charter, action allowlist,
no-secret invariant, dry-run/audit) enforced regardless of the brain. Schedulable via
`scripts/worker-tick.sh` (ships disabled)
no-secret invariant, dry-run/audit) enforced regardless of the brain. **Scheduled**
(WP-0021) via a `systemd --user` timer (`scripts/install-worker-timer.sh`); review loop
`warden worker drafts | approve <id>` + `worker status`; one-command kill switch
(`wiki/playbooks/scheduled-worker.md`)
- Runbooks for OpenBao config and Inter-Hub bootstrap SSH envelope
### Stewardship (documentation and alignment)