kairos-chain 3.6.2 → 3.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 70e5ff9eff0a25ceba4e38cf6bdb7f0c7fb45bd1f11b9345148625fe86b48be2
-  data.tar.gz: 7de3d8c8b819cc86ab3847a60250ecc98fe1bf66077a10a9f43521910f51480b
+  metadata.gz: b7d045865d5f35b2ceba8abf858cc33219f88690feaf5591183b20154cda36e4
+  data.tar.gz: f333e43070e2268da45be99949d3c85217bfcf2a5d7d691e707fbe26f5b96796
 SHA512:
-  metadata.gz: 4d8385510f0309d0705ac2a311da86f05c62332b77cf0f4cc7a0de7d271863f73e9137320d5d7470d5552c0b3da441500c178b7f3d5d8abd6e0b253ce7d562ed
-  data.tar.gz: f298792554a96d5da897523d9b6342d3fef2bc06e4d9a86d54a829c611fe5885fe6896168f7fc1853e3565bc2f4e71ed86d3740b39b898aaa4b0afc3c5337f4b
+  metadata.gz: 4951cb6216a2f85212c12882c02337fc86e2a8abd906bcfd1322ca7d23760226692608a92626ea807c7a67b44c3f94b6eadd96ef88a6125a551dcca30a951954
+  data.tar.gz: ccf714bf15d9b54219373f9a83560943fcff476cb700a459cf5d62b5c02c02ce87c0986bf81d8b5b3d7c9708b1eb58c94c5e1ecb96c5c5909ec9bf6f562c1d78

data/CHANGELOG.md

@@ -4,6 +4,71 @@ All notable changes to the `kairos-chain` gem will be documented in this file.
 
 This project follows [Semantic Versioning](https://semver.org/).
 
+## [3.8.0] - 2026-03-30
+
+### Added
+
+- **Agent Autonomous Mode** — Multi-cycle OODA loop execution
+  - `agent_start(autonomous: true)`: Enable autonomous mode. Session starts at
+    `[observed]` as before; autonomous loop begins on `agent_step(approve)`.
+  - 8 safety gates: mandate termination, goal drift detection, wall-clock timeout
+    (300s), aggregate LLM budget (60 calls), risk budget, post-ACT termination,
+    confidence-based early exit, checkpoint pause.
+  - New session states: `autonomous_cycling`, `paused_risk`, `paused_error`
+  - Resume handlers: `approve` at `paused_risk` re-checks risk and resumes ACT;
+    `approve`/`skip` at `paused_error` skips failed cycle and continues.
+  - `agent.yml` autonomous config: `max_total_llm_calls`, `max_duration_seconds`,
+    `min_cycles_before_exit`, `confidence_exit_threshold`.
+  - Design: 2 rounds x 3 LLMs. Implementation: 1 round x 3 LLMs. All HIGH fixed.
+
+- **Mandate locking** — `Mandate.with_lock` for single-writer batch execution
+  - File-based exclusive lock (`flock`), non-blocking with `LockError`
+  - Atomic save via tmp+rename pattern
+  - `Mandate.reload` helper for in-lock refresh
+
+- **CognitiveLoop call tracking** — `total_calls` attribute for aggregate
+  LLM budget enforcement across autonomous cycles
+
+- **Goal drift detection** — Content-based hash (not name-only) at mandate
+  creation; per-cycle drift check with fail-open semantics
+
+### Changed
+
+- `run_orient_decide` / `run_act_reflect` refactored into `_internal` (Hash return)
+  + wrapper (text_content) pattern. Manual mode behavior unchanged.
+- Manual risk pause now sets session to `paused_risk` (was `terminated`),
+  enabling resume via `agent_step(approve)`.
+- `MandateAdapter.to_mandate_proposal` uses `dig` for nil safety.
+
+## [3.7.0] - 2026-03-29
+
+### Added
+
+- **Dream SkillSet** — L2 memory consolidation and lifecycle management
+  - `dream_scan`: Pattern detection across L2 sessions — tag co-occurrence,
+    L2/L1 staleness (mtime-based), name overlap (Jaccard), archive candidate detection.
+    Filters soft-archived stubs from promotion candidates.
+  - `dream_archive`: L2 soft-archive — gzip compress .md, move full context directory
+    to archive, leave searchable stub (tags + summary). SHA256 verified inline.
+    Per-context flock. `dry_run: true` by default.
+  - `dream_recall`: Restore archived contexts with SHA256 integrity check.
+    Preview and verify-only modes (read-only, no permission required).
+  - `dream_propose`: Package L1 promotion proposals with ready-to-execute
+    `knowledge_update` commands. Optional Persona Assembly templates.
+  - L2 lifecycle model: Active → Candidate → Soft-Archived → Recalled
+  - `dream_trigger_policy` L1 knowledge for Kairotic trigger heuristics
+  - 119 tests across 27 test sections
+
+- **Agent SkillSet — permission advisory**
+  - `agent_start` now includes `permission_advisory` in response,
+    recommending users configure permission mode (Normal / Auto-allow / Auto-accept)
+    for smoother autonomous operation
+
+### Fixed
+
+- **L1 staleness detection** — use tag overlap and name token matching instead of
+  exact L1 name-in-L2-tags check. Reduces false positives from 48/48 to 7/48.
+
 ## [3.6.0] - 2026-03-28
 
 ### Added

data/lib/kairos_mcp/version.rb

@@ -1,4 +1,4 @@
 module KairosMcp
-  VERSION = "3.6.2"
+  VERSION = "3.8.0"
   CHANGELOG_URL = "https://github.com/masaomi/KairosChain_2026/blob/main/CHANGELOG.md"
 end

data/templates/skillsets/agent/config/agent.yml

@@ -45,5 +45,12 @@ tool_blacklist:
 orient_tools_extra: []
   # - document_status   # uncomment to enable draft checking during ORIENT
 
+# Autonomous mode limits
+autonomous:
+  max_total_llm_calls: 60        # across all cycles in one batch
+  max_duration_seconds: 300      # wall-clock timeout per batch (5 min)
+  min_cycles_before_exit: 2      # confidence exit disabled for first N cycles
+  confidence_exit_threshold: 0.9 # minimum confidence for early exit
+
 # Audit
 audit_level: summary

data/templates/skillsets/agent/lib/agent/cognitive_loop.rb

@@ -7,11 +7,17 @@ module KairosMcp
   module SkillSets
     module Agent
       class CognitiveLoop
+        FALLBACK_PROVIDERS = %w[claude_code].freeze
+
+        attr_reader :total_calls
+
         # @param caller_tool [BaseTool] the agent_step tool instance (has invoke_tool)
         # @param session [Session] current agent session
         def initialize(caller_tool, session)
           @caller = caller_tool
           @session = session
+          @fallback_attempted = false
+          @total_calls = 0
         end
 
         # Generic phase runner for ORIENT, REFLECT, and DECIDE_PREP.
@@ -29,14 +35,13 @@ module KairosMcp
                        'stop_reason' => 'budget' }
             end
 
-            llm_result = @caller.invoke_tool('llm_call', {
+            @total_calls += 1
+            parsed = call_llm_with_fallback(
               'messages' => messages,
               'system' => system_prompt,
               'tools' => available_tools,
               'invocation_context_json' => @session.invocation_context.to_json
-            }, context: @session.invocation_context)
-
-            parsed = JSON.parse(llm_result.map { |b| b[:text] || b['text'] }.compact.join)
+            )
             return { 'error' => parsed['error'] } if parsed['status'] == 'error'
 
             response = parsed['response']
@@ -79,14 +84,14 @@ module KairosMcp
               return { 'error' => 'Budget exceeded for DECIDE phase' }
             end
 
-            llm_result = @caller.invoke_tool('llm_call', {
+            @total_calls += 1
+
+            parsed = call_llm_with_fallback(
               'messages' => messages,
               'system' => system_prompt,
               'tools' => [],
               'invocation_context_json' => @session.invocation_context.to_json
-            }, context: @session.invocation_context)
-
-            parsed = JSON.parse(llm_result.map { |b| b[:text] || b['text'] }.compact.join)
+            )
             return { 'error' => parsed['error'] } if parsed['status'] == 'error'
 
             response = parsed['response']
@@ -110,7 +115,7 @@ module KairosMcp
             begin
               decision = JSON.parse(json_str)
               task_json_str = JSON.generate(decision['task_json'])
-              Autoexec::TaskDsl.from_json(task_json_str)
+              ::Autoexec::TaskDsl.from_json(task_json_str)
               return { 'decision_payload' => decision }
             rescue => e
               if attempts >= max_repair
@@ -127,6 +132,61 @@ module KairosMcp
 
         private
 
+        # Call llm_call with automatic provider fallback on auth errors.
+        # Tries the configured provider first. On auth_error, switches to
+        # fallback providers (claude_code) via llm_configure, then retries once.
+        def call_llm_with_fallback(arguments)
+          llm_result = @caller.invoke_tool('llm_call', arguments,
+                                            context: @session.invocation_context)
+          parsed = JSON.parse(llm_result.map { |b| b[:text] || b['text'] }.compact.join)
+
+          # If not an auth error, or already tried fallback, return as-is
+          error_info = parsed['error']
+          if !error_info || !error_info.is_a?(Hash) || error_info['type'] != 'auth_error' || @fallback_attempted
+            return parsed
+          end
+
+          # Attempt provider fallback
+          original_provider = error_info['provider'] || 'configured'
+          warn "[agent] Auth error from #{original_provider}, attempting provider fallback"
+
+          FALLBACK_PROVIDERS.each do |fallback|
+            @fallback_attempted = true
+            configure_result = try_configure_provider(fallback)
+            next unless configure_result
+
+            warn "[agent] Switched to provider: #{fallback}"
+            retry_result = @caller.invoke_tool('llm_call', arguments,
+                                                context: @session.invocation_context)
+            retry_parsed = JSON.parse(retry_result.map { |b| b[:text] || b['text'] }.compact.join)
+
+            # If this provider also fails with auth_error, try next
+            retry_error = retry_parsed['error']
+            if retry_error.is_a?(Hash) && retry_error['type'] == 'auth_error'
+              warn "[agent] Fallback provider #{fallback} also failed: #{retry_error['message']}"
+              next
+            end
+
+            return retry_parsed
+          end
+
+          # All fallbacks exhausted — return original error with fallback info
+          parsed['error']['fallback_attempted'] = true
+          parsed['error']['fallback_exhausted'] = true
+          parsed
+        end
+
+        def try_configure_provider(provider)
+          args = { 'provider' => provider }
+          result = @caller.invoke_tool('llm_configure', args,
+                                        context: @session.invocation_context)
+          parsed = JSON.parse(result.map { |b| b[:text] || b['text'] }.compact.join)
+          parsed['status'] == 'ok'
+        rescue StandardError => e
+          warn "[agent] Failed to configure provider #{provider}: #{e.message}"
+          false
+        end
+
         def extract_json(content)
           JSON.parse(content)
           content

data/templates/skillsets/agent/lib/agent/mandate_adapter.rb

@@ -11,7 +11,7 @@ module KairosMcp
         def self.to_mandate_proposal(decision_payload)
           {
             autoexec_task: {
-              steps: (decision_payload['task_json']['steps'] || []).map { |s|
+              steps: (decision_payload.dig('task_json', 'steps') || []).map { |s|
                 { risk: s['risk'] || 'low', tool_name: s['tool_name'] }
               }
             },

data/templates/skillsets/agent/lib/agent/session.rb

@@ -8,19 +8,25 @@ module KairosMcp
     module Agent
       class Session
         attr_reader :session_id, :mandate_id, :goal_name, :invocation_context,
-                    :state, :cycle_number, :config
+                    :state, :cycle_number, :config, :autonomous
 
-        def initialize(session_id:, mandate_id:, goal_name:, invocation_context:, config:)
+        def initialize(session_id:, mandate_id:, goal_name:, invocation_context:, config:,
+                       autonomous: false)
           @session_id = session_id
           @mandate_id = mandate_id
           @goal_name = goal_name
           @invocation_context = invocation_context
           @config = config
+          @autonomous = autonomous
           @state = 'created'
           @cycle_number = 0
           @snapshots = []
         end
 
+        def autonomous?
+          @autonomous == true
+        end
+
         # Per-phase budget configuration.
         # Returns defaults if the phase is not configured.
         def phase_config(phase_name)
@@ -109,7 +115,7 @@ module KairosMcp
           data = {
             session_id: @session_id, mandate_id: @mandate_id,
             goal_name: @goal_name, state: @state, cycle_number: @cycle_number,
-            config: @config,
+            config: @config, autonomous: @autonomous,
             invocation_context: @invocation_context.to_h
           }
           File.write(state_path, JSON.pretty_generate(data))
@@ -133,7 +139,8 @@ module KairosMcp
             mandate_id: data['mandate_id'],
             goal_name: data['goal_name'],
             invocation_context: ctx,
-            config: data['config']
+            config: data['config'],
+            autonomous: data['autonomous'] || false
           )
           session.instance_variable_set(:@state, data['state'])
           session.instance_variable_set(:@cycle_number, data['cycle_number'] || 0)

data/templates/skillsets/agent/tools/agent_start.rb

@@ -52,6 +52,12 @@ module KairosMcp
                 risk_budget: {
                   type: 'string',
                   description: 'Maximum risk level: "low" or "medium" (default: "low")'
+                },
+                autonomous: {
+                  type: 'boolean',
+                  description: 'Enable autonomous mode (default: false). ' \
+                    'Session starts at [observed] regardless. ' \
+                    'Autonomous loop begins on first agent_step(approve).'
                 }
               },
               required: ['goal_name']
@@ -63,10 +69,14 @@ module KairosMcp
             max_cycles = arguments['max_cycles'] || 3
             checkpoint_every = arguments['checkpoint_every'] || 1
             risk_budget = arguments['risk_budget'] || 'low'
+            autonomous = arguments['autonomous'] == true
+
+            # Pre-resolve goal content for content-based drift detection hash
+            pre_obs = run_observe(goal_name)
+            goal_content_for_hash = pre_obs['goal_content'] || goal_name
+            goal_hash = Digest::SHA256.hexdigest(goal_content_for_hash)[0..15]
 
-            # Create mandate via Autonomos
-            goal_hash = Digest::SHA256.hexdigest(goal_name)[0..15]
-            mandate = Autonomos::Mandate.create(
+            mandate = ::Autonomos::Mandate.create(
               goal_name: goal_name,
               goal_hash: goal_hash,
               max_cycles: max_cycles,
@@ -85,23 +95,30 @@ module KairosMcp
               mandate_id: mandate[:mandate_id],
               goal_name: goal_name,
               invocation_context: ctx,
-              config: config
+              config: config,
+              autonomous: autonomous
             )
 
-            # OBSERVE (no LLM — direct Ruby)
-            observation = run_observe(goal_name)
+            # OBSERVE: reuse pre-resolved observation (avoids duplicate L2/L1 lookups)
+            observation = pre_obs
 
             session.save_observation(observation)
             session.update_state('observed')
             session.save
 
-            text_content(JSON.generate({
+            result = {
               'status' => 'ok',
               'session_id' => session_id,
               'mandate_id' => mandate[:mandate_id],
               'state' => 'observed',
+              'autonomous' => autonomous,
               'observation' => observation
-            }))
+            }
+
+            # Advisory: suggest permission mode for autonomous operation
+            result['permission_advisory'] = permission_advisory_message
+
+            text_content(JSON.generate(result))
           rescue ArgumentError => e
             text_content(JSON.generate({ 'status' => 'error', 'error' => e.message }))
           rescue StandardError => e
@@ -126,14 +143,30 @@ module KairosMcp
             )
           end
 
+          def permission_advisory_message
+            <<~MSG.strip
+              This agent session will execute tools autonomously.
+              For smoother operation, consider adjusting your permission mode:
+
+              1. Normal (default) — ask for each command. Safest, but interrupts flow.
+              2. Auto-allow — pre-approved commands only. Balanced.
+                 Configure in .claude/settings.local.json permissions.allow array.
+              3. Auto-accept — allow everything. Fastest for trusted tasks.
+                 Run /permissions and select auto mode, or start with --dangerously-skip-permissions.
+
+              Recommendation: For implementation + multi-LLM review workflows, auto-allow
+              with ruby/codex/agent commands pre-approved provides the best balance.
+            MSG
+          end
+
           def run_observe(goal_name)
             # Gather observation data without LLM
             observation = { 'goal_name' => goal_name, 'timestamp' => Time.now.iso8601 }
 
-            # Try to load goal from L2/L1
-            if defined?(Autonomos::Ooda)
+            # Load environment data via Autonomos::Ooda
+            if defined?(::Autonomos::Ooda)
               begin
-                helper = Class.new { include Autonomos::Ooda }.new
+                helper = Class.new { include ::Autonomos::Ooda }.new
                 ooda_obs = helper.observe(goal_name)
                 observation.merge!(ooda_obs.transform_keys(&:to_s)) if ooda_obs.is_a?(Hash)
               rescue StandardError => e
@@ -141,8 +174,47 @@ module KairosMcp
               end
             end
 
+            # Load goal content from L2/L1 so Orient has context to analyze
+            begin
+              if defined?(::Autonomos::Ooda)
+                helper = Class.new { include ::Autonomos::Ooda }.new
+                goal = helper.load_goal(goal_name)
+              else
+                goal = load_goal_fallback(goal_name)
+              end
+              if goal && goal[:found]
+                observation['goal_content'] = goal[:content]
+                observation['goal_source'] = goal[:source].to_s
+              end
+            rescue StandardError => e
+              observation['goal_load_error'] = e.message
+            end
+
             observation
           end
+
+          def load_goal_fallback(goal_name)
+            # Direct L2/L1 lookup when Autonomos::Ooda is unavailable
+            if defined?(KairosMcp::ContextManager)
+              ctx_mgr = KairosMcp::ContextManager.new
+              ctx_mgr.list_sessions.each do |session|
+                entry = ctx_mgr.get_context(session[:session_id], goal_name)
+                if entry && entry.respond_to?(:content) && entry.content && !entry.content.strip.empty?
+                  return { content: entry.content, found: true, source: :l2 }
+                end
+              end
+            end
+            if defined?(KairosMcp::KnowledgeProvider)
+              provider = KairosMcp::KnowledgeProvider.new(nil)
+              result = provider.get(goal_name)
+              if result && result[:content] && !result[:content].strip.empty?
+                return { content: result[:content], found: true, source: :l1 }
+              end
+            end
+            { content: nil, found: false }
+          rescue StandardError
+            { content: nil, found: false }
+          end
         end
       end
     end