@askexenow/exe-os 0.8.53 → 0.8.55
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/backfill-conversations.js +113 -10
- package/dist/bin/backfill-responses.js +113 -10
- package/dist/bin/backfill-vectors.js +147 -13
- package/dist/bin/cleanup-stale-review-tasks.js +113 -10
- package/dist/bin/cli.js +337 -211
- package/dist/bin/exe-agent.js +99 -4
- package/dist/bin/exe-assign.js +113 -10
- package/dist/bin/exe-boot.js +276 -85
- package/dist/bin/exe-call.js +107 -5
- package/dist/bin/exe-doctor.js +183 -13
- package/dist/bin/exe-export-behaviors.js +113 -10
- package/dist/bin/exe-forget.js +113 -10
- package/dist/bin/exe-gateway.js +131 -12
- package/dist/bin/exe-heartbeat.js +121 -11
- package/dist/bin/exe-kill.js +113 -10
- package/dist/bin/exe-launch-agent.js +113 -10
- package/dist/bin/exe-link.js +10 -2
- package/dist/bin/exe-new-employee.js +95 -0
- package/dist/bin/exe-pending-messages.js +113 -10
- package/dist/bin/exe-pending-notifications.js +113 -10
- package/dist/bin/exe-pending-reviews.js +122 -11
- package/dist/bin/exe-rename.js +95 -0
- package/dist/bin/exe-review.js +113 -10
- package/dist/bin/exe-search.js +113 -10
- package/dist/bin/exe-session-cleanup.js +131 -12
- package/dist/bin/exe-status.js +113 -10
- package/dist/bin/exe-team.js +113 -10
- package/dist/bin/git-sweep.js +131 -12
- package/dist/bin/graph-backfill.js +113 -10
- package/dist/bin/graph-export.js +113 -10
- package/dist/bin/scan-tasks.js +131 -12
- package/dist/bin/setup.js +107 -5
- package/dist/bin/shard-migrate.js +113 -10
- package/dist/bin/wiki-sync.js +113 -10
- package/dist/gateway/index.js +131 -12
- package/dist/hooks/bug-report-worker.js +131 -12
- package/dist/hooks/commit-complete.js +131 -12
- package/dist/hooks/error-recall.js +113 -10
- package/dist/hooks/ingest-worker.js +131 -12
- package/dist/hooks/instructions-loaded.js +113 -10
- package/dist/hooks/notification.js +113 -10
- package/dist/hooks/post-compact.js +113 -10
- package/dist/hooks/pre-compact.js +131 -12
- package/dist/hooks/pre-tool-use.js +113 -10
- package/dist/hooks/prompt-ingest-worker.js +113 -10
- package/dist/hooks/prompt-submit.js +140 -14
- package/dist/hooks/response-ingest-worker.js +113 -10
- package/dist/hooks/session-end.js +113 -10
- package/dist/hooks/session-start.js +113 -10
- package/dist/hooks/stop.js +113 -10
- package/dist/hooks/subagent-stop.js +113 -10
- package/dist/hooks/summary-worker.js +231 -114
- package/dist/index.js +131 -12
- package/dist/lib/cloud-sync.js +10 -2
- package/dist/lib/employee-templates.js +99 -4
- package/dist/lib/exe-daemon.js +4859 -4706
- package/dist/lib/hybrid-search.js +113 -10
- package/dist/lib/schedules.js +113 -10
- package/dist/lib/store.js +113 -10
- package/dist/lib/tasks.js +18 -2
- package/dist/lib/tmux-routing.js +18 -2
- package/dist/mcp/server.js +214 -28
- package/dist/mcp/tools/create-task.js +18 -2
- package/dist/mcp/tools/list-tasks.js +18 -2
- package/dist/runtime/index.js +131 -12
- package/dist/tui/App.js +337 -211
- package/package.json +2 -2
|
@@ -1543,6 +1543,103 @@ var init_shard_manager = __esm({
|
|
|
1543
1543
|
}
|
|
1544
1544
|
});
|
|
1545
1545
|
|
|
1546
|
+
// src/lib/platform-procedures.ts
|
|
1547
|
+
var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
|
|
1548
|
+
var init_platform_procedures = __esm({
|
|
1549
|
+
"src/lib/platform-procedures.ts"() {
|
|
1550
|
+
"use strict";
|
|
1551
|
+
PLATFORM_PROCEDURES = [
|
|
1552
|
+
// --- Foundation: what is exe-os ---
|
|
1553
|
+
{
|
|
1554
|
+
title: "What is exe-os \u2014 the operating model every agent must understand",
|
|
1555
|
+
domain: "architecture",
|
|
1556
|
+
priority: "p0",
|
|
1557
|
+
content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
|
|
1558
|
+
},
|
|
1559
|
+
{
|
|
1560
|
+
title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
|
|
1561
|
+
domain: "architecture",
|
|
1562
|
+
priority: "p0",
|
|
1563
|
+
content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
|
|
1564
|
+
},
|
|
1565
|
+
{
|
|
1566
|
+
title: "Sessions explained \u2014 what exeN means and how projects work",
|
|
1567
|
+
domain: "architecture",
|
|
1568
|
+
priority: "p0",
|
|
1569
|
+
content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
|
|
1570
|
+
},
|
|
1571
|
+
// --- Hierarchy and dispatch ---
|
|
1572
|
+
{
|
|
1573
|
+
title: "Chain of command \u2014 who talks to whom",
|
|
1574
|
+
domain: "workflow",
|
|
1575
|
+
priority: "p0",
|
|
1576
|
+
content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
|
|
1577
|
+
},
|
|
1578
|
+
{
|
|
1579
|
+
title: "Single dispatch path \u2014 create_task only",
|
|
1580
|
+
domain: "workflow",
|
|
1581
|
+
priority: "p0",
|
|
1582
|
+
content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
|
|
1583
|
+
},
|
|
1584
|
+
// --- Session isolation ---
|
|
1585
|
+
{
|
|
1586
|
+
title: "Session scoping \u2014 stay in your exe boundary",
|
|
1587
|
+
domain: "security",
|
|
1588
|
+
priority: "p0",
|
|
1589
|
+
content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
|
|
1590
|
+
},
|
|
1591
|
+
{
|
|
1592
|
+
title: "Session isolation \u2014 never touch another session's work",
|
|
1593
|
+
domain: "workflow",
|
|
1594
|
+
priority: "p0",
|
|
1595
|
+
content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
|
|
1596
|
+
},
|
|
1597
|
+
// --- Engineering: session scoping in code ---
|
|
1598
|
+
{
|
|
1599
|
+
title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
|
|
1600
|
+
domain: "architecture",
|
|
1601
|
+
priority: "p0",
|
|
1602
|
+
content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
|
|
1603
|
+
},
|
|
1604
|
+
// --- Hard constraints ---
|
|
1605
|
+
{
|
|
1606
|
+
title: "What you CANNOT do in exe-os \u2014 hard constraints",
|
|
1607
|
+
domain: "security",
|
|
1608
|
+
priority: "p0",
|
|
1609
|
+
content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
|
|
1610
|
+
},
|
|
1611
|
+
// --- Operations ---
|
|
1612
|
+
{
|
|
1613
|
+
title: "Managers must supervise deployed workers",
|
|
1614
|
+
domain: "workflow",
|
|
1615
|
+
priority: "p0",
|
|
1616
|
+
content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
|
|
1617
|
+
},
|
|
1618
|
+
{
|
|
1619
|
+
title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
|
|
1620
|
+
domain: "workflow",
|
|
1621
|
+
priority: "p0",
|
|
1622
|
+
content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
|
|
1623
|
+
},
|
|
1624
|
+
{
|
|
1625
|
+
title: "exe-build-adv mandatory for 3+ files",
|
|
1626
|
+
domain: "workflow",
|
|
1627
|
+
priority: "p0",
|
|
1628
|
+
content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
|
|
1629
|
+
},
|
|
1630
|
+
{
|
|
1631
|
+
title: "Desktop and TUI are the same product",
|
|
1632
|
+
domain: "architecture",
|
|
1633
|
+
priority: "p0",
|
|
1634
|
+
content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
|
|
1635
|
+
}
|
|
1636
|
+
];
|
|
1637
|
+
PLATFORM_PROCEDURE_TITLES = new Set(
|
|
1638
|
+
PLATFORM_PROCEDURES.map((p) => p.title)
|
|
1639
|
+
);
|
|
1640
|
+
}
|
|
1641
|
+
});
|
|
1642
|
+
|
|
1546
1643
|
// src/lib/global-procedures.ts
|
|
1547
1644
|
var global_procedures_exports = {};
|
|
1548
1645
|
__export(global_procedures_exports, {
|
|
@@ -1558,22 +1655,25 @@ async function loadGlobalProcedures() {
|
|
|
1558
1655
|
sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
|
|
1559
1656
|
args: []
|
|
1560
1657
|
});
|
|
1561
|
-
const
|
|
1562
|
-
|
|
1563
|
-
|
|
1658
|
+
const allRows = result.rows;
|
|
1659
|
+
const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
|
|
1660
|
+
if (customerOnly.length > 0) {
|
|
1661
|
+
_customerCache = customerOnly.map((p) => `### ${p.title}
|
|
1564
1662
|
${p.content}`).join("\n\n");
|
|
1565
1663
|
} else {
|
|
1566
|
-
|
|
1664
|
+
_customerCache = "";
|
|
1567
1665
|
}
|
|
1568
1666
|
_cacheLoaded = true;
|
|
1569
|
-
return
|
|
1667
|
+
return customerOnly;
|
|
1570
1668
|
}
|
|
1571
1669
|
function getGlobalProceduresBlock() {
|
|
1572
|
-
|
|
1573
|
-
if (
|
|
1670
|
+
const sections = [];
|
|
1671
|
+
if (_platformCache) sections.push(_platformCache);
|
|
1672
|
+
if (_cacheLoaded && _customerCache) sections.push(_customerCache);
|
|
1673
|
+
if (sections.length === 0) return "";
|
|
1574
1674
|
return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
|
|
1575
1675
|
|
|
1576
|
-
${
|
|
1676
|
+
${sections.join("\n\n")}
|
|
1577
1677
|
`;
|
|
1578
1678
|
}
|
|
1579
1679
|
async function storeGlobalProcedure(input2) {
|
|
@@ -1598,13 +1698,16 @@ async function deactivateGlobalProcedure(id) {
|
|
|
1598
1698
|
await loadGlobalProcedures();
|
|
1599
1699
|
return result.rowsAffected > 0;
|
|
1600
1700
|
}
|
|
1601
|
-
var
|
|
1701
|
+
var _customerCache, _cacheLoaded, _platformCache;
|
|
1602
1702
|
var init_global_procedures = __esm({
|
|
1603
1703
|
"src/lib/global-procedures.ts"() {
|
|
1604
1704
|
"use strict";
|
|
1605
1705
|
init_database();
|
|
1606
|
-
|
|
1706
|
+
init_platform_procedures();
|
|
1707
|
+
_customerCache = "";
|
|
1607
1708
|
_cacheLoaded = false;
|
|
1709
|
+
_platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
|
|
1710
|
+
${p.content}`).join("\n\n");
|
|
1608
1711
|
}
|
|
1609
1712
|
});
|
|
1610
1713
|
|
|
@@ -4009,16 +4112,32 @@ __export(tasks_review_exports, {
|
|
|
4009
4112
|
});
|
|
4010
4113
|
import path16 from "path";
|
|
4011
4114
|
import { existsSync as existsSync14, readdirSync as readdirSync5, unlinkSync as unlinkSync4 } from "fs";
|
|
4012
|
-
async function countPendingReviews() {
|
|
4115
|
+
async function countPendingReviews(sessionScope) {
|
|
4013
4116
|
const client = getClient();
|
|
4117
|
+
if (sessionScope) {
|
|
4118
|
+
const result2 = await client.execute({
|
|
4119
|
+
sql: "SELECT COUNT(*) as cnt FROM tasks WHERE status = 'needs_review' AND (session_scope = ? OR session_scope IS NULL)",
|
|
4120
|
+
args: [sessionScope]
|
|
4121
|
+
});
|
|
4122
|
+
return Number(result2.rows[0]?.cnt) || 0;
|
|
4123
|
+
}
|
|
4014
4124
|
const result = await client.execute({
|
|
4015
4125
|
sql: "SELECT COUNT(*) as cnt FROM tasks WHERE status = 'needs_review'",
|
|
4016
4126
|
args: []
|
|
4017
4127
|
});
|
|
4018
4128
|
return Number(result.rows[0]?.cnt) || 0;
|
|
4019
4129
|
}
|
|
4020
|
-
async function countNewPendingReviewsSince(sinceIso) {
|
|
4130
|
+
async function countNewPendingReviewsSince(sinceIso, sessionScope) {
|
|
4021
4131
|
const client = getClient();
|
|
4132
|
+
if (sessionScope) {
|
|
4133
|
+
const result2 = await client.execute({
|
|
4134
|
+
sql: `SELECT COUNT(*) as cnt FROM tasks
|
|
4135
|
+
WHERE status = 'needs_review' AND updated_at > ?
|
|
4136
|
+
AND (session_scope = ? OR session_scope IS NULL)`,
|
|
4137
|
+
args: [sinceIso, sessionScope]
|
|
4138
|
+
});
|
|
4139
|
+
return Number(result2.rows[0]?.cnt) || 0;
|
|
4140
|
+
}
|
|
4022
4141
|
const result = await client.execute({
|
|
4023
4142
|
sql: `SELECT COUNT(*) as cnt FROM tasks
|
|
4024
4143
|
WHERE status = 'needs_review' AND updated_at > ?`,
|
|
@@ -6708,14 +6827,21 @@ ${fresh.map(
|
|
|
6708
6827
|
const { countPendingReviews: countPendingReviews2, countNewPendingReviewsSince: countNewPendingReviewsSince2 } = await Promise.resolve().then(() => (init_tasks_review(), tasks_review_exports));
|
|
6709
6828
|
const sessionKey = getSessionKey();
|
|
6710
6829
|
const lastCheckPath = path20.join(CACHE_DIR2, `review-lastcheck-${sessionKey}.json`);
|
|
6830
|
+
let sessionScope;
|
|
6831
|
+
try {
|
|
6832
|
+
const { execSync: execSync9 } = await import("child_process");
|
|
6833
|
+
const tmuxSession = execSync9("tmux display-message -p '#{session_name}'", { encoding: "utf8", timeout: 2e3 }).trim();
|
|
6834
|
+
if (/^exe\d+$/.test(tmuxSession)) sessionScope = tmuxSession;
|
|
6835
|
+
} catch {
|
|
6836
|
+
}
|
|
6711
6837
|
let lastCheckedAt = "";
|
|
6712
6838
|
try {
|
|
6713
6839
|
lastCheckedAt = readFileSync13(lastCheckPath, "utf8").trim();
|
|
6714
6840
|
} catch {
|
|
6715
6841
|
}
|
|
6716
|
-
const totalCount = await countPendingReviews2();
|
|
6842
|
+
const totalCount = await countPendingReviews2(sessionScope);
|
|
6717
6843
|
if (totalCount > 0) {
|
|
6718
|
-
const newCount = lastCheckedAt ? await countNewPendingReviewsSince2(lastCheckedAt) : totalCount;
|
|
6844
|
+
const newCount = lastCheckedAt ? await countNewPendingReviewsSince2(lastCheckedAt, sessionScope) : totalCount;
|
|
6719
6845
|
const trimmedPrompt = prompt.trim().toLowerCase();
|
|
6720
6846
|
const idleCommands = /* @__PURE__ */ new Set([
|
|
6721
6847
|
"c",
|
|
@@ -1422,6 +1422,103 @@ var init_shard_manager = __esm({
|
|
|
1422
1422
|
}
|
|
1423
1423
|
});
|
|
1424
1424
|
|
|
1425
|
+
// src/lib/platform-procedures.ts
|
|
1426
|
+
var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
|
|
1427
|
+
var init_platform_procedures = __esm({
|
|
1428
|
+
"src/lib/platform-procedures.ts"() {
|
|
1429
|
+
"use strict";
|
|
1430
|
+
PLATFORM_PROCEDURES = [
|
|
1431
|
+
// --- Foundation: what is exe-os ---
|
|
1432
|
+
{
|
|
1433
|
+
title: "What is exe-os \u2014 the operating model every agent must understand",
|
|
1434
|
+
domain: "architecture",
|
|
1435
|
+
priority: "p0",
|
|
1436
|
+
content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
|
|
1437
|
+
},
|
|
1438
|
+
{
|
|
1439
|
+
title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
|
|
1440
|
+
domain: "architecture",
|
|
1441
|
+
priority: "p0",
|
|
1442
|
+
content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
|
|
1443
|
+
},
|
|
1444
|
+
{
|
|
1445
|
+
title: "Sessions explained \u2014 what exeN means and how projects work",
|
|
1446
|
+
domain: "architecture",
|
|
1447
|
+
priority: "p0",
|
|
1448
|
+
content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
|
|
1449
|
+
},
|
|
1450
|
+
// --- Hierarchy and dispatch ---
|
|
1451
|
+
{
|
|
1452
|
+
title: "Chain of command \u2014 who talks to whom",
|
|
1453
|
+
domain: "workflow",
|
|
1454
|
+
priority: "p0",
|
|
1455
|
+
content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
|
|
1456
|
+
},
|
|
1457
|
+
{
|
|
1458
|
+
title: "Single dispatch path \u2014 create_task only",
|
|
1459
|
+
domain: "workflow",
|
|
1460
|
+
priority: "p0",
|
|
1461
|
+
content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
|
|
1462
|
+
},
|
|
1463
|
+
// --- Session isolation ---
|
|
1464
|
+
{
|
|
1465
|
+
title: "Session scoping \u2014 stay in your exe boundary",
|
|
1466
|
+
domain: "security",
|
|
1467
|
+
priority: "p0",
|
|
1468
|
+
content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
|
|
1469
|
+
},
|
|
1470
|
+
{
|
|
1471
|
+
title: "Session isolation \u2014 never touch another session's work",
|
|
1472
|
+
domain: "workflow",
|
|
1473
|
+
priority: "p0",
|
|
1474
|
+
content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
|
|
1475
|
+
},
|
|
1476
|
+
// --- Engineering: session scoping in code ---
|
|
1477
|
+
{
|
|
1478
|
+
title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
|
|
1479
|
+
domain: "architecture",
|
|
1480
|
+
priority: "p0",
|
|
1481
|
+
content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
|
|
1482
|
+
},
|
|
1483
|
+
// --- Hard constraints ---
|
|
1484
|
+
{
|
|
1485
|
+
title: "What you CANNOT do in exe-os \u2014 hard constraints",
|
|
1486
|
+
domain: "security",
|
|
1487
|
+
priority: "p0",
|
|
1488
|
+
content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
|
|
1489
|
+
},
|
|
1490
|
+
// --- Operations ---
|
|
1491
|
+
{
|
|
1492
|
+
title: "Managers must supervise deployed workers",
|
|
1493
|
+
domain: "workflow",
|
|
1494
|
+
priority: "p0",
|
|
1495
|
+
content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
|
|
1496
|
+
},
|
|
1497
|
+
{
|
|
1498
|
+
title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
|
|
1499
|
+
domain: "workflow",
|
|
1500
|
+
priority: "p0",
|
|
1501
|
+
content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
|
|
1502
|
+
},
|
|
1503
|
+
{
|
|
1504
|
+
title: "exe-build-adv mandatory for 3+ files",
|
|
1505
|
+
domain: "workflow",
|
|
1506
|
+
priority: "p0",
|
|
1507
|
+
content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
|
|
1508
|
+
},
|
|
1509
|
+
{
|
|
1510
|
+
title: "Desktop and TUI are the same product",
|
|
1511
|
+
domain: "architecture",
|
|
1512
|
+
priority: "p0",
|
|
1513
|
+
content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
|
|
1514
|
+
}
|
|
1515
|
+
];
|
|
1516
|
+
PLATFORM_PROCEDURE_TITLES = new Set(
|
|
1517
|
+
PLATFORM_PROCEDURES.map((p) => p.title)
|
|
1518
|
+
);
|
|
1519
|
+
}
|
|
1520
|
+
});
|
|
1521
|
+
|
|
1425
1522
|
// src/lib/global-procedures.ts
|
|
1426
1523
|
var global_procedures_exports = {};
|
|
1427
1524
|
__export(global_procedures_exports, {
|
|
@@ -1437,22 +1534,25 @@ async function loadGlobalProcedures() {
|
|
|
1437
1534
|
sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
|
|
1438
1535
|
args: []
|
|
1439
1536
|
});
|
|
1440
|
-
const
|
|
1441
|
-
|
|
1442
|
-
|
|
1537
|
+
const allRows = result.rows;
|
|
1538
|
+
const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
|
|
1539
|
+
if (customerOnly.length > 0) {
|
|
1540
|
+
_customerCache = customerOnly.map((p) => `### ${p.title}
|
|
1443
1541
|
${p.content}`).join("\n\n");
|
|
1444
1542
|
} else {
|
|
1445
|
-
|
|
1543
|
+
_customerCache = "";
|
|
1446
1544
|
}
|
|
1447
1545
|
_cacheLoaded = true;
|
|
1448
|
-
return
|
|
1546
|
+
return customerOnly;
|
|
1449
1547
|
}
|
|
1450
1548
|
function getGlobalProceduresBlock() {
|
|
1451
|
-
|
|
1452
|
-
if (
|
|
1549
|
+
const sections = [];
|
|
1550
|
+
if (_platformCache) sections.push(_platformCache);
|
|
1551
|
+
if (_cacheLoaded && _customerCache) sections.push(_customerCache);
|
|
1552
|
+
if (sections.length === 0) return "";
|
|
1453
1553
|
return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
|
|
1454
1554
|
|
|
1455
|
-
${
|
|
1555
|
+
${sections.join("\n\n")}
|
|
1456
1556
|
`;
|
|
1457
1557
|
}
|
|
1458
1558
|
async function storeGlobalProcedure(input) {
|
|
@@ -1477,13 +1577,16 @@ async function deactivateGlobalProcedure(id) {
|
|
|
1477
1577
|
await loadGlobalProcedures();
|
|
1478
1578
|
return result.rowsAffected > 0;
|
|
1479
1579
|
}
|
|
1480
|
-
var
|
|
1580
|
+
var _customerCache, _cacheLoaded, _platformCache;
|
|
1481
1581
|
var init_global_procedures = __esm({
|
|
1482
1582
|
"src/lib/global-procedures.ts"() {
|
|
1483
1583
|
"use strict";
|
|
1484
1584
|
init_database();
|
|
1485
|
-
|
|
1585
|
+
init_platform_procedures();
|
|
1586
|
+
_customerCache = "";
|
|
1486
1587
|
_cacheLoaded = false;
|
|
1588
|
+
_platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
|
|
1589
|
+
${p.content}`).join("\n\n");
|
|
1487
1590
|
}
|
|
1488
1591
|
});
|
|
1489
1592
|
|
|
@@ -1481,6 +1481,103 @@ var init_shard_manager = __esm({
|
|
|
1481
1481
|
}
|
|
1482
1482
|
});
|
|
1483
1483
|
|
|
1484
|
+
// src/lib/platform-procedures.ts
|
|
1485
|
+
var PLATFORM_PROCEDURES, PLATFORM_PROCEDURE_TITLES;
|
|
1486
|
+
var init_platform_procedures = __esm({
|
|
1487
|
+
"src/lib/platform-procedures.ts"() {
|
|
1488
|
+
"use strict";
|
|
1489
|
+
PLATFORM_PROCEDURES = [
|
|
1490
|
+
// --- Foundation: what is exe-os ---
|
|
1491
|
+
{
|
|
1492
|
+
title: "What is exe-os \u2014 the operating model every agent must understand",
|
|
1493
|
+
domain: "architecture",
|
|
1494
|
+
priority: "p0",
|
|
1495
|
+
content: "Exe OS is an AI employee operating system. A founder runs 5-10 AI agents as a real org: COO (exe), CTO (yoshi), CMO (mari), engineers (tom), content (sasha). Each agent has identity, expertise, and experience layers \u2014 persistent memory that makes them better over time. All data is local-first, E2EE, owned by the user. The MCP server is the ONLY data interface \u2014 never access the DB directly."
|
|
1496
|
+
},
|
|
1497
|
+
{
|
|
1498
|
+
title: "Mode 1 \u2014 how exe-os runs inside Claude Code",
|
|
1499
|
+
domain: "architecture",
|
|
1500
|
+
priority: "p0",
|
|
1501
|
+
content: "Mode 1: exe-os runs AS hooks + MCP + skills inside Claude Code. The founder opens CC, runs /exe to boot the COO. exe manages employees in tmux sessions. Each exeN is a separate CC window/project. Employees (yoshi, tom, mari) run in their own tmux panes via create_task auto-spawn. The founder talks to exe; exe orchestrates the team. CC is the shell, exe-os is the brain."
|
|
1502
|
+
},
|
|
1503
|
+
{
|
|
1504
|
+
title: "Sessions explained \u2014 what exeN means and how projects work",
|
|
1505
|
+
domain: "architecture",
|
|
1506
|
+
priority: "p0",
|
|
1507
|
+
content: "Each exeN (exe1, exe2, exe3) is an isolated project session. exe1 might be exe-os development, exe2 might be exe-wiki. Each session spawns its own employees: exe1\u2192yoshi-exe1\u2192tom-exe1. Sessions share the same memory DB but tasks are scoped to the session that created them. A founder can run multiple projects simultaneously. Sessions never interfere with each other."
|
|
1508
|
+
},
|
|
1509
|
+
// --- Hierarchy and dispatch ---
|
|
1510
|
+
{
|
|
1511
|
+
title: "Chain of command \u2014 who talks to whom",
|
|
1512
|
+
domain: "workflow",
|
|
1513
|
+
priority: "p0",
|
|
1514
|
+
content: "Founder \u2192 exe (COO) \u2192 yoshi (CTO) / mari (CMO). Yoshi \u2192 tom (engineer). Mari \u2192 sasha (content). Never skip levels: exe never assigns directly to tom. Tom never reports directly to exe. If you need cross-team info, use ask_team_memory \u2014 don't read other agents' task folders. Each level owns dispatch downward and review upward."
|
|
1515
|
+
},
|
|
1516
|
+
{
|
|
1517
|
+
title: "Single dispatch path \u2014 create_task only",
|
|
1518
|
+
domain: "workflow",
|
|
1519
|
+
priority: "p0",
|
|
1520
|
+
content: "create_task is the ONLY way to dispatch work to another agent. No direct ensureEmployee calls, no manual tmux spawns, no send_message for actionable work. create_task \u2192 system auto-spawns \u2192 session correctly named. ONE PATH. No backdoors. No exceptions."
|
|
1521
|
+
},
|
|
1522
|
+
// --- Session isolation ---
|
|
1523
|
+
{
|
|
1524
|
+
title: "Session scoping \u2014 stay in your exe boundary",
|
|
1525
|
+
domain: "security",
|
|
1526
|
+
priority: "p0",
|
|
1527
|
+
content: "Session scoping is mandatory. Managers dispatch to workers within their own exe session ONLY. exe1\u2192yoshi-exe1\u2192tom-exe1. exe2\u2192yoshi-exe2\u2192tom2-exe2. Cross-session dispatch is blocked by the system. Verify session names before dispatch. Tasks are scoped to the creating exe session."
|
|
1528
|
+
},
|
|
1529
|
+
{
|
|
1530
|
+
title: "Session isolation \u2014 never touch another session's work",
|
|
1531
|
+
domain: "workflow",
|
|
1532
|
+
priority: "p0",
|
|
1533
|
+
content: `Sessions are isolated. exeN owns ONLY tasks it dispatched. (1) Never close/update/cancel tasks from another exe session. (2) Never review work from a different session \u2014 report "belongs to exeN" and skip. (3) Ignore other sessions' items in list_tasks results. (4) Employees inherit session: yoshi-exe1 works ONLY on exe1 tasks. Cross-session work is a system violation.`
|
|
1534
|
+
},
|
|
1535
|
+
// --- Engineering: session scoping in code ---
|
|
1536
|
+
{
|
|
1537
|
+
title: "Three-dimensional scoping \u2014 session, project, role \u2014 enforced in every query",
|
|
1538
|
+
domain: "architecture",
|
|
1539
|
+
priority: "p0",
|
|
1540
|
+
content: "Every DB query, notification, review count, and task operation MUST be scoped on 3 dimensions: (1) Session \u2014 filter by session_scope matching current exeN. (2) Project \u2014 filter by project_name. (3) Role \u2014 agents only see data at their hierarchy level. When writing ANY function that touches tasks, reviews, messages, or notifications: always accept a sessionScope parameter and pass it to the SQL WHERE clause. Unscoped queries are bugs. Test by running 2+ exe sessions simultaneously."
|
|
1541
|
+
},
|
|
1542
|
+
// --- Hard constraints ---
|
|
1543
|
+
{
|
|
1544
|
+
title: "What you CANNOT do in exe-os \u2014 hard constraints",
|
|
1545
|
+
domain: "security",
|
|
1546
|
+
priority: "p0",
|
|
1547
|
+
content: "NEVER: (1) Access the database directly \u2014 it's SQLCipher encrypted, always fails. Use MCP tools only. (2) Manually spawn tmux sessions \u2014 create_task handles it. (3) Run git checkout main \u2014 agents work in worktrees. (4) Modify another agent's in-progress task. (5) Push to remote \u2014 exe reviews and pushes. (6) Skip update_task(done) \u2014 it's the ONLY way your work gets reviewed. (7) Run git init."
|
|
1548
|
+
},
|
|
1549
|
+
// --- Operations ---
|
|
1550
|
+
{
|
|
1551
|
+
title: "Managers must supervise deployed workers",
|
|
1552
|
+
domain: "workflow",
|
|
1553
|
+
priority: "p0",
|
|
1554
|
+
content: `Every manager (COO/CTO/CMO) who dispatches work to a worker MUST actively monitor them. Check tmux capture-pane every 10 minutes. Verify they're working, not stuck. If idle at prompt with in_progress task \u2192 send intercom. If stuck \u2192 unblock or escalate. "Standing by" without checking is negligence.`
|
|
1555
|
+
},
|
|
1556
|
+
{
|
|
1557
|
+
title: "COO boot health check \u2014 memory, cloud sync, daemon on every launch",
|
|
1558
|
+
domain: "workflow",
|
|
1559
|
+
priority: "p0",
|
|
1560
|
+
content: "On every /exe boot, COO MUST check system health BEFORE other work: (1) daemon \u2014 is exed PID alive, (2) cloud sync \u2014 grep workers.log for recent cloud-sync errors, (3) memory count \u2014 total in DB, (4) sync delta \u2014 local vs cloud storage_bytes. Report as 4-line status table. If ANY check fails, surface to founder immediately. Do not proceed to tasks until health confirmed."
|
|
1561
|
+
},
|
|
1562
|
+
{
|
|
1563
|
+
title: "exe-build-adv mandatory for 3+ files",
|
|
1564
|
+
domain: "workflow",
|
|
1565
|
+
priority: "p0",
|
|
1566
|
+
content: "exe-build-adv is MANDATORY for ALL work touching 3+ files. Run /exe-build-adv --auto BEFORE implementation. Pipeline: Spec \u2192 AC \u2192 Tests \u2192 Evaluate \u2192 Fix. No multi-file feature ships without pipeline artifacts. No exceptions \u2014 managers reject work without them."
|
|
1567
|
+
},
|
|
1568
|
+
{
|
|
1569
|
+
title: "Desktop and TUI are the same product",
|
|
1570
|
+
domain: "architecture",
|
|
1571
|
+
priority: "p0",
|
|
1572
|
+
content: "Desktop and TUI are the SAME product in different renderers. Same data contracts, same interactions, same acceptance criteria. Desktop tab specs in ARCHITECTURE.md ARE the TUI specs. When building TUI, cross-reference Desktop spec. Different tab names, identical behavior. Never treat them as separate products."
|
|
1573
|
+
}
|
|
1574
|
+
];
|
|
1575
|
+
PLATFORM_PROCEDURE_TITLES = new Set(
|
|
1576
|
+
PLATFORM_PROCEDURES.map((p) => p.title)
|
|
1577
|
+
);
|
|
1578
|
+
}
|
|
1579
|
+
});
|
|
1580
|
+
|
|
1484
1581
|
// src/lib/global-procedures.ts
|
|
1485
1582
|
var global_procedures_exports = {};
|
|
1486
1583
|
__export(global_procedures_exports, {
|
|
@@ -1496,22 +1593,25 @@ async function loadGlobalProcedures() {
|
|
|
1496
1593
|
sql: "SELECT * FROM global_procedures WHERE active = 1 ORDER BY priority ASC, created_at ASC",
|
|
1497
1594
|
args: []
|
|
1498
1595
|
});
|
|
1499
|
-
const
|
|
1500
|
-
|
|
1501
|
-
|
|
1596
|
+
const allRows = result.rows;
|
|
1597
|
+
const customerOnly = allRows.filter((p) => !PLATFORM_PROCEDURE_TITLES.has(p.title));
|
|
1598
|
+
if (customerOnly.length > 0) {
|
|
1599
|
+
_customerCache = customerOnly.map((p) => `### ${p.title}
|
|
1502
1600
|
${p.content}`).join("\n\n");
|
|
1503
1601
|
} else {
|
|
1504
|
-
|
|
1602
|
+
_customerCache = "";
|
|
1505
1603
|
}
|
|
1506
1604
|
_cacheLoaded = true;
|
|
1507
|
-
return
|
|
1605
|
+
return customerOnly;
|
|
1508
1606
|
}
|
|
1509
1607
|
function getGlobalProceduresBlock() {
|
|
1510
|
-
|
|
1511
|
-
if (
|
|
1608
|
+
const sections = [];
|
|
1609
|
+
if (_platformCache) sections.push(_platformCache);
|
|
1610
|
+
if (_cacheLoaded && _customerCache) sections.push(_customerCache);
|
|
1611
|
+
if (sections.length === 0) return "";
|
|
1512
1612
|
return `## Organization-Wide Procedures (MANDATORY \u2014 supersedes all other rules)
|
|
1513
1613
|
|
|
1514
|
-
${
|
|
1614
|
+
${sections.join("\n\n")}
|
|
1515
1615
|
`;
|
|
1516
1616
|
}
|
|
1517
1617
|
async function storeGlobalProcedure(input2) {
|
|
@@ -1536,13 +1636,16 @@ async function deactivateGlobalProcedure(id) {
|
|
|
1536
1636
|
await loadGlobalProcedures();
|
|
1537
1637
|
return result.rowsAffected > 0;
|
|
1538
1638
|
}
|
|
1539
|
-
var
|
|
1639
|
+
var _customerCache, _cacheLoaded, _platformCache;
|
|
1540
1640
|
var init_global_procedures = __esm({
|
|
1541
1641
|
"src/lib/global-procedures.ts"() {
|
|
1542
1642
|
"use strict";
|
|
1543
1643
|
init_database();
|
|
1544
|
-
|
|
1644
|
+
init_platform_procedures();
|
|
1645
|
+
_customerCache = "";
|
|
1545
1646
|
_cacheLoaded = false;
|
|
1647
|
+
_platformCache = PLATFORM_PROCEDURES.map((p) => `### ${p.title}
|
|
1648
|
+
${p.content}`).join("\n\n");
|
|
1546
1649
|
}
|
|
1547
1650
|
});
|
|
1548
1651
|
|