npm - @event4u/agent-config - Versions diffs - 6.0.0 → 6.1.0 - Mend

@event4u/agent-config 6.0.0 → 6.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (378) hide show

package/dist/agent-src/commands/roadmap/process-full.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: roadmap-process-full
 pack: product-basic
 tier: 2
+visibility: internal
 cluster: roadmap
 sub: process-full
 skills: [agent-docs-writing, ai-council, roadmap-management]

package/dist/agent-src/commands/roadmap/process-phase.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: roadmap-process-phase
 pack: product-basic
 tier: 2
+visibility: internal
 cluster: roadmap
 sub: process-phase
 skills: [agent-docs-writing, ai-council, roadmap-management]

package/dist/agent-src/commands/roadmap/process-step.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: roadmap-process-step
 pack: product-basic
 tier: 2
+visibility: internal
 cluster: roadmap
 sub: process-step
 skills: [agent-docs-writing, ai-council, roadmap-management]

package/dist/agent-src/commands/roadmap.md CHANGED Viewed

@@ -7,6 +7,7 @@ intent: "Roadmap dispatcher — create, process-step, process-phase, process-ful
 routes_to: [roadmap-create, roadmap-process-step, roadmap-process-phase, roadmap-process-full]
 replaces: []
 tier: 1
+visibility: advanced
 description: Roadmap orchestrator — routes to create (authoring) and process-step / process-phase / process-full (autonomous execution).
 cluster: roadmap
 type: orchestrator

package/dist/agent-src/commands/rule-compliance-audit.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: rule-compliance-audit
 pack: meta
 tier: 2
+visibility: internal
 skills: [rule-compliance-audit]
 description: Audit rule trigger quality, simulate activation, detect overlaps, and find never-activating rules
 suggestion:

package/dist/agent-src/commands/security-audit-config.md ADDED Viewed

@@ -0,0 +1,84 @@
+---
+model_tier: high
+name: security-audit-config
+pack: engineering-base
+tier: 2
+visibility: internal
+skills: [judge-security-auditor, threat-modeling, security-audit]
+description: Audit an assembled agent config (CLAUDE.md, .cursor/rules, settings, MCP, hooks, skills) for prompt-injection / supply-chain risk — A–F score per category, mapped to OWASP Agentic Top 10
+council_depth: deep
+suggestion:
+  eligible: true
+  trigger_description: "audit my agent config, is my CLAUDE.md / MCP setup safe, scan for prompt injection in my rules"
+  trigger_context: "a repo with agent config files (CLAUDE.md, .cursor/rules, .mcp.json, .claude/settings.json)"
+workspaces:
+  - agent-config-maintainer
+packs:
+  - meta
+---
+# security-audit-config
+## Instructions
+Audit a consumer's **assembled** agent config for the prompt-injection +
+supply-chain risks behind the "rules-file backdoor" and MCP tool-poisoning
+classes; report an A–F score per category mapped to the OWASP Top 10 for
+Agentic Applications. Consumer-facing counterpart to the suite's own
+`lint_agent_security` self-audit gate.
+### 1. Run the static audit
+```bash
+python3 src/scripts/security_audit_config.py --root <repo> --json
+```
+(omit `--root` to audit the current repo). Reuses the Phase-1 detection library
+under the containment convention
+([`security-lint-containment`](../docs/guidelines/agent-infra/security-lint-containment.md)),
+so doc/example files don't tank the score. Scans instruction files (`CLAUDE.md`,
+`AGENTS.md`, `.cursor/rules`, `.github/copilot-instructions.md`, `.clinerules`,
+`.windsurfrules`), MCP configs (`.mcp.json`, `.cursor/mcp.json`,
+`claude_desktop_config.json`), settings/hooks (`.claude/settings.json`),
+installed skills.
+### 2. Present the score
+Surface the overall grade + five category grades (Secrets · Permissions · Hooks
+· MCP · Agents/Rules), each with its OWASP-ASI tag, then the findings worth
+acting on (HIGH first). Lead with the worst category.
+### 3. Optional deep pass
+When asked for depth, or any category scores **D/F**, escalate:
+- Dispatch [`judge-security-auditor`](../skills/judge-security-auditor/SKILL.md)
+  over the flagged files for a diff-level verdict.
+- For a red/blue/auditor review of the whole config, hand off to the
+  `agent-security-review` skill (`council_depth: deep`).
+### 4. Recommend, do not auto-fix
+Output is **decision support**, not a gate — detection is probabilistic.
+Recommend the fix per finding (secret → `${env:VAR}`, pin an MCP server, remove
+`bypassPermissions`, strip hidden Unicode), but never rewrite the consumer's
+config without confirmation (per [`scope-control`](../../../src/rules/scope-control.md)).
+## Output format
+```
+Agent-config security audit — <repo>
+Overall: B (84/100)
+  C  Secrets       75/100 · ASI04 Supply Chain
+        [HIGH] .mcp.json:3: inline secret value — use ${env:VAR}
+  F  Agents/Rules  50/100 · ASI01 Goal Hijack
+        [HIGH] CLAUDE.md:1: role-takeover phrase in prose
+  ...
+```
+## See also
+- [`lint_agent_security`](../../../src/scripts/lint_agent_security.py) — the self-audit (our own corpus) sibling.
+- [`untrusted-input-defense`](../../rules/untrusted-input-defense.md), [`lethal-trifecta-guard`](../../rules/lethal-trifecta-guard.md) — the always-on prevention rules.
+- [`/threat-model`](../threat-model/command.md), [`judge-security-auditor`](../skills/judge-security-auditor/SKILL.md) — deep-pass dispatch.

package/dist/agent-src/commands/set-cost-profile.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: set-cost-profile
 pack: meta
 tier: 2
+visibility: internal
 description: Change the rule_loading_tier in .agent-settings.yml — shows each profile's meaning and applies the selection
 skills: [file-editor]
 suggestion:

package/dist/agent-src/commands/skill/preview.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: skill-preview
 pack: meta
 tier: 2
+visibility: internal
 cluster: skill
 sub: preview
 description: Non-destructive preview of a skill — its declared steps, execution type, allowed tools, and file/command targets — before you run it. Read-only, no execution.

package/dist/agent-src/commands/skill.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: skill
 pack: meta
 tier: 2
+visibility: internal
 description: Single-skill orchestrator — routes to preview. Non-destructive "what will this skill do?" before you run it.
 cluster: skill
 type: orchestrator

package/dist/agent-src/commands/skills/discover.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: skills-discover
 pack: meta
 tier: 2
+visibility: internal
 cluster: skills
 sub: discover
 description: Recommend skills for a role — ranked by four explained classes (most-useful-for-role, related-to-current-task, recently-adopted, popular-in-role). Local-only; every result carries a why.

package/dist/agent-src/commands/skills.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: skills
 pack: meta
 tier: 2
+visibility: internal
 description: Skill discovery orchestrator — routes to discover. Local, explained skill recommendations over the catalog + role shortlists + optional local analytics.
 cluster: skills
 type: orchestrator

package/dist/agent-src/commands/sync-agent-settings.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: sync-agent-settings
 pack: meta
 tier: 2
+visibility: internal
 skills: [sync-agent-settings]
 description: Sync `.agent-settings.yml` against the current template + profile — adds new sections/keys, preserves user values, shows a diff before writing
 suggestion:

package/dist/agent-src/commands/sync-gitignore/fix.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: sync-gitignore-fix
 pack: engineering-base
 tier: 2
+visibility: internal
 cluster: sync-gitignore
 sub: fix
 skills: [sync-gitignore]

package/dist/agent-src/commands/sync-gitignore.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: sync-gitignore
 pack: engineering-base
 tier: 2
+visibility: internal
 cluster: sync-gitignore
 skills: [sync-gitignore]
 description: Sync the `event4u/agent-config` block in the consumer project's .gitignore — adds missing entries, preserves user-added lines, shows a diff before writing

package/dist/agent-src/commands/tests/create.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: tests-create
 pack: engineering-base
 tier: 2
+visibility: internal
 cluster: tests
 sub: create
 skills: [pest-testing, quality-tools]

package/dist/agent-src/commands/tests/execute.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: tests-execute
 pack: engineering-base
 tier: 2
+visibility: internal
 cluster: tests
 sub: execute
 skills: [pest-testing, quality-tools]

package/dist/agent-src/commands/tests.md CHANGED Viewed

@@ -4,6 +4,7 @@ name: tests
 disable-model-invocation: true
 pack: engineering-base
 tier: 2
+visibility: internal
 description: Tests orchestrator — routes to create, execute
 cluster: tests
 type: orchestrator

package/dist/agent-src/commands/threat-model.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: high
 name: threat-model
 pack: engineering-base
 tier: 2
+visibility: internal
 skills: [threat-modeling, authz-review, security-sensitive-stop]
 description: Run a pre-implementation threat model on a proposed change — enumerates abuse cases, trust boundaries, and authorization gaps before the first line of code is written
 council_depth: deep

package/dist/agent-src/commands/update-form-request-messages.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: medium
 name: update-form-request-messages
 pack: engineering-base
 tier: 2
+visibility: internal
 framework: laravel
 skills: [laravel-validation]
 description: "Sync the messages() method of a FormRequest class — add missing entries, link them to language keys, and clean up stale ones."

package/dist/agent-src/commands/upstream-contribute.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: upstream-contribute
 pack: meta
 tier: 2
+visibility: internal
 skills: [upstream-contribute, skill-writing, learning-to-rule-or-skill]
 description: Contribute a learning, skill, rule, or fix from a consumer project back to the shared agent-config package
 suggestion:

package/dist/agent-src/commands/video/from-script.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video-from-script
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 sub: from-script
 description: Drive a script end-to-end through the AI video pipeline — scenes → blueprint → image → operator pick → motion → video → stitch. Preview default; --mode commit spends behind the cost gate.

package/dist/agent-src/commands/video/from-song.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video-from-song
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 sub: from-song
 description: Music-video from a song + reference images — accept or derive a timed scene script, optional character-lock, render, stitch, mux song as master track. Preview default; --mode commit gates the spend.

package/dist/agent-src/commands/video/scene.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video-scene
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 sub: scene
 description: Render a single scene from a one-line idea — scene-expander → blueprint → image → operator pick → motion → video. Preview mode default (no spend); --mode commit renders live behind the cost gate.

package/dist/agent-src/commands/video/stitch.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video-stitch
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 sub: stitch
 description: Re-stitch existing clips in `<project>/scenes/*/` after operator edits — no re-render. ffmpeg concat driven by manifest.json.

package/dist/agent-src/commands/video/storyboard.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video-storyboard
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 sub: storyboard
 description: Image-only storyboard — script → scenes → blueprint → image render → contact-sheet PNG via ffmpeg montage. No video calls.

package/dist/agent-src/commands/video.md CHANGED Viewed

@@ -3,6 +3,7 @@ model_tier: inherit
 name: video
 pack: ai-video
 tier: 2
+visibility: internal
 cluster: video
 description: Video-creation orchestrator — Hollywood-level AI video pipeline. Routes to from-script, from-song, scene, storyboard, stitch.
 type: orchestrator

package/dist/agent-src/commands/work.md CHANGED Viewed

@@ -6,6 +6,7 @@ intent: "Pick up the next sensible task and execute it autonomously"
 routes_to: [refine-prompt, command-routing]
 replaces: []
 tier: 0
+visibility: visible
 skills: [refine-prompt, command-routing]
 description: Drive a free-form prompt end-to-end through refine → score → plan → implement → test → verify → report — Option-A loop over the `work_engine` Python engine, confidence-band gated, no auto-git.
 suggestion:

package/dist/agent-src/contexts/augment-infrastructure.md CHANGED Viewed

@@ -105,7 +105,7 @@ Commands organized by workflow:
 | **Modules** | `module-create`, `module-explore` |
 | **Roadmaps** | `roadmap:create`, `roadmap:process-step`, `roadmap:process-phase`, `roadmap:process-full` |
 | **Quality** | `quality-fix`, `review-changes`, `prepare-for-review`, `update-form-request-messages`, `fix-seeder` |
-| **CI/PR** | `fix-ci`, `create-pr`, `create-pr-description`, `fix-pr-comments`, `fix-pr-bot-comments`, `fix-pr-developer-comments` |
+| **CI/PR** | `fix-ci`, `create-pr`, `create-pr-description`, `fix-pr-comments` |
 | **Testing** | `tests-create`, `tests-execute` |
 | **E2E** | `e2e-plan`, `e2e-heal` |
 | **Agents** | `agents-prepare`, `agents-audit`, `agents-cleanup`, `copilot-agents-optimize`, `agent-handoff`, `agent-status`, `optimize-agents`, `optimize-augmentignore`, `optimize-skills`, `optimize-rtk-filters` |

package/dist/agent-src/contexts/communication/rules-auto/skill-quality-mechanics.md CHANGED Viewed

@@ -25,7 +25,7 @@ Make descriptions "pushy" — explicit about when to fire:
   adjectives, drop the second example phrasing, or collapse a list — do
   **not** drop the trigger vocabulary or the `even if ...` tail.
-Source: [`skills/skill-creator` in `anthropics/skills`](https://github.com/anthropics/skills/blob/main/skills/skill-creator/SKILL.md).
+Source: [`skills/skill-creator` in `an external reference`](https://github.com/an external reference/blob/main/skills/skill-creator/SKILL.md).
 **Litmus test:** Read the description cold, without the skill's body. If you
 cannot name at least two phrasings a user would realistically type that should

package/dist/agent-src/contexts/communication/rules-auto/slash-command-routing-policy-mechanics.md CHANGED Viewed

@@ -4,7 +4,7 @@ Lookup table for the `slash-command-routing-policy` rule. Lists the
 locked clusters and their sub-commands so the rule itself can stay at
 its current LOC while still reflecting the full surface. Source of
 truth for the cluster names is
-[`docs/contracts/command-clusters.md`](../../../../../docs/contracts/command-clusters.md);
+[`docs/contracts/command-clusters.md`](../../../../../../docs/contracts/command-clusters.md);
 this file mirrors that contract for runtime lookup. Linter:
 `scripts/check_cluster_patterns.py` (verifies dispatcher shape).
@@ -12,7 +12,7 @@ this file mirrors that contract for runtime lookup. Linter:
 | Cluster | Phase | Sub-commands | Replaces                                                                                                                                        |
 |---|:-:|---|-------------------------------------------------------------------------------------------------------------------------------------------------|
-| `/fix` | 1 | `ci` · `pr-comments` · `pr-bot-comments` · `pr-developer-comments` · `portability` · `refs` · `seeder` | `/fix-ci` · `/fix-pr-comments` · `/fix-pr-bot-comments` · `/fix-pr-developer-comments` · `/fix-portability` · `/fix-references` · `/fix-seeder` |
+| `/fix` | 1 | `ci` · `pr-comments` · `portability` · `refs` · `seeder` | `/fix-ci` · `/fix-pr-comments` · `/fix-portability` · `/fix-references` · `/fix-seeder` |
 | `/optimize` | 1 | `agents` · `augmentignore` · `rtk` · `skills` | `/optimize-agents` · `/optimize-augmentignore` · `/optimize-rtk-filters` · `/optimize-skills`                                                   |
 | `/feature` | 1 | `explore` · `plan` · `refactor` · `roadmap` | `/feature-explore` · `/feature-plan` · `/feature-refactor` · `/feature-roadmap`                                                                 |
 | `/chat-history` | 2 | `show` | `/chat-history` (legacy status) — `resume` / `clear` / `checkpoint` removed in `road-to-chat-history-hook-only`                                 |

package/dist/agent-src/contexts/communication/rules-auto/think-before-action-mechanics.md CHANGED Viewed

@@ -42,12 +42,12 @@ behavior. Cannot → read more.
 ## Consult memory before editing
-Prior decisions and invariants live in the memory layer. Via
-[`memory-access`](../../../../../docs/guidelines/agent-infra/memory-access.md),
-call `retrieve(types=["architecture-decisions", "domain-invariants"], keys=<touched paths>, limit=3)`.
-A matching `architecture-decision` explains *why* the current shape
-exists; a matching `domain-invariant` is a hard constraint. Cite the
-`id` if a match influences the plan.
+Invariants live in the memory layer; architectural rationale lives in ADRs.
+Via [`memory-access`](../../../../../docs/guidelines/agent-infra/memory-access.md),
+call `retrieve(types=["domain-invariants"], keys=<touched paths>, limit=3)` —
+a matching `domain-invariant` is a hard constraint. For *why* the current
+shape exists, check the ADR index `docs/decisions/INDEX.md`. Cite the `id` /
+ADR number if a match influences the plan.
 ## Verify with real tools

package/dist/agent-src/contexts/contracts/consumer-agents-md-guide.md CHANGED Viewed

@@ -38,10 +38,10 @@ covers). Default: leave AGENTS.md thin and put detail under `agents/`.
 ```markdown
 ## Development Setup
-```bash
+```bash
 {{dev_start_command}}    # make start / docker compose up / npm run dev / php artisan serve
 {{dev_test_command}}     # make test / docker compose exec app bash / npm test / php artisan test
-```
+```
 ### Environment files

package/dist/agent-src/contexts/execution/rdp-gate.md ADDED Viewed

@@ -0,0 +1,75 @@
+# RDP Gate — Table-Free Cost Gate
+Shared mechanic for the **Reasoning Discipline Protocol**. Loaded by the RDP
+artifacts (the `notes-first-reasoning` rule, the `reasoning-orchestrator` skill,
+and the Phase-5 extensions of `think-before-action` / `improve-before-implement` /
+`adversarial-review` / `subagent-orchestration` / `autonomous-execution`) when
+deciding **whether to engage the discipline at all**. Design rationale +
+sourcing: `docs/guidelines/agent-infra/frontier-reasoning-operating-profile.md`
+and roadmap decisions L1/L10/L17.
+## The one rule
+```
+RDP NEVER ENGAGES BY DEFAULT ON EVERY TURN.
+IT ENGAGES ONLY WHERE IT PAYS — DECIDED BY TABLE-FREE SIGNALS.
+NO RUNTIME MODEL -> BAND TABLE EXISTS (ADR-035).
+```
+`model_tier` (ADR-035, `lite|medium|high`) is the **skill's** needed model band,
+**not** the host's reasoning strength. RDP must never reuse it for gating, never
+maintain a model list, and never ship heavy/light content variants (two variants
+*are* a hidden band table).
+## Three signals (all table-free)
+1. **User settings** — read the `reasoning:` block in `.agent-settings.yml`:
+   - `enabled: false` → the whole layer is inert. Stop here.
+   - per-component switch off (e.g. `components.verifier_default: false`) → that
+     component never fires.
+   - `auto_gate: false` → skip signal 3 (self-assessment); gate on signal 2 only.
+2. **Task signal** (knowable per turn, no model lookup):
+   - **Skip** RDP when the task is trivial / short / fully-specified (rename,
+     typo, format, one-line edit, list files, bump a version).
+   - **Engage** when the task is complex / ambiguous / multi-component /
+     long-horizon / stateful / irreversible.
+3. **Host reasoning strength** (agent self-assessment — introspection, no
+   maintained list; same pattern as `provider-lifecycle-discipline` and
+   `media-governance-routing`):
+   - A **strong-reasoning** host applies the discipline **lightly / as a
+     suggestion** (it self-coordinates; heavy scaffolding wastes tokens and can
+     degrade it — see the dossier's `reasoning_extraction` + over-prescription
+     evidence).
+   - A **standard** host applies it **fully**.
+## One constraint-light scaffold + expand on request (L1)
+Every RDP artifact ships **one** constraint-light version. There is no heavy
+variant. A standard host that needs more **asks for it at turn time** ("give me
+the explicit alternative-enumeration" / "spell out the file-size bounds") rather
+than selecting a pre-written heavy file. This keeps the surface DRY, table-free,
+and vendor-neutral.
+## Verifier has its own gate (L12)
+The fresh-context verifier subagent is the most expensive primitive (a full extra
+inference pass). On top of the three signals above it fires **only** when the task
+shows **≥ 2 of**: branching/conditional logic · ≥ 3 explicit must/must-not
+constraints · stateful operations · irreversibility flag — **and** the estimated
+work is **≥ ~1k tokens**. Token length alone is never the trigger.
+## What this gate does NOT touch
+- **No frontmatter field.** The gate is read at runtime; RDP artifacts need no
+  new schema key, so there is **no projection/condensation change** and nothing
+  new compiles into `dist/router.json`.
+- **No kernel change.** RDP artifacts are tier-2 (router-loaded on match); the
+  always-on kernel stays the same size.
+- **No model list.** If a new model ships tomorrow, nothing here goes stale.
+## How an RDP artifact cites this
+Open with a one-line gate check, e.g.: *"Engage per `contexts/execution/rdp-gate.md`
+(settings + task-signal + host self-assessment); skip on trivial tasks and apply
+lightly on a strong-reasoning host."* Then the artifact's own body assumes it has
+already been cleared to engage.

package/dist/agent-src/contexts/subagent-configuration.md CHANGED Viewed

@@ -59,4 +59,5 @@ The commands read `.agent-settings.yml` fresh on each run.
 - [`subagent-orchestration`](../skills/subagent-orchestration/SKILL.md) — the skill
 - [`model-recommendations`](model-recommendations.md) — tier definitions
+- `guideline:agent-infra/model-recommendation` § Orchestrator → subagent model routing — per-subtask model right-sizing (downgrade easy work, keep strong model for hard)
 - [`/do-and-judge`](../commands/do-and-judge.md), [`/do-in-steps`](../commands/do-in-steps.md), [`/judge`](../commands/judge.md) — commands that read these keys

package/dist/agent-src/personas/advisors/contrarian.md CHANGED Viewed

@@ -90,6 +90,6 @@ straw man.
 ---
 *This persona is consumed by the AI Council advisor system
-(replace-mode). When activated via `agents/settings/.ai-council.yml`'s
+(replace-mode). When activated via `~/.event4u/agent-config/settings/.ai-council.yml`'s
 `advisors:` block, the entire file body below the frontmatter becomes
 the system prompt for the targeted member.*

package/dist/agent-src/personas/advisors/executor.md CHANGED Viewed

@@ -94,6 +94,6 @@ can start on.
 ---
 *This persona is consumed by the AI Council advisor system
-(replace-mode). When activated via `agents/settings/.ai-council.yml`'s
+(replace-mode). When activated via `~/.event4u/agent-config/settings/.ai-council.yml`'s
 `advisors:` block, the entire file body below the frontmatter becomes
 the system prompt for the targeted member.*

package/dist/agent-src/personas/advisors/expansionist.md CHANGED Viewed

@@ -93,6 +93,6 @@ the proposal as written can survive its own success.
 ---
 *This persona is consumed by the AI Council advisor system
-(replace-mode). When activated via `agents/settings/.ai-council.yml`'s
+(replace-mode). When activated via `~/.event4u/agent-config/settings/.ai-council.yml`'s
 `advisors:` block, the entire file body below the frontmatter becomes
 the system prompt for the targeted member.*

package/dist/agent-src/personas/advisors/first-principles.md CHANGED Viewed

@@ -93,6 +93,6 @@ inherit an accidental complexity from convention.
 ---
 *This persona is consumed by the AI Council advisor system
-(replace-mode). When activated via `agents/settings/.ai-council.yml`'s
+(replace-mode). When activated via `~/.event4u/agent-config/settings/.ai-council.yml`'s
 `advisors:` block, the entire file body below the frontmatter becomes
 the system prompt for the targeted member.*

package/dist/agent-src/personas/advisors/outsider.md CHANGED Viewed

@@ -97,6 +97,6 @@ synthesis stage can use to see the proposal from outside.
 ---
 *This persona is consumed by the AI Council advisor system
-(replace-mode). When activated via `agents/settings/.ai-council.yml`'s
+(replace-mode). When activated via `~/.event4u/agent-config/settings/.ai-council.yml`'s
 `advisors:` block, the entire file body below the frontmatter becomes
 the system prompt for the targeted member.*

package/dist/agent-src/rules/autonomous-execution.md CHANGED Viewed

@@ -90,6 +90,18 @@ Crossing the 20-entry threshold counts as the 3rd validation-target failure for
 When validating a single target, run the **specific** check, not a meta-task that fans out to dozens of sub-tasks. Use the failing tool's direct entry point (the specific script invocation, the specific runner target, the single-test filter for the project's test runner) rather than the full CI meta-pipeline. Full-pipeline runs are appropriate at phase boundaries, not as a per-iteration probe.
+Concrete tool mapping — verify with the narrowest tool that proves the target green: a single `curl` / Playwright spec / browser run for HTTP behavior, the project's test runner with a `--filter` for one test, a debugger / `xdebug` step-through for one frame. Never substitute a meta-pipeline for a tool that pinpoints the failure.
+## Adaptive effort & stop (RDP)
+Scale effort to task difficulty, and stop when marginal evidence drops — coupled
+to the N=3 budget above, never replacing it. On a host with a native effort knob
+(e.g. an `effort` parameter), the right move is to **set it high** for hard tasks
+rather than scaffold; the scaffold here is for a standard host **without** such a
+knob. The per-dimension uncertainty score (see
+[`notes-first-reasoning`](notes-first-reasoning.md)) feeds this decision. Engage
+per [`rdp-gate`](../contexts/execution/rdp-gate.md).
 ## See also
 - [`user-interrupt-priority`](user-interrupt-priority.md) — STOP-ASK-RESUME on new tasks; overrides autonomy

package/dist/agent-src/rules/external-reference-deep-dive.md CHANGED Viewed

@@ -58,7 +58,7 @@ Triggered when the user points to an external artifact (repo URL, `owner/repo`,
 | **Repeat-the-guess after pushback** | User says "really look" → agent re-paraphrases the same surface read. Burns trust. | On any pushback that names the source again, restart from a tree listing, not from prior notes. |
 | **Cross-tool path inference from a single example** | One config file ≠ a convention. | Inspect ≥2 unrelated tool integrations before claiming a pattern is the project's universal anchor strategy. |
-**Case-zero anchor.** May 2026 — `nextlevelbuilder/ui-ux-pro-max-skill` was named as the source of truth for 23 AI-tool anchors. Three rounds of "we have no content for these tools" were reported from README inference. The actual `tool-configs/*.json` files in the reference repo gave the exact directory layout per tool in one fetch. Cost: ~2 hours of user frustration. Lesson: when an external source is named, the first action is `GET /repos/{o}/{r}/contents/{interesting-subtree}` — not paraphrase.
+**Case-zero anchor.** May 2026 — an external reference suite was named as the source of truth for 23 AI-tool anchors. Three rounds of "we have no content for these tools" were reported from README inference. The actual `tool-configs/*.json` files in the reference repo gave the exact directory layout per tool in one fetch. Cost: ~2 hours of user frustration. Lesson: when an external source is named, the first action is `GET /repos/{o}/{r}/contents/{interesting-subtree}` — not paraphrase.
 ## Escape hatch