npm - @integrity-labs/agt-cli - Versions diffs - 0.15.38 → 0.16.0 - Mend

@integrity-labs/agt-cli 0.15.38 → 0.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/bin/agt.js +50 -50
package/dist/bin/agt.js.map +1 -1
package/dist/{chunk-XJSQKRFV.js → chunk-LU6L2J32.js} +97 -9
package/dist/chunk-LU6L2J32.js.map +1 -0
package/dist/{claude-pair-runtime-GLO2D7WP.js → claude-pair-runtime-GS6AOYHS.js} +2 -2
package/dist/claude-pair-runtime-GS6AOYHS.js.map +1 -0
package/dist/lib/manager-worker.js +131 -107
package/dist/lib/manager-worker.js.map +1 -1
package/mcp/slack-channel.js +99 -22
package/package.json +1 -1
package/dist/chunk-XJSQKRFV.js.map +0 -1
package/dist/claude-pair-runtime-GLO2D7WP.js.map +0 -1

package/dist/{chunk-XJSQKRFV.js → chunk-LU6L2J32.js} RENAMED Viewed

@@ -4057,7 +4057,7 @@ ${sections}`
    * like Ultimate Coder is installed for an agent.
    *
    * @param codeName Agent code_name
-   * @param plugin Plugin definition from the plugins table
+   * @param plugin Integration definition from the integration_definitions table
    * @param contextValues Resolved context values from plugin_context
    * @param options.scriptSource How to install scripts: 'git-clone' (path) or 'npm' (package name)
    */
@@ -4888,6 +4888,13 @@ var SLACK_SCOPE_REGISTRY = [
     category: "users",
     risk: "medium"
   },
+  {
+    scope: "users.profile:write",
+    name: "Write Bot Profile",
+    description: "Update the bot's own profile (status emoji + status text). Used to surface live/offline state to operators without polling.",
+    category: "users",
+    risk: "low"
+  },
   // ── Channel Management ───────────────────────────────────────────────────
   {
     scope: "channels:join",
@@ -5012,7 +5019,8 @@ var DEFAULT_SCOPES = [
   "mpim:read",
   "reactions:read",
   "reactions:write",
-  "users:read"
+  "users:read",
+  "users.profile:write"
 ];
 function getDefaultSlackScopes() {
   return [...DEFAULT_SCOPES];
@@ -5054,7 +5062,7 @@ var SCOPE_TO_EVENTS = {
   "metadata.message:read": ["message_metadata_posted"]
 };
 function generateSlackAppManifest(input) {
-  const { agent_name, description, long_description, scopes, socket_mode = true, redirect_urls, interactivity_request_url } = input;
+  const { agent_name, description, long_description, scopes, socket_mode = true, redirect_urls, interactivity_request_url, slash_command_url } = input;
   const botDisplayName = agent_name.length > 35 ? agent_name.slice(0, 35) : agent_name;
   const botEvents = /* @__PURE__ */ new Set();
   for (const scope of scopes) {
@@ -5080,7 +5088,35 @@ function generateSlackAppManifest(input) {
       bot_user: {
         display_name: botDisplayName,
         always_online: true
-      }
+      },
+      // ENG-4596: register the /kill + /unkill slash commands when the
+      // caller passed a URL AND the app requested the `commands` scope.
+      // Slack rejects manifests where slash_commands is non-empty without
+      // the matching scope, so the scope check is a guard.
+      ...slash_command_url && scopes.includes("commands") ? {
+        slash_commands: [
+          {
+            command: "/kill",
+            url: slash_command_url,
+            description: "Silence all agents in this thread (6h soft TTL).",
+            usage_hint: "invoke as a thread reply",
+            should_escape: false
+          },
+          {
+            command: "/unkill",
+            url: slash_command_url,
+            description: "Resume agents in this thread.",
+            usage_hint: "invoke as a thread reply",
+            should_escape: false
+          },
+          {
+            command: "/agent-status",
+            url: slash_command_url,
+            description: "Check whether this agent is online + last activity.",
+            should_escape: false
+          }
+        ]
+      } : {}
     },
     oauth_config: {
       ...redirect_urls && redirect_urls.length > 0 ? { redirect_urls } : {},
@@ -5542,6 +5578,29 @@ var charter_frontmatter_v1_default = {
       },
       additionalProperties: false
     },
+    tools: {
+      type: "object",
+      description: "ENG-4588: gates on agent-driven actions (currently the skill-management MCP tools).",
+      properties: {
+        skills: {
+          type: "object",
+          properties: {
+            write_team: {
+              type: "boolean",
+              default: false,
+              description: "Allow the agent's MCP tools to write skill_definitions rows at team scope. Default false \u2014 agents start untrusted."
+            },
+            publish: {
+              type: "boolean",
+              default: false,
+              description: "Skip the pending-publication review for agent-authored skills. Default false \u2014 drafts go to operator review (ENG-4589)."
+            }
+          },
+          additionalProperties: false
+        }
+      },
+      additionalProperties: false
+    },
     created: {
       type: "string",
       format: "date"
@@ -5930,6 +5989,17 @@ ${desc}
 ## Change Log
 - ${today} v0.1: Initial charter
+## Optional permissions
+These fields default to off. Add them to the YAML frontmatter above to enable.
+\`\`\`yaml
+tools:
+  skills:
+    write_team: false  # ENG-4588: allow agent MCP to write team-scoped skills
+    publish: false     # ENG-4588: skip operator review for agent-authored skills
+\`\`\`
 `;
 }
@@ -6047,6 +6117,24 @@ function runSemanticRules(file, charter) {
       }
     }
   }
+  if (charter.risk_tier === "High" && charter.tools?.skills?.publish === true) {
+    diagnostics.push({
+      file,
+      code: "CHARTER.SEMANTIC.HIGH_RISK_SKILL_PUBLISH",
+      path: "tools.skills.publish",
+      severity: "warning",
+      message: "High-risk agents should not have tools.skills.publish enabled \u2014 keep operator review on agent-authored skills"
+    });
+  }
+  if (charter.risk_tier === "High" && charter.tools?.skills?.write_team === true) {
+    diagnostics.push({
+      file,
+      code: "CHARTER.SEMANTIC.HIGH_RISK_SKILL_WRITE_TEAM",
+      path: "tools.skills.write_team",
+      severity: "warning",
+      message: "High-risk agents should not be granted tools.skills.write_team \u2014 they can pollute the shared team catalog"
+    });
+  }
   return diagnostics;
 }
@@ -6490,15 +6578,15 @@ function getTemplate(id) {
   return DEPLOYMENT_TEMPLATES.find((t) => t.id === id);
 }
-// ../../packages/core/dist/plugins/context-validator.js
+// ../../packages/core/dist/integrations/context-validator.js
 import Ajv20202 from "ajv/dist/2020.js";
 import addFormats2 from "ajv-formats";
-// ../../packages/core/dist/plugins/context-meta-schema.json
+// ../../packages/core/dist/integrations/context-meta-schema.json
 var context_meta_schema_default = {
   $schema: "https://json-schema.org/draft/2020-12/schema",
   $id: "https://augmented.dev/schemas/plugin-context.meta.schema.json",
-  title: "Plugin Context Schema (meta)",
+  title: "Integration Context Schema (meta)",
   description: "Meta-schema for the constrained subset of JSON Schema that plugin authors may declare for their plugin context. Anything outside this subset is rejected at PUT time. See ENG-4341 / docs/plugins/plugin-context-rfc.md.",
   type: "object",
   required: ["type", "properties"],
@@ -6608,7 +6696,7 @@ var context_meta_schema_default = {
   }
 };
-// ../../packages/core/dist/plugins/context-validator.js
+// ../../packages/core/dist/integrations/context-validator.js
 var ajv2 = new Ajv20202({ allErrors: true, strict: false });
 addFormats2(ajv2);
 var compiledMetaSchema = ajv2.compile(context_meta_schema_default);
@@ -7366,4 +7454,4 @@ export {
   managerInstallCommand,
   managerUninstallCommand
 };
-//# sourceMappingURL=chunk-XJSQKRFV.js.map
+//# sourceMappingURL=chunk-LU6L2J32.js.map