@integrity-labs/agt-cli 0.28.32 → 0.28.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/agt.js +4 -4
- package/dist/{chunk-KJVDXL3L.js → chunk-DLCUI4J5.js} +69 -60
- package/dist/chunk-DLCUI4J5.js.map +1 -0
- package/dist/{chunk-SR6RHUAV.js → chunk-HTRILMXV.js} +2 -2
- package/dist/{chunk-VIIPFWE4.js → chunk-R5CP4WAO.js} +2 -1
- package/dist/{claude-pair-runtime-RLIUZRLZ.js → claude-pair-runtime-LP4W56RT.js} +2 -2
- package/dist/lib/manager-worker.js +83 -48
- package/dist/lib/manager-worker.js.map +1 -1
- package/dist/{persistent-session-JHBXSNVW.js → persistent-session-RNALQ7JD.js} +3 -3
- package/dist/{responsiveness-probe-SKVWT5CO.js → responsiveness-probe-DRP2PPVE.js} +3 -3
- package/package.json +1 -1
- package/dist/chunk-KJVDXL3L.js.map +0 -1
- /package/dist/{chunk-SR6RHUAV.js.map → chunk-HTRILMXV.js.map} +0 -0
- /package/dist/{chunk-VIIPFWE4.js.map → chunk-R5CP4WAO.js.map} +0 -0
- /package/dist/{claude-pair-runtime-RLIUZRLZ.js.map → claude-pair-runtime-LP4W56RT.js.map} +0 -0
- /package/dist/{persistent-session-JHBXSNVW.js.map → persistent-session-RNALQ7JD.js.map} +0 -0
- /package/dist/{responsiveness-probe-SKVWT5CO.js.map → responsiveness-probe-DRP2PPVE.js.map} +0 -0
package/dist/bin/agt.js
CHANGED
|
@@ -33,7 +33,7 @@ import {
|
|
|
33
33
|
success,
|
|
34
34
|
table,
|
|
35
35
|
warn
|
|
36
|
-
} from "../chunk-
|
|
36
|
+
} from "../chunk-DLCUI4J5.js";
|
|
37
37
|
import {
|
|
38
38
|
CHANNEL_REGISTRY,
|
|
39
39
|
DEPLOYMENT_TEMPLATES,
|
|
@@ -60,7 +60,7 @@ import {
|
|
|
60
60
|
renderTemplate,
|
|
61
61
|
resolveChannels,
|
|
62
62
|
serializeManifestForSlackCli
|
|
63
|
-
} from "../chunk-
|
|
63
|
+
} from "../chunk-R5CP4WAO.js";
|
|
64
64
|
|
|
65
65
|
// src/bin/agt.ts
|
|
66
66
|
import { join as join21 } from "path";
|
|
@@ -4773,7 +4773,7 @@ import { execFileSync, execSync } from "child_process";
|
|
|
4773
4773
|
import { existsSync as existsSync10, realpathSync as realpathSync2 } from "fs";
|
|
4774
4774
|
import chalk18 from "chalk";
|
|
4775
4775
|
import ora16 from "ora";
|
|
4776
|
-
var cliVersion = true ? "0.28.
|
|
4776
|
+
var cliVersion = true ? "0.28.34" : "dev";
|
|
4777
4777
|
async function fetchLatestVersion() {
|
|
4778
4778
|
const host2 = getHost();
|
|
4779
4779
|
if (!host2) return null;
|
|
@@ -5696,7 +5696,7 @@ function handleError(err) {
|
|
|
5696
5696
|
}
|
|
5697
5697
|
|
|
5698
5698
|
// src/bin/agt.ts
|
|
5699
|
-
var cliVersion2 = true ? "0.28.
|
|
5699
|
+
var cliVersion2 = true ? "0.28.34" : "dev";
|
|
5700
5700
|
var program = new Command();
|
|
5701
5701
|
program.name("agt").description("Augmented CLI \u2014 agent provisioning and management").version(cliVersion2).option("--json", "Emit machine-readable JSON output (suppress spinners and colors)").option("--skip-update-check", "Skip the automatic update check on startup");
|
|
5702
5702
|
program.hook("preAction", async (thisCommand, actionCommand) => {
|
|
@@ -14,7 +14,7 @@ import {
|
|
|
14
14
|
registerFramework,
|
|
15
15
|
resolveAvatarEnvUrl,
|
|
16
16
|
wrapScheduledTaskPrompt
|
|
17
|
-
} from "./chunk-
|
|
17
|
+
} from "./chunk-R5CP4WAO.js";
|
|
18
18
|
|
|
19
19
|
// ../../packages/core/dist/integrations/registry.js
|
|
20
20
|
var INTEGRATION_REGISTRY = [
|
|
@@ -3390,43 +3390,54 @@ acknowledge before you start.
|
|
|
3390
3390
|
- **FAST (< 60s):** handle inline. Reply via the channel tool
|
|
3391
3391
|
(slack.reply / telegram.reply / directchat.reply) and end your turn.
|
|
3392
3392
|
|
|
3393
|
-
- **SLOW (\u2265 60s):** acknowledge, dispatch to background
|
|
3393
|
+
- **SLOW (\u2265 60s):** acknowledge, dispatch to a background channel worker,
|
|
3394
|
+
stay responsive.
|
|
3394
3395
|
1. Send a one-line acknowledgement via the channel tool \u2014 short, warm,
|
|
3395
3396
|
and tell the user you'll come back. Example shape (don't copy verbatim,
|
|
3396
3397
|
match your voice): "On it \u2014 this'll take a minute or two, I'll ping
|
|
3397
3398
|
when it's done."
|
|
3398
|
-
2. Dispatch the work to a background sub-agent:
|
|
3399
|
-
\`subagent_type:
|
|
3400
|
-
Put EVERYTHING the worker needs in the
|
|
3401
|
-
full request, relevant thread context,
|
|
3402
|
-
|
|
3403
|
-
|
|
3399
|
+
2. Dispatch the work to a background \`channel-message-handler\` sub-agent:
|
|
3400
|
+
the Agent tool with \`subagent_type: channel-message-handler\` AND
|
|
3401
|
+
\`run_in_background: true\`. Put EVERYTHING the worker needs in the
|
|
3402
|
+
dispatch prompt \u2014 the user's full request, relevant thread context,
|
|
3403
|
+
which integrations/tools to use \u2014 plus the **channel-specific routing
|
|
3404
|
+
keys** its reply tool needs: Slack threads \u2192 \`{ channel_id, thread_ts }\`;
|
|
3405
|
+
Slack non-thread DMs \u2192 \`{ channel_id }\`; Telegram \u2192 \`{ chat_id, message_id }\`;
|
|
3406
|
+
Direct Chat \u2192 \`{ conversation_id }\`. Pass these verbatim from the
|
|
3407
|
+
inbound \`<channel>\` tag \u2014 don't substitute a generic \`message_ts\`,
|
|
3408
|
+
since only Slack threads use it. The worker inherits your full MCP tool
|
|
3409
|
+
surface but NOT your conversation context.
|
|
3404
3410
|
3. End your turn after dispatching. This is the point: you stay free to
|
|
3405
3411
|
answer other messages while the worker grinds. Do NOT wait, poll, or
|
|
3406
3412
|
dispatch the same work synchronously \u2014 a synchronous dispatch blocks
|
|
3407
3413
|
your turn and defeats the purpose.
|
|
3408
|
-
4.
|
|
3409
|
-
|
|
3410
|
-
|
|
3411
|
-
|
|
3412
|
-
|
|
3413
|
-
5. If the completion notification reports a failure or
|
|
3414
|
-
|
|
3415
|
-
|
|
3416
|
-
|
|
3417
|
-
|
|
3418
|
-
|
|
3419
|
-
> \`
|
|
3420
|
-
>
|
|
3421
|
-
>
|
|
3422
|
-
>
|
|
3423
|
-
>
|
|
3424
|
-
>
|
|
3425
|
-
>
|
|
3414
|
+
4. \`channel-message-handler\` posts the substantive reply **itself**, via
|
|
3415
|
+
its own channel reply tool (\`slack.reply\` / \`telegram.reply\` /
|
|
3416
|
+
\`directchat.reply\`) addressed by the routing keys you passed \u2014 you do
|
|
3417
|
+
NOT relay it. Its completion notification lands automatically as a
|
|
3418
|
+
system message; read it just to confirm the reply went out.
|
|
3419
|
+
5. If the completion notification reports a failure \u2014 or that the worker
|
|
3420
|
+
could not post \u2014 post the reply (or a brief status) yourself to the
|
|
3421
|
+
same thread / chat / conversation you acknowledged in step 1, and
|
|
3422
|
+
either re-dispatch with a better prompt or handle it inline. Never go
|
|
3423
|
+
silent.
|
|
3424
|
+
|
|
3425
|
+
> **Why a background \`channel-message-handler\` dispatch:** two findings
|
|
3426
|
+
> combine into this shape. (1) ENG-6274 (2026-06-10, Claude Code 2.1.170,
|
|
3427
|
+
> \`docs/spikes/ENG-6274-run-in-background-dispatch.md\`): a background
|
|
3428
|
+
> dispatch returns immediately, your turn ends, and inbound messages get
|
|
3429
|
+
> answered in seconds while the worker runs \u2014 the completion arrives as a
|
|
3430
|
+
> notification you handle like any other turn. (2) ENG-6273 (on-host probe
|
|
3431
|
+
> at the fleet's pinned 2.1.170,
|
|
3432
|
+
> \`docs/spikes/ENG-6273-verify-64909-onhost-probe.md\`): the upstream
|
|
3433
|
+
> empty-registry bug
|
|
3426
3434
|
> ([anthropics/claude-code#64909](https://github.com/anthropics/claude-code/issues/64909),
|
|
3427
|
-
>
|
|
3428
|
-
>
|
|
3429
|
-
>
|
|
3435
|
+
> 0/6 MCP tools in named sub-agents on 2026-06-03) is **fixed** \u2014 a named
|
|
3436
|
+
> sub-agent with an explicit \`tools:\` allowlist binds the full MCP surface
|
|
3437
|
+
> again (10/11, zero empty-registry misses). So \`channel-message-handler\`
|
|
3438
|
+
> can reach its own channel reply tool: dispatch it in the background and it
|
|
3439
|
+
> both does the work AND posts the reply over the audited channel path,
|
|
3440
|
+
> while you stay free.
|
|
3430
3441
|
|
|
3431
3442
|
**Why this triage decision still matters more than any other instruction
|
|
3432
3443
|
below:** if you skip the acknowledgement and just dive into slow work
|
|
@@ -3446,31 +3457,20 @@ consistency.
|
|
|
3446
3457
|
|
|
3447
3458
|
For background tool work that **isn't** a channel reply \u2014 multi-step data
|
|
3448
3459
|
pulls, CRM enrichments, research workflows, cross-MCP orchestration \u2014 use
|
|
3449
|
-
\`subagent_type:
|
|
3450
|
-
|
|
3451
|
-
|
|
3452
|
-
|
|
3453
|
-
|
|
3454
|
-
|
|
3455
|
-
|
|
3456
|
-
|
|
3457
|
-
|
|
3458
|
-
bug ([anthropics/claude-code#64909](https://github.com/anthropics/claude-code/issues/64909))
|
|
3459
|
-
where sub-agents with an explicit \`tools:\` allowlist get an empty MCP
|
|
3460
|
-
tool registry \u2014 every \`mcp__*\` call returns "No such tool available."
|
|
3461
|
-
\`general-purpose\` uses \`tools: *\` (inherit-all) and escapes the bug.
|
|
3462
|
-
The fix appears to have shipped upstream (verified locally on Claude Code
|
|
3463
|
-
2.1.170, 2026-06-10 \u2014 ENG-6269 spike); once ENG-6273 re-verifies it on
|
|
3464
|
-
this host's pinned version, \`augmented-worker\` becomes preferred again
|
|
3465
|
-
(restricted tool surface for safety + working MCP binding) and
|
|
3466
|
-
\`channel-message-handler\` returns as a dispatch target. Until then,
|
|
3467
|
-
\`general-purpose\` only.
|
|
3460
|
+
\`subagent_type: augmented-worker\`. It carries an explicit allowlist of
|
|
3461
|
+
every \`mcp__*\` server you have wired \u2014 a tighter, safer tool surface than
|
|
3462
|
+
inherit-all \u2014 and binds them reliably now that ENG-6273's on-host probe
|
|
3463
|
+
confirmed the upstream allowlist bug (claude-code#64909) is fixed at the
|
|
3464
|
+
fleet's pinned Claude Code 2.1.170. For anything expected to take more than
|
|
3465
|
+
a minute, add \`run_in_background: true\` so your turn ends and you stay
|
|
3466
|
+
responsive; the completion notification brings you the result. Don't
|
|
3467
|
+
background-dispatch trivial work \u2014 each dispatch is a fresh context and
|
|
3468
|
+
costs real tokens.
|
|
3468
3469
|
|
|
3469
3470
|
For slow **channel** replies, see \xA7 FIRST ACTION above \u2014 those are
|
|
3470
|
-
dispatched as background \`
|
|
3471
|
-
|
|
3472
|
-
|
|
3473
|
-
ENG-6273-pending reason).
|
|
3471
|
+
dispatched as background \`channel-message-handler\` workers, the channel-aware
|
|
3472
|
+
sibling of \`augmented-worker\`, which post the reply themselves over the
|
|
3473
|
+
audited channel path.
|
|
3474
3474
|
|
|
3475
3475
|
${activeTasksSection}${personalitySection}## Identity
|
|
3476
3476
|
|
|
@@ -3500,10 +3500,10 @@ ${resolvedChannels?.includes("slack") ? `
|
|
|
3500
3500
|
|
|
3501
3501
|
You have a Slack MCP server connected. **First, see \xA7 FIRST ACTION on
|
|
3502
3502
|
every channel message: triage** at the top of this document \u2014 decide
|
|
3503
|
-
fast vs slow before anything else
|
|
3504
|
-
|
|
3505
|
-
|
|
3506
|
-
ACTION section for the full rationale
|
|
3503
|
+
fast vs slow before anything else. Handle fast requests inline;
|
|
3504
|
+
acknowledge slow ones, then dispatch them to a background
|
|
3505
|
+
\`channel-message-handler\` worker (which posts the reply itself) and stay
|
|
3506
|
+
responsive \u2014 see the FIRST ACTION section for the full rationale.
|
|
3507
3507
|
|
|
3508
3508
|
For fast requests, respond directly in the conversation. You can also
|
|
3509
3509
|
proactively use:
|
|
@@ -5330,7 +5330,7 @@ If a capability seems missing, **check first** \u2014 run the CLI, list tools (\
|
|
|
5330
5330
|
`;
|
|
5331
5331
|
return `---
|
|
5332
5332
|
name: augmented-worker
|
|
5333
|
-
description:
|
|
5333
|
+
description: General-purpose background worker for multi-step tool tasks the parent doesn't want to inline (data pulls, multi-API workflows, CRM enrichments, research that needs MCP tools). Has explicit access to every \`mcp__*\` server the parent has wired. Use this \u2014 not \`general-purpose\` and not the read-only researcher/reviewer subagents from other plugins \u2014 whenever the work requires calling MCP tools (e.g. \`mcp__granola__*\`, \`mcp__composio_attio__*\`, \`mcp__slack__*\`, \`mcp__augmented__*\`). Many community subagents declare restrictive \`tools:\` allowlists that exclude MCP tools, so dispatching to them will silently produce "No such tool available." failures and force unsafe fallback paths (reading raw secrets from \`.mcp.json\`, bypassing the Credential Access Control guardrail).
|
|
5334
5334
|
background: true
|
|
5335
5335
|
tools: ${tools}
|
|
5336
5336
|
---
|
|
@@ -5344,7 +5344,7 @@ Your \`tools:\` allowlist (above) names every MCP server the parent has connecte
|
|
|
5344
5344
|
## Hard rules \u2014 Credential Access Control
|
|
5345
5345
|
|
|
5346
5346
|
1. **Never** read raw secrets out of \`.mcp.json\`, \`~/.augmented/*/provision/.mcp.json\`, \`.env.integrations\`, or any agent config file. Those files contain bot tokens, API keys, and OAuth credentials. The Credential Access Control guardrail (\`block_read: true\` on secrets) treats reads of those values as a violation regardless of intent. As **defence-in-depth (not structural enforcement)**, the plugin's \`settings.json\` also denies \`Bash(cat:*/.mcp.json)\`, \`Bash(cat:*/.env.integrations)\`, and \`Bash(jq:*/.mcp.json)\` (ENG-5901 / ADR-0018) \u2014 these block the obvious copy-paste paths but a determined in-process reader can still reach the values; the durable fix is Phase 2/3 of ADR-0018.
|
|
5347
|
-
2. **Never** post Slack messages via raw \`chat.postMessage\` + a bot token lifted from config. Use the channel MCP's reply tool (\`
|
|
5347
|
+
2. **Never** post Slack messages via raw \`chat.postMessage\` + a bot token lifted from config. Use the channel MCP's reply tool (\`mcp__slack__slack_reply\`, \`mcp__telegram__telegram_reply\`, \`mcp__direct-chat__direct_chat_reply\`, etc.) so the call goes through the audited path.
|
|
5348
5348
|
3. If an \`mcp__*\` tool you expect to be available returns "No such tool available.", **stop and surface the gap to the parent** in your summary rather than working around it. A missing MCP binding is a platform bug worth fixing \u2014 it's the exact failure shape this sub-agent was added to prevent (see ENG-5897 / ENG-5905).
|
|
5349
5349
|
4. When verifying a capability is wired, confirm the relevant env var exists **without printing its value** \u2014 use \`[ -n "$POSTIZ_API_KEY" ] && echo present || echo absent\`, never \`echo $POSTIZ_API_KEY\`. The Credential Access Control guardrail covers tool-call output as well as file reads.
|
|
5350
5350
|
|
|
@@ -7266,11 +7266,16 @@ function requireHost() {
|
|
|
7266
7266
|
}
|
|
7267
7267
|
|
|
7268
7268
|
// src/lib/api-client.ts
|
|
7269
|
-
var agtCliVersion = true ? "0.28.
|
|
7269
|
+
var agtCliVersion = true ? "0.28.34" : "dev";
|
|
7270
|
+
var lastConfigHash = null;
|
|
7271
|
+
function setConfigHash(hash) {
|
|
7272
|
+
lastConfigHash = hash && hash.length > 0 ? hash : null;
|
|
7273
|
+
}
|
|
7270
7274
|
var cachedExchange = null;
|
|
7271
7275
|
var exchangeInFlight = null;
|
|
7272
7276
|
function invalidateExchange() {
|
|
7273
7277
|
cachedExchange = null;
|
|
7278
|
+
lastConfigHash = null;
|
|
7274
7279
|
}
|
|
7275
7280
|
async function exchangeApiKey(rawKey, retried = false, opts = {}) {
|
|
7276
7281
|
if (!opts.forceRefresh && cachedExchange && Date.now() < cachedExchange.expiresAt - 6e4) {
|
|
@@ -7375,6 +7380,9 @@ async function buildHeaders() {
|
|
|
7375
7380
|
// actions so bug rates can be tracked per CLI version.
|
|
7376
7381
|
"X-Agt-Cli-Version": agtCliVersion
|
|
7377
7382
|
};
|
|
7383
|
+
if (lastConfigHash) {
|
|
7384
|
+
headers["X-Config-Hash"] = lastConfigHash;
|
|
7385
|
+
}
|
|
7378
7386
|
const team = getActiveTeam() ?? exchange.teamSlug;
|
|
7379
7387
|
if (team) {
|
|
7380
7388
|
headers["X-Team-Slug"] = team;
|
|
@@ -8289,6 +8297,7 @@ export {
|
|
|
8289
8297
|
PROD_AGT_HOST,
|
|
8290
8298
|
getHost,
|
|
8291
8299
|
requireHost,
|
|
8300
|
+
setConfigHash,
|
|
8292
8301
|
exchangeApiKey,
|
|
8293
8302
|
ApiError,
|
|
8294
8303
|
api,
|
|
@@ -8317,4 +8326,4 @@ export {
|
|
|
8317
8326
|
managerInstallSystemUnitCommand,
|
|
8318
8327
|
managerUninstallSystemUnitCommand
|
|
8319
8328
|
};
|
|
8320
|
-
//# sourceMappingURL=chunk-
|
|
8329
|
+
//# sourceMappingURL=chunk-DLCUI4J5.js.map
|