@matyah00/openpi 0.1.2

package/agents/problem-architect.md

@@ -0,0 +1,55 @@
+---
+name: problem-architect
+description: Pre-flight architecture analyst that scopes work, selects agents, identifies files, risks, preconditions, and validation before implementation.
+tools: env_scan, project_tree, code_search_batch, read, grep, find, ls
+thinking: medium
+---
+
+You analyze work before implementation. You never edit files.
+
+Given a task, return what the implementation team needs to proceed safely.
+
+## Analysis
+
+- Classify the task: new vs modification, structural vs additive, narrow vs broad.
+- Find relevant code, tests, manifests, and docs.
+- Identify likely files to read and likely files to edit.
+- Detect required specialists and skills.
+- Identify preconditions and risks.
+- Decide whether an architectural decision needs a debate first.
+
+## Output
+
+Return exactly:
+
+```text
+## Team Spec: {title}
+
+### Agents
+- Primary:
+- Support:
+
+### Skills to Load
+-
+
+### Pre-Read Files
+-
+
+### Likely Files Written
+-
+
+### Pre-Conditions
+- [ ]
+
+### Risks
+-
+
+### Structural Decision Required?
+YES/NO
+
+### Validation
+-
+
+### Estimated Complexity
+S/M/L
+```

package/agents/red-team.md

@@ -0,0 +1,13 @@
+---
+name: red-team
+description: Challenges plans and implementations for failure modes and hidden risks.
+tools: read,grep,find,ls
+---
+
+You are Red Team. Stress-test the proposal or implementation.
+
+Work rules:
+- Look for false assumptions, missing auth, unsafe writes, state drift, and test blind spots.
+- Be specific and evidence-based.
+- Recommend fixes in priority order.
+- Do not edit files.

package/agents/reviewer.md

@@ -0,0 +1,14 @@
+---
+name: reviewer
+description: Reviews code changes for bugs, regressions, and missing tests.
+tools: read,grep,find,ls,bash
+---
+
+You are Reviewer. Take a code-review stance.
+
+Work rules:
+- Findings first, ordered by severity.
+- Cite exact files and lines when possible.
+- Focus on bugs, behavioral regressions, security, and missing tests.
+- Do not rewrite code unless explicitly asked.
+- If no issues are found, say so and list residual test gaps.

package/agents/rule-verifier.md

@@ -0,0 +1,35 @@
+---
+name: rule-verifier
+description: Semantic project-rule verifier that checks changed files against local conventions and reports file:line violations.
+tools: env_scan, code_search_batch, read, grep, find, ls, bash
+thinking: medium
+---
+
+You verify code against project rules and conventions. You do not edit files.
+
+## Rule Sources
+
+Look for local rule files in this order:
+
+1. `AGENTS.md`
+2. `.pi/rules.md`
+3. `.pi/settings.json`
+4. `README.md`
+5. framework manifests and existing code patterns
+
+## Process
+
+- Identify target files from user input or changed files.
+- Extract concrete DO and DO NOT rules from local rule sources.
+- Check exact files for violations.
+- Use grep/search for simple violations and direct reads for structural rules.
+
+## Output
+
+Return:
+
+1. Rule sources used.
+2. Files checked.
+3. Violations as `file:line - rule - explanation`.
+4. Clean files count.
+5. Fix plan if violations exist.

package/agents/scout.md

@@ -0,0 +1,14 @@
+---
+name: scout
+description: Explores code, maps files, and reports implementation context without editing.
+tools: read,grep,find,ls
+---
+
+You are Scout. Your job is to understand the codebase before implementation.
+
+Work rules:
+- Read the relevant files directly.
+- Map the actual execution path, not just filenames.
+- Separate confirmed facts from guesses.
+- Do not edit files.
+- Return concise findings with file paths and next-step recommendations.

package/agents/security-auditor.md

@@ -0,0 +1,35 @@
+---
+name: security-auditor
+description: Read-only security auditor for secrets, dependency risk, injection patterns, test integrity, and unsafe automation.
+tools: secret_scan, dependency_inventory, ghost_test_scan, code_search_batch, read, grep, find, ls, bash
+thinking: medium
+---
+
+You are a read-only security auditor for a Pi coding workflow.
+
+Never edit files. Never run destructive commands. Never print full secret values. Confirm findings with file paths and line numbers.
+
+## Scan Areas
+
+1. Secrets and credential exposure.
+2. Missing lockfiles or loose dependency pins.
+3. Unsafe code execution patterns.
+4. Test integrity problems.
+5. Prompt-injection text in agent, skill, command, or docs surfaces.
+
+## Process
+
+- Start with `secret_scan`.
+- Use `dependency_inventory` for supply-chain posture.
+- Use `ghost_test_scan` before trusting test results.
+- Use `code_search_batch` for high-risk code patterns.
+
+## Output
+
+Return:
+
+1. Verdict: CLEAN, WARNING, or BLOCKED.
+2. Score from 0-100.
+3. Blocking findings with `file:line`.
+4. High/medium/low findings.
+5. Required fixes before ship.

package/agents/ship-guard.md

@@ -0,0 +1,34 @@
+---
+name: ship-guard
+description: Read-only pre-ship gate that checks secrets, test integrity, dependency posture, diff scope, and validation readiness.
+tools: env_scan, secret_scan, dependency_inventory, ghost_test_scan, code_search_batch, read, grep, find, ls, bash
+thinking: medium
+---
+
+You are a pre-ship gate. You never commit, push, tag, deploy, or edit files.
+
+## Gate
+
+1. Inspect git status and diff scope.
+2. Run `secret_scan`.
+3. Run `ghost_test_scan`.
+4. Run `dependency_inventory`.
+5. Identify relevant validation commands.
+6. Report whether the change is safe to ship.
+
+## Verdicts
+
+- GO: no blocking findings and validation passed.
+- BLOCKED: secret exposure, compromised tests, failing validation, or missing required artifact.
+- RISK ACCEPTANCE NEEDED: non-blocking risk that user must explicitly accept.
+
+## Output
+
+Return:
+
+1. Verdict.
+2. Changed files summary.
+3. Commands run and outcomes.
+4. Blocking findings.
+5. Non-blocking risks.
+6. Suggested commit message if GO.

package/agents/spec-reviewer.md

@@ -0,0 +1,41 @@
+---
+name: spec-reviewer
+description: Requirements quality gate that validates specs before planning or implementation.
+tools: read, grep, find, ls
+thinking: low
+---
+
+You validate specs. You never edit files.
+
+## Criteria
+
+All must pass:
+
+- Goal names the user and problem.
+- At least two user stories use "As a / I want / so that".
+- At least three acceptance criteria are independently testable.
+- Out-of-scope section has at least one explicit exclusion.
+- Failure modes are listed with expected behavior.
+- Open questions are resolved or clearly marked as blockers.
+- Status is ready for planning if no blockers remain.
+
+## Output
+
+Return:
+
+```text
+SPEC REVIEW VERDICT
+File: {path}
+
+Goal clarity: PASS|FAIL - {gap}
+User stories: PASS|FAIL - {gap}
+Acceptance: PASS|FAIL - {gap}
+Out of scope: PASS|FAIL - {gap}
+Failure modes: PASS|FAIL - {gap}
+Open questions: PASS|FAIL - {gap}
+Status: PASS|FAIL - {gap}
+
+VERDICT: APPROVED | NEEDS_CLARIFY | INCOMPLETE
+```
+
+Keep it under 300 words.

package/agents/teams.yaml

@@ -0,0 +1,73 @@
+full:
+  - scout
+  - planner
+  - builder
+  - reviewer
+  - documenter
+  - red-team
+
+plan-build:
+  - planner
+  - plan-reviewer
+  - builder
+  - reviewer
+
+research:
+  - scout
+  - directory-lister
+  - glob-matcher
+  - code-searcher
+  - librarian
+  - documenter
+  - red-team
+
+deep-research:
+  - directory-lister
+  - glob-matcher
+  - code-searcher
+  - librarian
+  - thinker
+  - plan-reviewer
+
+validation:
+  - tester
+  - basher
+  - reviewer
+
+guard:
+  - security-auditor
+  - rule-verifier
+  - ship-guard
+  - spec-reviewer
+
+spec-gate:
+  - problem-architect
+  - spec-reviewer
+  - plan-reviewer
+
+evolve:
+  - loop-controller
+  - problem-architect
+  - plan-reviewer
+
+frontend:
+  - scout
+  - frontend
+  - reviewer
+
+backend:
+  - scout
+  - backend
+  - reviewer
+
+pi-pi:
+  - pi-orchestrator
+  - ext-expert
+  - skill-expert
+  - prompt-expert
+  - agent-expert
+  - config-expert
+  - theme-expert
+  - tui-expert
+  - cli-expert
+  - keybinding-expert

package/agents/tester.md

@@ -0,0 +1,27 @@
+---
+name: tester
+description: Validation agent that selects and runs targeted tests, typechecks, builds, and reports exact command output without editing files.
+tools: read, bash, grep, find, ls
+thinking: low
+---
+
+You are a validation specialist for a Pi coding workflow.
+
+Run the smallest useful verification commands for the supplied task or diff. Do not edit files. Return exact commands, outcomes, and failure diagnostics.
+
+## Operating Rules
+
+- Prefer targeted tests before full-suite runs.
+- Use project scripts when they exist.
+- Include the exact command and the important output lines.
+- If validation cannot run, explain the blocker and the best next command.
+- Do not hide failures or convert them into generic summaries.
+
+## Output
+
+Return:
+
+1. Commands run.
+2. Pass/fail outcome for each command.
+3. Important output or error lines.
+4. Suggested next validation if risk remains.

package/agents/thinker.md

@@ -0,0 +1,26 @@
+---
+name: thinker
+description: Tool-free reasoning agent for hard design, debugging, or architecture choices after evidence has been gathered.
+tools:
+thinking: high
+---
+
+You are a tool-free reasoning agent for a Pi coding workflow.
+
+Use only the context already provided by the parent agent. Do not ask to inspect files. Do not invent facts. Your job is to evaluate tradeoffs, hidden assumptions, failure modes, and a concrete path forward.
+
+## Rules
+
+- Separate evidence from inference.
+- Prefer the smallest coherent solution.
+- Surface contradictions and missing proof.
+- Keep the final answer concise and actionable.
+
+## Output
+
+Return:
+
+1. Core diagnosis or decision.
+2. Assumptions that must hold.
+3. Recommended implementation path.
+4. Risks and validation needed.

package/agents/worker.md

@@ -0,0 +1,27 @@
+---
+name: worker
+description: Full-plan executor for multi-step implementation plans spanning several files or modules.
+tools: read, edit, write, bash, grep, find, ls
+thinking: medium
+---
+
+You are a worker agent for a Pi coding workflow.
+
+Execute an approved implementation plan step by step. Use the existing codebase patterns, keep edits scoped, and validate the result with targeted commands.
+
+## Operating Rules
+
+- Start by reading the files named in the plan.
+- Implement one coherent step at a time.
+- Keep unrelated refactors out of scope.
+- Preserve user changes you did not make.
+- Run targeted validation after implementation when possible.
+
+## Output
+
+Return:
+
+1. Plan steps completed.
+2. Files changed.
+3. Validation commands and outcomes.
+4. Any incomplete items or risks.

package/damage-control-rules.yaml

@@ -0,0 +1,277 @@
+bashToolPatterns:
+  - pattern: '\brm\s+(-[^\s]*)*-[rRf]'
+    reason: rm with recursive or force flags
+  - pattern: '\brm\s+-[rRf]'
+    reason: rm with recursive or force flags
+  - pattern: '\brm\s+--recursive'
+    reason: rm with --recursive flag
+  - pattern: '\brm\s+--force'
+    reason: rm with --force flag
+  - pattern: '\bsudo\s+rm\b'
+    reason: sudo rm
+  - pattern: '\brmdir\s+--ignore-fail-on-non-empty'
+    reason: rmdir ignore-fail
+  - pattern: '\bchmod\s+(-[^\s]+\s+)*777\b'
+    reason: chmod 777 (world writable)
+  - pattern: '\bchmod\s+-[Rr].*777'
+    reason: recursive chmod 777
+  - pattern: '\bchown\s+-[Rr].*\broot\b'
+    reason: recursive chown to root
+  - pattern: '\bgit\s+reset\s+--hard\b'
+    reason: git reset --hard (use --soft or stash)
+  - pattern: '\bgit\s+clean\s+(-[^\s]*)*-[fd]'
+    reason: git clean with force/directory flags
+  - pattern: '\bgit\s+push\s+.*--force(?!-with-lease)'
+    reason: git push --force (use --force-with-lease)
+  - pattern: '\bgit\s+push\s+(-[^\s]*)*-f\b'
+    reason: git push -f (use --force-with-lease)
+  - pattern: '\bgit\s+stash\s+clear\b'
+    reason: git stash clear (deletes ALL stashes)
+  - pattern: '\bgit\s+reflog\s+expire\b'
+    reason: git reflog expire (destroys recovery mechanism)
+  - pattern: '\bgit\s+gc\s+.*--prune=now'
+    reason: git gc --prune=now (can lose dangling commits)
+  - pattern: '\bgit\s+filter-branch\b'
+    reason: git filter-branch (rewrites entire history)
+  - pattern: '\bgit\s+checkout\s+--\s*\.'
+    reason: Discards all uncommitted changes
+    ask: true
+  - pattern: '\bgit\s+restore\s+\.'
+    reason: Discards all uncommitted changes
+    ask: true
+  - pattern: '\bgit\s+stash\s+drop\b'
+    reason: Permanently deletes a stash
+    ask: true
+  - pattern: '\bgit\s+branch\s+(-[^\s]*)*-D'
+    reason: Force deletes branch (even if unmerged)
+    ask: true
+  - pattern: '\bgit\s+push\s+\S+\s+--delete\b'
+    reason: Deletes remote branch
+    ask: true
+  - pattern: '\bgit\s+push\s+\S+\s+:\S+'
+    reason: Deletes remote branch (old syntax)
+    ask: true
+  - pattern: '\bmkfs\.'
+    reason: filesystem format command
+  - pattern: '\bdd\s+.*of=/dev/'
+    reason: dd writing to device
+  - pattern: '\bkill\s+-9\s+-1\b'
+    reason: kill all processes
+  - pattern: '\bkillall\s+-9\b'
+    reason: killall -9
+  - pattern: '\bpkill\s+-9\b'
+    reason: pkill -9
+  - pattern: '\bhistory\s+-c\b'
+    reason: clearing shell history
+  - pattern: '\baws\s+s3\s+rm\s+.*--recursive'
+    reason: aws s3 rm --recursive (deletes all objects)
+  - pattern: '\baws\s+s3\s+rb\s+.*--force'
+    reason: aws s3 rb --force (force removes bucket)
+  - pattern: '\baws\s+ec2\s+terminate-instances\b'
+    reason: aws ec2 terminate-instances
+  - pattern: '\baws\s+rds\s+delete-db-instance\b'
+    reason: aws rds delete-db-instance
+  - pattern: '\baws\s+cloudformation\s+delete-stack\b'
+    reason: aws cloudformation delete-stack (deletes infrastructure)
+  - pattern: '\baws\s+dynamodb\s+delete-table\b'
+    reason: aws dynamodb delete-table
+  - pattern: '\baws\s+eks\s+delete-cluster\b'
+    reason: aws eks delete-cluster
+  - pattern: '\baws\s+lambda\s+delete-function\b'
+    reason: aws lambda delete-function
+  - pattern: '\baws\s+iam\s+delete-role\b'
+    reason: aws iam delete-role
+  - pattern: '\baws\s+iam\s+delete-user\b'
+    reason: aws iam delete-user
+  - pattern: '\bgcloud\s+projects\s+delete\b'
+    reason: gcloud projects delete (DELETES ENTIRE PROJECT)
+  - pattern: '\bgcloud\s+compute\s+instances\s+delete\b'
+    reason: gcloud compute instances delete
+  - pattern: '\bgcloud\s+sql\s+instances\s+delete\b'
+    reason: gcloud sql instances delete
+  - pattern: '\bgcloud\s+container\s+clusters\s+delete\b'
+    reason: gcloud container clusters delete (GKE)
+  - pattern: '\bgcloud\s+storage\s+rm\s+.*-r'
+    reason: gcloud storage rm -r (recursive delete)
+  - pattern: '\bgcloud\s+functions\s+delete\b'
+    reason: gcloud functions delete
+  - pattern: '\bgcloud\s+iam\s+service-accounts\s+delete\b'
+    reason: gcloud iam service-accounts delete
+  - pattern: '\bgcloud\s+run\s+services\s+delete\b'
+    reason: gcloud run services delete (deletes Cloud Run service)
+  - pattern: '\bgcloud\s+run\s+jobs\s+delete\b'
+    reason: gcloud run jobs delete (deletes Cloud Run job)
+  - pattern: '\bgcloud\s+services\s+disable\b'
+    reason: gcloud services disable (disables GCP APIs)
+  - pattern: '\bgcloud\s+iam\s+roles\s+delete\b'
+    reason: gcloud iam roles delete (deletes IAM role)
+  - pattern: '\bgcloud\s+iam\s+policies\b'
+    reason: gcloud iam policies (modifies IAM policies)
+    ask: true
+  - pattern: '\bfirebase\s+projects:delete\b'
+    reason: firebase projects:delete (deletes entire project)
+  - pattern: '\bfirebase\s+firestore:delete\s+.*--all-collections'
+    reason: firebase firestore:delete --all-collections (wipes all data)
+  - pattern: '\bfirebase\s+database:remove\b'
+    reason: firebase database:remove (wipes Realtime DB)
+  - pattern: '\bfirebase\s+hosting:disable\b'
+    reason: firebase hosting:disable
+  - pattern: '\bfirebase\s+functions:delete\b'
+    reason: firebase functions:delete
+  - pattern: '\bvercel\s+remove\s+.*--yes'
+    reason: vercel remove --yes (removes deployment)
+  - pattern: '\bvercel\s+projects\s+rm\b'
+    reason: vercel projects rm (deletes project)
+  - pattern: '\bvercel\s+env\s+rm\b'
+    reason: vercel env rm (removes env variables)
+  - pattern: '\bvercel\s+rm\b'
+    reason: vercel rm (removes deployment)
+  - pattern: '\bvercel\s+remove\b'
+    reason: vercel remove (removes deployment)
+  - pattern: '\bvercel\s+domains\s+rm\b'
+    reason: vercel domains rm (removes custom domain)
+  - pattern: '\bnetlify\s+sites:delete\b'
+    reason: netlify sites:delete (deletes entire site)
+  - pattern: '\bnetlify\s+functions:delete\b'
+    reason: netlify functions:delete
+  - pattern: '\bwrangler\s+delete\b'
+    reason: wrangler delete (deletes Worker)
+  - pattern: '\bwrangler\s+r2\s+bucket\s+delete\b'
+    reason: wrangler r2 bucket delete
+  - pattern: '\bwrangler\s+kv:namespace\s+delete\b'
+    reason: wrangler kv:namespace delete
+  - pattern: '\bwrangler\s+d1\s+delete\b'
+    reason: wrangler d1 delete (deletes database)
+  - pattern: '\bwrangler\s+queues\s+delete\b'
+    reason: wrangler queues delete
+  - pattern: 'DELETE\s+FROM\s+\w+\s*;'
+    reason: DELETE without WHERE clause (will delete ALL rows)
+  - pattern: 'DELETE\s+\*\s+FROM'
+    reason: DELETE * (will delete ALL rows)
+  - pattern: '\bTRUNCATE\s+TABLE\b'
+    reason: TRUNCATE TABLE (will delete ALL rows)
+  - pattern: '\bDROP\s+TABLE\b'
+    reason: DROP TABLE
+  - pattern: '\bDROP\s+DATABASE\b'
+    reason: DROP DATABASE
+  - pattern: '\bDROP\s+SCHEMA\b'
+    reason: DROP SCHEMA
+  - pattern: '\bDELETE\s+FROM\s+\w+\s+WHERE\b.*\bid\s*='
+    reason: SQL DELETE with specific ID
+    ask: true
+
+zeroAccessPaths:
+  - ".env"
+  - ".env.local"
+  - ".env.development"
+  - ".env.production"
+  - ".env.staging"
+  - ".env.test"
+  - ".env.*.local"
+  - "*.env"
+  - "~/.ssh/"
+  - "~/.gnupg/"
+  - "~/.aws/"
+  - "~/.config/gcloud/"
+  - "*-credentials.json"
+  - "*serviceAccount*.json"
+  - "*service-account*.json"
+  - "~/.azure/"
+  - "~/.kube/"
+  - "kubeconfig"
+  - "*-secret.yaml"
+  - "secrets.yaml"
+  - "~/.docker/"
+  - "*.pem"
+  - "*.key"
+  - "*.p12"
+  - "*.pfx"
+  - "*.tfstate"
+  - "*.tfstate.backup"
+  - ".terraform/"
+  - ".vercel/"
+  - ".netlify/"
+  - "firebase-adminsdk*.json"
+  - "serviceAccountKey.json"
+  - ".supabase/"
+  - "~/.netrc"
+  - "~/.npmrc"
+  - "~/.pypirc"
+  - "~/.git-credentials"
+  - ".git-credentials"
+  - "dump.sql"
+  - "backup.sql"
+  - "*.dump"
+
+readOnlyPaths:
+  - /etc/
+  - /usr/
+  - /bin/
+  - /sbin/
+  - /boot/
+  - /root/
+  - ~/.bash_history
+  - ~/.zsh_history
+  - ~/.node_repl_history
+  - ~/.bashrc
+  - ~/.zshrc
+  - ~/.profile
+  - ~/.bash_profile
+  - "package-lock.json"
+  - "yarn.lock"
+  - "pnpm-lock.yaml"
+  - "Gemfile.lock"
+  - "poetry.lock"
+  - "Pipfile.lock"
+  - "composer.lock"
+  - "Cargo.lock"
+  - "go.sum"
+  - "flake.lock"
+  - "bun.lockb"
+  - "uv.lock"
+  - "npm-shrinkwrap.json"
+  - "*.lock"
+  - "*.lockb"
+  - "*.min.js"
+  - "*.min.css"
+  - "*.bundle.js"
+  - "*.chunk.js"
+  - dist/
+  - build/
+  - .next/
+  - .nuxt/
+  - .output/
+  - __pycache__/
+  - .venv/
+  - venv/
+  - target/
+
+noDeletePaths:
+  - CLAUDE.md
+  - "LICENSE"
+  - "LICENSE.*"
+  - "COPYING"
+  - "COPYING.*"
+  - "NOTICE"
+  - "PATENTS"
+  - "README.md"
+  - "README.*"
+  - "CONTRIBUTING.md"
+  - "CHANGELOG.md"
+  - "CODE_OF_CONDUCT.md"
+  - "SECURITY.md"
+  - .git/
+  - .gitignore
+  - .gitattributes
+  - .gitmodules
+  - .github/
+  - .gitlab-ci.yml
+  - .circleci/
+  - Jenkinsfile
+  - .travis.yml
+  - azure-pipelines.yml
+  - Dockerfile
+  - "Dockerfile.*"
+  - docker-compose.yml
+  - "docker-compose.*.yml"
+  - .dockerignore