@pellux/goodvibes-agent 0.1.25 → 0.1.27

package/CHANGELOG.md

@@ -2,6 +2,15 @@
 
 All notable changes to GoodVibes Agent will be recorded here.
 
+## 0.1.27 - 2026-05-31
+
+- b5be172 Add capabilities CLI handler
+- cafe1fb Add Agent capability benchmark surface
+
+## 0.1.26 - 2026-05-31
+
+- dfb6147 Harden Agent read tool policy
+
 ## 0.1.25 - 2026-05-31
 
 - cba5f6d Harden Agent find tool policy

package/README.md

@@ -15,6 +15,7 @@ Install the public alpha package with Bun:
 bun add -g @pellux/goodvibes-agent
 goodvibes-agent --help
 goodvibes-agent status
+goodvibes-agent capabilities
 ```
 
 If Bun reports untrusted lifecycle dependencies, trust only the package and dependencies required by this package:
@@ -43,6 +44,8 @@ bun run publish:check
 
 Inside the Agent TUI, use `/agent`, `/home`, or `/operator` to open the operator workspace. It is the Agent-first fullscreen surface for setup, status, knowledge, local memory/skills, work-plan/approval review, automation observability, and explicit build delegation to GoodVibes TUI.
 
+Use `goodvibes-agent capabilities` or `/capabilities` to inspect the OpenClaw/Hermes benchmark, current Agent posture, configuration commands, usage paths, and remaining gaps.
+
 Local Agent behavior is editable from the TUI:
 
 ```text
@@ -81,6 +84,7 @@ GoodVibes TUI owns coding execution: file edits, git/worktree workflows, coding
 Package-facing docs are intentionally narrow during the near-fork baseline:
 
 - [Getting Started](docs/getting-started.md)
+- [Operator Capability Benchmark](docs/operator-capability-benchmark.md)
 - [Deployment And Services](docs/deployment-and-services.md)
 - [Release And Publishing](docs/release-and-publishing.md)
 

package/docs/README.md

@@ -7,6 +7,7 @@ GoodVibes Agent is a near-fork of the GoodVibes terminal foundation with a diffe
 Current package docs:
 
 - [Getting Started](getting-started.md)
+- [Operator Capability Benchmark](operator-capability-benchmark.md)
 - [Deployment And Services](deployment-and-services.md)
 - [Release And Publishing](release-and-publishing.md)
 
@@ -18,6 +19,7 @@ Important baseline constraints:
 - Agent connects to an externally managed daemon.
 - Agent does not start, stop, restart, install, uninstall, or own daemon/listener/web/service lifecycle.
 - Agent Knowledge/Wiki uses only `/api/goodvibes-agent/knowledge/*`; there is no default Knowledge/Wiki, HomeGraph, or Home Assistant fallback.
+- Agent exposes `goodvibes-agent capabilities` and `/capabilities` to compare OpenClaw/Hermes capability targets against current Agent readiness and configuration paths.
 - Local personas, routines, and Agent skills are stored under the Agent surface root and are injected only into the serial Agent conversation.
 - Normal assistant chat is not coding-session delegation.
 - Build/fix/review delegation to GoodVibes TUI must be explicit; WRFC is not the default Agent behavior.

package/docs/operator-capability-benchmark.md

@@ -0,0 +1,75 @@
+# Operator Capability Benchmark
+
+GoodVibes Agent is built to compete directly with OpenClaw and Hermes Agent in the personal-operator assistant space, while keeping the GoodVibes product boundary explicit:
+
+- Agent uses the GoodVibes TUI shell, renderer, input, fullscreen workspace, command registry, and release bones.
+- Agent connects to an externally managed GoodVibes daemon.
+- Agent Knowledge/Wiki uses only `/api/goodvibes-agent/knowledge/*`.
+- Agent never falls back to default Knowledge/Wiki, HomeGraph, or Home Assistant routes.
+- Agent keeps ordinary work serial in the main conversation.
+- Agent delegates explicit build/fix/review work to GoodVibes TUI; WRFC is never default.
+
+Use the live benchmark from the package:
+
+```sh
+goodvibes-agent capabilities
+goodvibes-agent capabilities --json
+goodvibes-agent capabilities hermes
+```
+
+Inside the TUI:
+
+```text
+/capabilities
+/capabilities openclaw
+/capabilities knowledge
+```
+
+## Research Baseline
+
+Primary sources used for the benchmark:
+
+- OpenClaw README: https://github.com/openclaw/openclaw/blob/main/README.md
+- OpenClaw FAQ: https://docs.openclaw.ai/help/faq
+- OpenClaw Memory: https://docs.openclaw.ai/concepts/memory
+- Hermes README: https://github.com/NousResearch/hermes-agent
+- Hermes Tools: https://hermes-agent.nousresearch.com/docs/user-guide/features/tools/
+- Hermes Cron: https://hermes-agent.nousresearch.com/docs/user-guide/features/cron/
+- Hermes Profiles: https://hermes-agent.nousresearch.com/docs/user-guide/profiles/
+
+## Capability Targets
+
+| Area | OpenClaw/Hermes Baseline | GoodVibes Agent Position |
+| --- | --- | --- |
+| Terminal operator UI | Interactive CLI/TUI, commands, sessions | Near-fork GoodVibes TUI compositor/input/fullscreen foundation |
+| Always-on gateway | Gateway/service owns channels, sessions, tools, events | External GoodVibes daemon, never Agent-owned lifecycle |
+| Channels | WhatsApp, Telegram, Slack, Discord, Signal, iMessage, web chat | GoodVibes daemon channel and companion surfaces with Agent-side policy |
+| Knowledge/memory | Durable memory, semantic search, wiki/claim layers | Isolated Agent Knowledge routes plus local memory/skills/personas/routines |
+| Skills/procedural memory | Skills directories, registries, skill lifecycle | Local Agent skills with review/stale/source/provenance fields |
+| Scheduling | Natural-language cron, run/pause/resume/edit/remove, delivery | Guarded automation/schedule routes plus local routines; hidden model scheduling blocked |
+| Tools/MCP | Broad toolsets, MCP, browser, media, terminal, files | GoodVibes SDK tools with Agent policy guards and MCP/provider integrations |
+| Voice/media/canvas/nodes | Voice, TTS, mobile nodes, live canvas, browser automation | GoodVibes media/voice/browser primitives copied in; Agent-first setup still being wired |
+| Build/code work | Direct terminal/file/code tools and subagents | Explicit delegation to GoodVibes TUI; local WRFC/spawn fanout blocked |
+| Profiles | Independent profiles with own config/memory/skills/gateway | Agent surface root, homes, bundles, sessions; named profiles are next |
+| Security | DM pairing, approvals, sandboxing, allowlists | Daemon approvals, auth diagnostics, secret refs, confirmation gates, model-tool policy |
+
+## Exceed Targets
+
+GoodVibes Agent should exceed OpenClaw/Hermes by making these properties true from day one:
+
+- Capability surfaces are discoverable through `goodvibes-agent capabilities`, `/capabilities`, onboarding, and the operator workspace.
+- Agent Knowledge isolation is a release gate, not a convention.
+- Model-visible tools are policy-gated for serial, non-secret, non-destructive use.
+- Personal assistant state is Agent-local unless an explicit Agent Knowledge ingest route is used.
+- Build work is delegated to the product that owns coding execution instead of turning the personal operator into a second coding TUI.
+- Release gates prove package installability, Bun/TypeScript-only source, external-daemon posture, no authored JavaScript, no explicit `any`, and no forbidden default wiki/HomeGraph package-facing docs.
+
+## Current Gaps To Close
+
+- Agent-first channel onboarding workspace for pairing, account visibility, delivery defaults, and channel safety.
+- Richer Agent Knowledge ingest/review workspace for URLs, bookmarks, artifacts, issue queues, and consolidation.
+- Named Agent profiles with isolated local registries and command aliases.
+- Voice/media/browser/node setup workspaces.
+- Delegation receipts and artifact review inside the operator workspace.
+- Approval center with route risk labels and saved policy presets.
+- Intent-gated tool exposure so the model sees fewer irrelevant tools per turn while retaining broad capability coverage.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pellux/goodvibes-agent",
-  "version": "0.1.25",
+  "version": "0.1.27",
   "private": false,
   "description": "Near-fork GoodVibes operator assistant with the GoodVibes TUI shell, renderer, input, fullscreen workspace, and daemon-connected Agent product brain.",
   "type": "module",
@@ -33,6 +33,7 @@
     "CHANGELOG.md",
     "docs/README.md",
     "docs/getting-started.md",
+    "docs/operator-capability-benchmark.md",
     "docs/deployment-and-services.md",
     "docs/release-and-publishing.md"
   ],

package/src/cli/capabilities-command.ts

@@ -0,0 +1,28 @@
+import type { CliCommandOutput } from './types.ts';
+import type { CliCommandRuntime } from './management.ts';
+import {
+  buildOperatorCapabilityBenchmarkReport,
+  filterOperatorCapabilities,
+  renderOperatorCapabilityBenchmark,
+} from '../operator/capability-benchmark.ts';
+
+function readCapabilityQuery(args: readonly string[]): string | undefined {
+  const values = args.filter((arg) => !arg.startsWith('--'));
+  return values.length > 0 ? values.join(' ') : undefined;
+}
+
+export async function handleCapabilitiesCommand(runtime: CliCommandRuntime): Promise<CliCommandOutput> {
+  const query = readCapabilityQuery(runtime.cli.commandArgs);
+  const report = buildOperatorCapabilityBenchmarkReport();
+  const capabilities = filterOperatorCapabilities(report.capabilities, query);
+  if (runtime.cli.flags.outputFormat === 'json') {
+    return {
+      output: JSON.stringify({ ...report, capabilities }, null, 2),
+      exitCode: 0,
+    };
+  }
+  return {
+    output: renderOperatorCapabilityBenchmark(capabilities),
+    exitCode: 0,
+  };
+}

package/src/cli/help.ts

@@ -40,6 +40,7 @@ export function renderGoodVibesHelp(binary = 'goodvibes-agent'): string {
     '  providers                  List/inspect/use provider config/auth posture',
     '  auth                       Inspect and manage local users, sessions, and bootstrap auth',
     '  compat                     Inspect Agent SDK pin, daemon version, and Agent knowledge route readiness',
+    '  capabilities               Show OpenClaw/Hermes capability parity and Agent readiness',
     '  knowledge                  Use isolated Agent Knowledge/Wiki routes',
     '  ask|search                 Shortcuts for isolated Agent Knowledge ask/search',
     '  delegate                   Explicitly delegate build/fix/review work to GoodVibes TUI',
@@ -94,6 +95,7 @@ export function renderGoodVibesHelp(binary = 'goodvibes-agent'): string {
     `  ${binary} models use openai:gpt-5.2`,
     `  ${binary} providers inspect openai`,
     `  ${binary} compat`,
+    `  ${binary} capabilities`,
     `  ${binary} knowledge status`,
     `  ${binary} knowledge ask "What is GoodVibes Agent?"`,
     `  ${binary} ask "What is GoodVibes Agent?"`,
@@ -162,6 +164,11 @@ const COMMAND_HELP: Record<string, CommandHelp> = {
     summary: 'Inspect package SDK pin, live daemon version, and Agent-specific knowledge route readiness.',
     examples: ['compat', 'compat --json'],
   },
+  capabilities: {
+    usage: ['capabilities [openclaw|hermes|query]', 'capabilities --json'],
+    summary: 'Show the OpenClaw/Hermes capability benchmark, Agent readiness, configuration commands, usage paths, and next product gaps.',
+    examples: ['capabilities', 'capabilities hermes', 'capabilities knowledge --json'],
+  },
   knowledge: {
     usage: [
       'knowledge status',

package/src/cli/management.ts

@@ -33,6 +33,7 @@ import { handleBundleCommand } from './bundle-command.ts';
 import { buildListenerTestResult, formatListenerTestResult, handleSurfacesCommand } from './surface-command.ts';
 import { buildControlPlaneStatusResult, formatControlPlaneStatus, handleSecrets, handleSessions, handleTasks, renderPairing, renderRemote, renderSubscriptions, renderWeb } from './management-commands.ts';
 import { handleAgentKnowledgeCommand, handleAgentKnowledgeShortcutCommand, handleCompatCommand, handleDelegateCommand } from './agent-knowledge-command.ts';
+import { handleCapabilitiesCommand } from './capabilities-command.ts';
 import { GOODVIBES_AGENT_SURFACE_ROOT } from '../config/surface.ts';
 
 export interface CliCommandRuntime {
@@ -698,6 +699,11 @@ export async function handleGoodVibesCliCommand(runtime: CliCommandRuntime): Pro
         console.log(result.output);
         return { handled: true, exitCode: result.exitCode };
       }
+      case 'capabilities': {
+        const result = await handleCapabilitiesCommand(runtime);
+        console.log(result.output);
+        return { handled: true, exitCode: result.exitCode };
+      }
       case 'knowledge': {
         const result = await handleAgentKnowledgeCommand(runtime);
         console.log(result.output);

package/src/cli/package-verification.ts

@@ -41,6 +41,7 @@ const REQUIRED_TARBALL_PATHS = [
   '.goodvibes/GOODVIBES.md',
   'docs/README.md',
   'docs/getting-started.md',
+  'docs/operator-capability-benchmark.md',
   'docs/deployment-and-services.md',
   'docs/release-and-publishing.md',
 ] as const;

package/src/cli/parser.ts

@@ -28,6 +28,10 @@ const COMMAND_ALIASES: Readonly<Record<string, GoodVibesCliCommand>> = {
   auth: 'auth',
   compat: 'compat',
   compatibility: 'compat',
+  capabilities: 'capabilities',
+  capability: 'capabilities',
+  caps: 'capabilities',
+  benchmark: 'capabilities',
   knowledge: 'knowledge',
   know: 'knowledge',
   kb: 'knowledge',

package/src/cli/types.ts

@@ -11,6 +11,7 @@ export type GoodVibesCliCommand =
   | 'providers'
   | 'auth'
   | 'compat'
+  | 'capabilities'
   | 'knowledge'
   | 'ask'
   | 'search'

package/src/input/commands/capabilities-runtime.ts

@@ -0,0 +1,20 @@
+import type { CommandRegistry } from '../command-registry.ts';
+import {
+  filterOperatorCapabilities,
+  renderOperatorCapabilityBenchmark,
+  OPERATOR_CAPABILITY_BENCHMARKS,
+} from '../../operator/capability-benchmark.ts';
+
+export function registerCapabilitiesRuntimeCommands(registry: CommandRegistry): void {
+  registry.register({
+    name: 'capabilities',
+    aliases: ['caps', 'benchmark'],
+    description: 'Show the OpenClaw/Hermes capability benchmark and Agent readiness',
+    usage: '[openclaw|hermes|query]',
+    handler(args, ctx) {
+      const query = args.join(' ').trim() || undefined;
+      const capabilities = filterOperatorCapabilities(OPERATOR_CAPABILITY_BENCHMARKS, query);
+      ctx.print(renderOperatorCapabilityBenchmark(capabilities));
+    },
+  });
+}

package/src/input/commands.ts

@@ -58,6 +58,7 @@ import { registerDelegationRuntimeCommands } from './commands/delegation-runtime
 import { registerPersonasRuntimeCommands } from './commands/personas-runtime.ts';
 import { registerAgentSkillsRuntimeCommands } from './commands/agent-skills-runtime.ts';
 import { registerRoutinesRuntimeCommands } from './commands/routines-runtime.ts';
+import { registerCapabilitiesRuntimeCommands } from './commands/capabilities-runtime.ts';
 
 /**
  * registerBuiltinCommands - Register all built-in slash commands into the registry.
@@ -66,6 +67,7 @@ import { registerRoutinesRuntimeCommands } from './commands/routines-runtime.ts'
 export function registerBuiltinCommands(registry: CommandRegistry): void {
   registerShellCoreCommands(registry);
   registerAgentWorkspaceRuntimeCommands(registry);
+  registerCapabilitiesRuntimeCommands(registry);
   registerPersonasRuntimeCommands(registry);
   registerAgentSkillsRuntimeCommands(registry);
   registerRoutinesRuntimeCommands(registry);

package/src/operator/capability-benchmark.ts

@@ -0,0 +1,225 @@
+export type CompetitorProduct = 'openclaw' | 'hermes';
+
+export type CapabilityPosture =
+  | 'ready'
+  | 'configurable'
+  | 'external-daemon'
+  | 'explicit-delegation'
+  | 'guarded'
+  | 'in-progress';
+
+export interface OperatorCapabilityBenchmark {
+  readonly id: string;
+  readonly title: string;
+  readonly posture: CapabilityPosture;
+  readonly competitors: readonly CompetitorProduct[];
+  readonly competitorBaseline: string;
+  readonly goodvibesAgent: string;
+  readonly configure: readonly string[];
+  readonly use: readonly string[];
+  readonly exceedsBy: readonly string[];
+  readonly next: readonly string[];
+}
+
+export interface OperatorCapabilityBenchmarkReport {
+  readonly generatedAt: string;
+  readonly packageName: '@pellux/goodvibes-agent';
+  readonly benchmarkSources: readonly string[];
+  readonly capabilities: readonly OperatorCapabilityBenchmark[];
+}
+
+export const OPERATOR_CAPABILITY_BENCHMARK_SOURCES = [
+  'https://github.com/openclaw/openclaw/blob/main/README.md',
+  'https://docs.openclaw.ai/help/faq',
+  'https://docs.openclaw.ai/concepts/memory',
+  'https://github.com/NousResearch/hermes-agent',
+  'https://hermes-agent.nousresearch.com/docs/user-guide/features/tools/',
+  'https://hermes-agent.nousresearch.com/docs/user-guide/features/cron/',
+  'https://hermes-agent.nousresearch.com/docs/user-guide/profiles/',
+] as const;
+
+export const OPERATOR_CAPABILITY_BENCHMARKS: readonly OperatorCapabilityBenchmark[] = [
+  {
+    id: 'terminal-operator-ui',
+    title: 'Terminal Operator UI',
+    posture: 'ready',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Interactive CLI/TUI entry point with command discovery and persistent sessions.',
+    goodvibesAgent: 'Near-fork GoodVibes TUI shell, renderer, compositor, input, fullscreen workspace, history, command registry, and release gates.',
+    configure: ['goodvibes-agent onboarding', 'goodvibes-agent status', 'goodvibes-agent --no-alt-screen'],
+    use: ['goodvibes-agent', '/agent', '/help'],
+    exceedsBy: ['Diff-rendered GoodVibes compositor foundation', 'fullscreen operator workspace', 'strict TypeScript/Bun release gates'],
+    next: ['Continue porting more GoodVibes TUI modal/workspace affordances into Agent-first setup flows.'],
+  },
+  {
+    id: 'external-gateway',
+    title: 'Always-On Gateway / Daemon',
+    posture: 'external-daemon',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Always-on gateway/service provides channel ingress, sessions, tools, events, and scheduled execution.',
+    goodvibesAgent: 'Connects to the GoodVibes daemon owned by GoodVibes TUI/daemon tooling; Agent never starts, stops, or owns daemon lifecycle.',
+    configure: ['goodvibes-agent compat', 'goodvibes-agent service check', 'goodvibes-agent control-plane status'],
+    use: ['goodvibes-agent status', 'goodvibes-agent doctor'],
+    exceedsBy: ['Typed SDK/operator contracts', 'explicit external-daemon boundary', 'no hidden lifecycle mutation from Agent'],
+    next: ['Improve daemon route readiness dashboard and setup diagnostics for first-run users.'],
+  },
+  {
+    id: 'multi-channel',
+    title: 'Channels And Companion Surfaces',
+    posture: 'configurable',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Messaging gateway for WhatsApp, Telegram, Slack, Discord, Signal, iMessage, web chat, and related platforms.',
+    goodvibesAgent: 'Uses GoodVibes daemon channel, companion, pairing, QR, and session surfaces while keeping side effects behind explicit user action.',
+    configure: ['goodvibes-agent pair', 'goodvibes-agent qrcode', 'goodvibes-agent surfaces check'],
+    use: ['/channels', '/communication', '/pair'],
+    exceedsBy: ['Agent-owned safety policy over shared channel routes', 'read-only inspection by default', 'explicit approval path for external side effects'],
+    next: ['Add Agent-first channel onboarding workspace that exposes connected accounts, delivery defaults, and pairing state without daemon ownership.'],
+  },
+  {
+    id: 'isolated-knowledge-wiki',
+    title: 'Isolated Agent Knowledge / Wiki',
+    posture: 'ready',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Persistent memory and knowledge/wiki layers with search, recall, provenance, and freshness checks.',
+    goodvibesAgent: 'Uses only /api/goodvibes-agent/knowledge/*; never falls back to default Knowledge/Wiki, HomeGraph, or Home Assistant routes.',
+    configure: ['goodvibes-agent compat', 'goodvibes-agent knowledge status'],
+    use: ['goodvibes-agent ask <question>', 'goodvibes-agent search <query>', '/knowledge ask <question>', '/knowledge ingest-url <url> --yes'],
+    exceedsBy: ['Dedicated product segment for Agent knowledge', 'route-level isolation', 'package gates that reject default wiki/HomeGraph fallback'],
+    next: ['Add richer Agent Knowledge ingestion workflows for artifacts, URLs, bookmarks, and review queues in the fullscreen workspace.'],
+  },
+  {
+    id: 'local-memory-skills-personas',
+    title: 'Local Memory, Skills, Personas, And Routines',
+    posture: 'ready',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Skills/procedural memory, persona files, profile state, durable memory, and recurring workflows.',
+    goodvibesAgent: 'Typed local registries for Agent personas, skills, routines, and local memory; active items are injected into the serial main conversation.',
+    configure: ['/personas create ...', '/agent-skills create ...', '/routines create ...', '/memory add ...'],
+    use: ['/personas use <id>', '/skills local list', '/routines start <id>', '/memory search <query>'],
+    exceedsBy: ['Review/stale lifecycle fields', 'secret-value rejection', 'Agent-local state that does not contaminate wiki or HomeGraph'],
+    next: ['Add CLI parity for local registry lifecycle and a curated starter pack of operator skills/routines.'],
+  },
+  {
+    id: 'automation-schedules',
+    title: 'Automation, Schedules, And Routines',
+    posture: 'guarded',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Cron/scheduler can create, pause, resume, run, remove, and deliver recurring tasks from natural language.',
+    goodvibesAgent: 'Observes public automation/schedule routes and allows only explicitly confirmed side-effecting route calls; hidden model scheduling/spawn paths are blocked.',
+    configure: ['/schedule list', '/routines create ...', 'goodvibes-agent status'],
+    use: ['/schedule list', '/routines start <id>'],
+    exceedsBy: ['No recursive hidden scheduler creation from model tools', 'explicit confirmation for side effects', 'local routines separate from daemon jobs'],
+    next: ['Build Agent-first routine-to-daemon schedule promotion flow with preview, confirmation, delivery target selection, and audit trail.'],
+  },
+  {
+    id: 'tool-gateway-mcp',
+    title: 'Tools, MCP, And Managed Integrations',
+    posture: 'configurable',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Broad toolsets, MCP integration, browser/web/media tools, and configurable platform-specific tool availability.',
+    goodvibesAgent: 'Uses GoodVibes SDK tool registry, MCP inspection, provider tools, web search, media, plugins, and policy-gated model-visible tools.',
+    configure: ['/mcp servers', '/plugin list', 'goodvibes-agent providers', 'goodvibes-agent models'],
+    use: ['/mcp tools', '/provider current', 'goodvibes-agent search <query>'],
+    exceedsBy: ['Model-visible tool policies for read/write/network boundaries', 'typed contract gates', 'per-tool denial messages aligned with Agent product policy'],
+    next: ['Add a task-intent tool picker so only relevant tools are exposed per turn, reducing schema noise while preserving capability breadth.'],
+  },
+  {
+    id: 'voice-media-canvas',
+    title: 'Voice, Media, Canvas, And Nodes',
+    posture: 'in-progress',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Voice/TTS, mobile nodes, live canvas, browser automation, image/video generation, and multimodal analysis.',
+    goodvibesAgent: 'Carries GoodVibes voice/media/browser/node primitives, but Agent-first setup and canvas/workspace UX still needs product wiring.',
+    configure: ['/tts status', '/provider media', '/agent'],
+    use: ['/tts speak <text>', '/image', '/media'],
+    exceedsBy: ['Shared GoodVibes media/provider substrate', 'future fullscreen workspaces can make setup inspectable and reversible'],
+    next: ['Implement Agent setup workspaces for voice, media, browser, and node surfaces with capability tests and non-leaky credential handling.'],
+  },
+  {
+    id: 'explicit-build-delegation',
+    title: 'Build/Fix/Review Delegation',
+    posture: 'explicit-delegation',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Terminal/file/code tools and subagents can execute software tasks directly.',
+    goodvibesAgent: 'Main assistant stays serial. Explicit build/fix/review/code work is delegated to GoodVibes TUI/shared-session contracts; WRFC is opt-in only.',
+    configure: ['goodvibes-agent delegate --help', 'goodvibes-agent compat'],
+    use: ['goodvibes-agent delegate "fix the failing tests"', 'goodvibes-agent delegate --wrfc "implement and review the feature"'],
+    exceedsBy: ['Keeps personal operator brain separate from coding execution', 'delegates one authoritative TUI-owned execution chain', 'blocks local sibling agent fanout'],
+    next: ['Expose delegation receipts and artifacts in the operator workspace, with status recovery and user steering.'],
+  },
+  {
+    id: 'profiles-isolation',
+    title: 'Profiles And Isolated Operator State',
+    posture: 'configurable',
+    competitors: ['hermes'],
+    competitorBaseline: 'Profiles run independent agents with isolated configs, sessions, skills, memory, cron jobs, and gateway state.',
+    goodvibesAgent: 'Uses Agent surface root, explicit home/working-dir flags, local registries, sessions, and bundle export/import; daemon remains shared/external by design.',
+    configure: ['GOODVIBES_AGENT_HOME=<path> goodvibes-agent status', 'goodvibes-agent bundle export goodvibes-agent-bundle.json'],
+    use: ['goodvibes-agent --daemon-home <path> status', 'goodvibes-agent sessions list'],
+    exceedsBy: ['Typed support bundles', 'explicit daemon boundary', 'no accidental cross-product knowledge fallback'],
+    next: ['Add named Agent profiles with command aliases, isolated local registry paths, and profile-aware onboarding.'],
+  },
+  {
+    id: 'security-approvals',
+    title: 'Security, Approvals, And Policy',
+    posture: 'ready',
+    competitors: ['openclaw', 'hermes'],
+    competitorBaseline: 'Command approval, DM pairing, sandboxing, allowlists, and safety defaults for exposed channels.',
+    goodvibesAgent: 'Uses daemon approvals, local auth diagnostics, secret refs, explicit confirmation gates, and Agent model-tool policy guards.',
+    configure: ['goodvibes-agent auth status', 'goodvibes-agent secrets providers', '/approvals list'],
+    use: ['/policy status', '/approvals list', 'goodvibes-agent doctor'],
+    exceedsBy: ['No token printing', 'secret-value rejection in local registries', 'policy tests for hidden spawn/lifecycle/default-knowledge failures'],
+    next: ['Add user-facing approval center in the Agent workspace with route risk labels and saved policy presets.'],
+  },
+] as const;
+
+export function buildOperatorCapabilityBenchmarkReport(now = new Date()): OperatorCapabilityBenchmarkReport {
+  return {
+    generatedAt: now.toISOString(),
+    packageName: '@pellux/goodvibes-agent',
+    benchmarkSources: OPERATOR_CAPABILITY_BENCHMARK_SOURCES,
+    capabilities: OPERATOR_CAPABILITY_BENCHMARKS,
+  };
+}
+
+export function filterOperatorCapabilities(
+  capabilities: readonly OperatorCapabilityBenchmark[],
+  query: string | undefined,
+): readonly OperatorCapabilityBenchmark[] {
+  const normalized = query?.trim().toLowerCase();
+  if (!normalized) return capabilities;
+  return capabilities.filter((capability) => {
+    if (capability.id.includes(normalized)) return true;
+    if (capability.title.toLowerCase().includes(normalized)) return true;
+    if (capability.posture.includes(normalized)) return true;
+    if (capability.competitors.some((competitor) => competitor === normalized)) return true;
+    return capability.goodvibesAgent.toLowerCase().includes(normalized)
+      || capability.competitorBaseline.toLowerCase().includes(normalized);
+  });
+}
+
+export function renderOperatorCapabilityBenchmark(
+  capabilities: readonly OperatorCapabilityBenchmark[] = OPERATOR_CAPABILITY_BENCHMARKS,
+): string {
+  const lines: string[] = [
+    'GoodVibes Agent capability benchmark',
+    '  Goal: match and exceed OpenClaw/Hermes personal-operator capabilities without default wiki/HomeGraph fallback or hidden local agent fanout.',
+    '',
+  ];
+
+  for (const capability of capabilities) {
+    lines.push(`${capability.title} [${capability.posture}]`);
+    lines.push(`  competitors: ${capability.competitors.join(', ')}`);
+    lines.push(`  baseline: ${capability.competitorBaseline}`);
+    lines.push(`  Agent: ${capability.goodvibesAgent}`);
+    lines.push(`  configure: ${capability.configure.join(' | ')}`);
+    lines.push(`  use: ${capability.use.join(' | ')}`);
+    lines.push(`  exceeds: ${capability.exceedsBy.join(' | ')}`);
+    lines.push(`  next: ${capability.next.join(' | ')}`);
+    lines.push('');
+  }
+
+  lines.push('Sources:');
+  for (const source of OPERATOR_CAPABILITY_BENCHMARK_SOURCES) lines.push(`  ${source}`);
+  return lines.join('\n');
+}

package/src/tools/agent-context-policy.ts

@@ -0,0 +1,24 @@
+import type { Tool } from '@pellux/goodvibes-sdk/platform/types';
+
+const CONTEXT_TOOL_DENIAL = [
+  'GoodVibes Agent does not expose copied GoodVibes runtime context through model tools in the main conversation.',
+  'The copied context tool can describe TUI/default runtime assumptions that are not the Agent product boundary.',
+  'Use explicit Agent CLI/slash commands such as status, compat, capabilities, and isolated Agent Knowledge instead.',
+].join(' ');
+
+export function wrapBlockedContextToolForAgentPolicy(tool: Tool): void {
+  tool.definition.description = [
+    'Blocked in GoodVibes Agent main conversation: copied runtime context.',
+    'Use explicit Agent CLI/slash status, compat, capabilities, and Agent Knowledge commands for product-scoped context.',
+    'Default Knowledge/Wiki, HomeGraph, and copied TUI runtime assumptions are not Agent fallbacks.',
+  ].join(' ');
+  tool.definition.sideEffects = [];
+  tool.definition.parameters = {
+    type: 'object',
+    properties: {},
+    additionalProperties: false,
+  };
+  tool.execute = async () => ({ success: false, error: CONTEXT_TOOL_DENIAL });
+}
+
+export const AGENT_CONTEXT_TOOL_DENIAL_MESSAGE = CONTEXT_TOOL_DENIAL;

package/src/tools/agent-read-policy.ts

@@ -0,0 +1,179 @@
+import type { Tool } from '@pellux/goodvibes-sdk/platform/types';
+
+type ReadFileArgs = {
+  readonly path?: unknown;
+  readonly image_mode?: unknown;
+  readonly [key: string]: unknown;
+};
+
+type ReadToolArgs = {
+  readonly files?: unknown;
+  readonly image_mode?: unknown;
+  readonly max_image_size?: unknown;
+  readonly [key: string]: unknown;
+};
+
+const READ_IMAGE_MODES = ['default', 'metadata-only', 'thumbnail-only'] as const;
+const READ_IMAGE_MODE_SET = new Set<string>(READ_IMAGE_MODES);
+const MAX_READ_FILES = 10;
+const MAX_READ_IMAGE_SIZE_BYTES = 5 * 1024 * 1024;
+
+const SECRET_FILE_EXTENSIONS = new Set([
+  '',
+  '.cfg',
+  '.conf',
+  '.env',
+  '.ini',
+  '.json',
+  '.properties',
+  '.toml',
+  '.txt',
+  '.yaml',
+  '.yml',
+]);
+
+const SECRET_EXACT_SEGMENTS = new Set([
+  '.netrc',
+  '.npmrc',
+  '.pypirc',
+  'apikey',
+  'api_key',
+  'credentials',
+  'id_dsa',
+  'id_ecdsa',
+  'id_ed25519',
+  'id_rsa',
+  'password',
+  'passwords',
+  'passwd',
+  'secret',
+  'secrets',
+  'token',
+  'tokens',
+]);
+
+const SECRET_EXACT_FILE_NAMES = new Set([
+  'known_hosts',
+]);
+
+const PRIVATE_KEY_EXTENSIONS = new Set([
+  '.key',
+  '.p12',
+  '.pem',
+  '.pfx',
+]);
+
+const READ_POLICY_DENIAL = [
+  'GoodVibes Agent only exposes bounded, non-secret project reads from the main conversation.',
+  'Hidden paths, secret-looking files, broad batches, unoptimized image extraction, and oversized image reads are disabled here.',
+  'Use explicit Agent CLI/slash commands or GoodVibes TUI delegation when the user intentionally asks for sensitive or deeper local inspection.',
+].join(' ');
+
+export const AGENT_READ_IMAGE_MODES = READ_IMAGE_MODES;
+export const AGENT_MAX_READ_FILES = MAX_READ_FILES;
+export const AGENT_MAX_READ_IMAGE_SIZE_BYTES = MAX_READ_IMAGE_SIZE_BYTES;
+export const AGENT_READ_POLICY_DENIAL_MESSAGE = READ_POLICY_DENIAL;
+
+export function wrapReadToolForAgentPolicy(tool: Tool): void {
+  narrowReadToolDefinitionForAgentPolicy(tool);
+  const originalExecute = tool.execute.bind(tool);
+  tool.execute = async (args) => {
+    const readArgs = args as ReadToolArgs;
+    const denial = validateReadToolInvocationForAgentPolicy(readArgs);
+    if (denial) return { success: false, error: denial };
+    return originalExecute(args);
+  };
+}
+
+export function validateReadToolInvocationForAgentPolicy(args: ReadToolArgs): string | null {
+  if (Array.isArray(args.files) && args.files.length > MAX_READ_FILES) return READ_POLICY_DENIAL;
+  if (args.image_mode === 'unoptimized') return READ_POLICY_DENIAL;
+  if (typeof args.image_mode === 'string' && !READ_IMAGE_MODE_SET.has(args.image_mode)) return READ_POLICY_DENIAL;
+  if (typeof args.max_image_size === 'number' && args.max_image_size > MAX_READ_IMAGE_SIZE_BYTES) {
+    return READ_POLICY_DENIAL;
+  }
+
+  if (!Array.isArray(args.files)) return null;
+  for (const file of args.files) {
+    if (!isRecord(file)) continue;
+    const fileArgs = file as ReadFileArgs;
+    if (fileArgs.image_mode === 'unoptimized') return READ_POLICY_DENIAL;
+    if (typeof fileArgs.image_mode === 'string' && !READ_IMAGE_MODE_SET.has(fileArgs.image_mode)) {
+      return READ_POLICY_DENIAL;
+    }
+    if (typeof fileArgs.path === 'string' && isBlockedReadPath(fileArgs.path)) return READ_POLICY_DENIAL;
+  }
+
+  return null;
+}
+
+export function isBlockedReadPath(path: string): boolean {
+  const segments = path.replaceAll('\\', '/').split('/').filter((segment) => segment.length > 0);
+  for (const segment of segments) {
+    if (segment === '.' || segment === '..') continue;
+    const lower = segment.toLowerCase();
+    if (lower.startsWith('.')) return true;
+    if (SECRET_EXACT_SEGMENTS.has(lower)) return true;
+  }
+
+  const fileName = segments.at(-1)?.toLowerCase() ?? '';
+  if (fileName.length === 0) return false;
+  if (SECRET_EXACT_FILE_NAMES.has(fileName)) return true;
+  const extension = getExtension(fileName);
+  if (PRIVATE_KEY_EXTENSIONS.has(extension)) return true;
+  const stem = extension.length > 0 ? fileName.slice(0, -extension.length) : fileName;
+  return SECRET_EXACT_SEGMENTS.has(stem) && SECRET_FILE_EXTENSIONS.has(extension);
+}
+
+function narrowReadToolDefinitionForAgentPolicy(tool: Tool): void {
+  tool.definition.description = [
+    'Read ordinary project files for GoodVibes Agent with bounded, non-secret, main-conversation policy.',
+    'Hidden paths, secret-looking files, broad batches, unoptimized image extraction, and oversized image reads are disabled.',
+  ].join(' ');
+  tool.definition.sideEffects = ['read_fs'];
+  tool.definition.concurrency = 'serial';
+
+  const properties = tool.definition.parameters.properties;
+  if (!isRecord(properties)) return;
+
+  const files = properties.files;
+  if (isRecord(files)) {
+    files.maxItems = MAX_READ_FILES;
+    files.description = 'Ordinary non-hidden, non-secret-looking project files to read. Sensitive paths require explicit user-directed workflows.';
+    const itemSchema = files.items;
+    if (isRecord(itemSchema)) {
+      const fileProperties = itemSchema.properties;
+      if (isRecord(fileProperties)) {
+        const pathProperty = fileProperties.path;
+        if (isRecord(pathProperty)) {
+          pathProperty.description = 'Relative or absolute path to a non-hidden, non-secret-looking project file.';
+        }
+        narrowImageModeProperty(fileProperties, 'image_mode');
+      }
+    }
+  }
+
+  narrowImageModeProperty(properties, 'image_mode');
+  const maxImageSize = properties.max_image_size;
+  if (isRecord(maxImageSize)) {
+    maxImageSize.maximum = MAX_READ_IMAGE_SIZE_BYTES;
+    maxImageSize.description = 'Maximum image file size in bytes allowed by GoodVibes Agent read policy.';
+  }
+}
+
+function narrowImageModeProperty(properties: Record<string, unknown>, key: string): void {
+  const property = properties[key];
+  if (!isRecord(property)) return;
+  property.enum = [...READ_IMAGE_MODES];
+  property.description = 'Image handling mode allowed by GoodVibes Agent read policy. Full-resolution unoptimized extraction is disabled.';
+}
+
+function getExtension(fileName: string): string {
+  const dotIndex = fileName.lastIndexOf('.');
+  if (dotIndex <= 0) return '';
+  return fileName.slice(dotIndex);
+}
+
+function isRecord(value: unknown): value is Record<string, unknown> {
+  return typeof value === 'object' && value !== null && !Array.isArray(value);
+}

package/src/tools/wrfc-agent-guard.ts

@@ -4,7 +4,11 @@ import {
   wrapAnalyzeToolForAgentPolicy,
   wrapRegistryToolForAgentPolicy,
 } from './agent-analysis-registry-policy.ts';
+import {
+  wrapBlockedContextToolForAgentPolicy,
+} from './agent-context-policy.ts';
 import { wrapFindToolForAgentPolicy } from './agent-find-policy.ts';
+import { wrapReadToolForAgentPolicy } from './agent-read-policy.ts';
 import { wrapWebSearchToolForAgentPolicy } from './agent-web-search-policy.ts';
 
 type AgentToolArgs = {
@@ -198,6 +202,8 @@ export function installAgentToolPolicyGuard(registry: ToolRegistry, options: Age
   for (const tool of registry.list()) {
     if (tool.definition.name === 'exec') {
       wrapExecToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'read') {
+      wrapReadToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'remote') {
       wrapModeRestrictedToolForAgentPolicy(tool, {
         allowedModes: READ_ONLY_REMOTE_TOOL_MODES,
@@ -224,6 +230,8 @@ export function installAgentToolPolicyGuard(registry: ToolRegistry, options: Age
       wrapFetchToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'state') {
       wrapStateToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'goodvibes_context') {
+      wrapBlockedContextToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'goodvibes_settings') {
       wrapBlockedSettingsToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'inspect') {
@@ -548,6 +556,11 @@ export const AGENT_INSPECT_WRITE_DENIAL_MESSAGE = INSPECT_WRITE_DENIAL;
 export const AGENT_DURABLE_WORKFLOW_MUTATION_DENIAL_MESSAGE = DURABLE_WORKFLOW_MUTATION_DENIAL;
 export const AGENT_CONTROL_MUTATION_DENIAL_MESSAGE = CONTROL_MUTATION_DENIAL;
 
+export {
+  AGENT_CONTEXT_TOOL_DENIAL_MESSAGE,
+  wrapBlockedContextToolForAgentPolicy,
+} from './agent-context-policy.ts';
+
 export {
   AGENT_ANALYZE_NETWORK_DENIAL_MESSAGE,
   AGENT_READ_ONLY_ANALYZE_TOOL_MODES,
@@ -559,6 +572,16 @@ export {
   wrapRegistryToolForAgentPolicy,
 } from './agent-analysis-registry-policy.ts';
 
+export {
+  AGENT_MAX_READ_FILES,
+  AGENT_MAX_READ_IMAGE_SIZE_BYTES,
+  AGENT_READ_IMAGE_MODES,
+  AGENT_READ_POLICY_DENIAL_MESSAGE,
+  isBlockedReadPath,
+  validateReadToolInvocationForAgentPolicy,
+  wrapReadToolForAgentPolicy,
+} from './agent-read-policy.ts';
+
 export {
   AGENT_FIND_POLICY_DENIAL_MESSAGE,
   AGENT_READ_ONLY_FIND_OUTPUT_FORMATS,

package/src/version.ts

@@ -6,7 +6,7 @@ import { join } from 'node:path';
 // The prebuild script updates the fallback value before compilation.
 // Uses import.meta.dir (Bun) to locate package.json relative to this file,
 // which is correct regardless of the process working directory.
-let _version = '0.1.25';
+let _version = '0.1.27';
 let _sdkVersion = '0.33.35';
 try {
   const pkg = JSON.parse(readFileSync(join(import.meta.dir, '..', 'package.json'), 'utf-8')) as {