@pellux/goodvibes-agent 1.0.31 → 1.0.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. package/CHANGELOG.md +38 -3
  2. package/README.md +7 -5
  3. package/dist/package/main.js +7346 -2349
  4. package/docs/README.md +2 -2
  5. package/docs/channels-remote-and-api.md +6 -2
  6. package/docs/connected-host.md +26 -5
  7. package/docs/getting-started.md +29 -9
  8. package/docs/knowledge-artifacts-and-multimodal.md +16 -4
  9. package/docs/project-planning.md +2 -2
  10. package/docs/providers-and-routing.md +3 -2
  11. package/docs/release-and-publishing.md +15 -11
  12. package/docs/tools-and-commands.md +20 -8
  13. package/package.json +8 -3
  14. package/release/live-verification/live-verification.json +148 -0
  15. package/release/live-verification/live-verification.md +187 -0
  16. package/release/performance-snapshot.json +57 -0
  17. package/release/release-notes.md +28 -0
  18. package/release/release-readiness.json +581 -0
  19. package/src/cli/agent-knowledge-command.ts +5 -5
  20. package/src/cli/agent-knowledge-format.ts +11 -0
  21. package/src/cli/agent-knowledge-runtime.ts +92 -13
  22. package/src/cli/bundle-command.ts +5 -4
  23. package/src/cli/entrypoint.ts +5 -2
  24. package/src/cli/external-runtime.ts +2 -15
  25. package/src/cli/management.ts +4 -3
  26. package/src/input/commands/guidance-runtime.ts +1 -1
  27. package/src/input/commands/knowledge.ts +2 -2
  28. package/src/runtime/bootstrap.ts +2 -2
  29. package/src/runtime/connected-host-auth.ts +16 -0
  30. package/src/tools/agent-channel-send-tool.ts +5 -7
  31. package/src/tools/agent-harness-channel-metadata.ts +177 -0
  32. package/src/tools/agent-harness-connected-host-status.ts +1 -1
  33. package/src/tools/agent-harness-delegation-posture.ts +216 -0
  34. package/src/tools/agent-harness-keybinding-metadata.ts +57 -22
  35. package/src/tools/agent-harness-mcp-metadata.ts +246 -0
  36. package/src/tools/agent-harness-media-posture.ts +282 -0
  37. package/src/tools/agent-harness-metadata.ts +21 -4
  38. package/src/tools/agent-harness-model-routing.ts +501 -0
  39. package/src/tools/agent-harness-notification-metadata.ts +217 -0
  40. package/src/tools/agent-harness-operator-methods.ts +285 -0
  41. package/src/tools/agent-harness-pairing-posture.ts +265 -0
  42. package/src/tools/agent-harness-provider-account-metadata.ts +203 -0
  43. package/src/tools/agent-harness-release-evidence.ts +364 -0
  44. package/src/tools/agent-harness-release-readiness.ts +298 -0
  45. package/src/tools/agent-harness-security-posture.ts +646 -0
  46. package/src/tools/agent-harness-service-posture.ts +201 -0
  47. package/src/tools/agent-harness-session-metadata.ts +282 -0
  48. package/src/tools/agent-harness-setup-posture.ts +295 -0
  49. package/src/tools/agent-harness-tool-schema.ts +103 -27
  50. package/src/tools/agent-harness-tool.ts +209 -236
  51. package/src/tools/agent-harness-ui-surface-metadata.ts +1 -1
  52. package/src/tools/agent-harness-workspace-actions.ts +232 -0
  53. package/src/tools/agent-knowledge-ingest-tool.ts +6 -8
  54. package/src/tools/agent-knowledge-tool.ts +122 -23
  55. package/src/tools/agent-local-registry-tool.ts +4 -5
  56. package/src/tools/agent-media-generate-tool.ts +4 -6
  57. package/src/tools/agent-notify-tool.ts +5 -6
  58. package/src/tools/agent-operator-action-tool.ts +6 -8
  59. package/src/tools/agent-operator-briefing-tool.ts +3 -4
  60. package/src/tools/agent-reminder-schedule-tool.ts +6 -7
  61. package/src/tools/agent-tool-policy-guard.ts +8 -17
  62. package/src/tools/agent-work-plan-tool.ts +3 -4
  63. package/src/version.ts +2 -2
@@ -0,0 +1,581 @@
1
+ {
2
+ "schemaVersion": 1,
3
+ "gate": "goodvibes-agent-release-readiness",
4
+ "checkedAt": "2026-06-04",
5
+ "policy": {
6
+ "summary": "A release requires every release capability to meet the release quality standard, be owned, be evidenced, and be free of unknown or gap status.",
7
+ "blockerStatuses": [
8
+ "unknown",
9
+ "gap"
10
+ ],
11
+ "stableLinePolicy": "Stable release lines must have zero blocker statuses before release.",
12
+ "sourceNaming": "Use neutral evidence aliases only.",
13
+ "qualityGate": "Release readiness means every listed capability has release-quality capability coverage, user access, model access, safety-boundary evidence, and release evidence.",
14
+ "requiredQualityDimensions": [
15
+ "capabilityCoverage",
16
+ "userAccess",
17
+ "modelAccess",
18
+ "safetyBoundary",
19
+ "releaseEvidence"
20
+ ]
21
+ },
22
+ "sources": [
23
+ {
24
+ "id": "release-surface-review",
25
+ "kind": "release-surface-review",
26
+ "observedAt": "2026-06-04",
27
+ "evidence": "Release surface coverage review."
28
+ },
29
+ {
30
+ "id": "runtime-contract-review",
31
+ "kind": "runtime-contract-review",
32
+ "observedAt": "2026-06-04",
33
+ "evidence": "Runtime contract compatibility review."
34
+ },
35
+ {
36
+ "id": "goodvibes-agent",
37
+ "kind": "agent-package",
38
+ "observedAt": "2026-06-04",
39
+ "evidence": "Current goodvibes-agent worktree."
40
+ },
41
+ {
42
+ "id": "goodvibes-connected-host",
43
+ "kind": "connected-host-sdk",
44
+ "observedAt": "2026-06-04",
45
+ "evidence": "Connected-host route, operator, channel, media, pairing, and automation contracts reviewed under runtime-contract-review; packaged Agent docs mirror the owned boundaries."
46
+ },
47
+ {
48
+ "id": "goodvibes-companion",
49
+ "kind": "companion-app",
50
+ "observedAt": "2026-06-04",
51
+ "evidence": "Companion command-depth, pairing, shared-session, media attachment, and realtime foreground-event inventory reviewed under runtime-contract-review."
52
+ }
53
+ ],
54
+ "items": [
55
+ {
56
+ "id": "operator-tui-front-door",
57
+ "capability": "Terminal-first personal operator workspace launches by default and exposes the high-signal workflows from one TUI surface.",
58
+ "owner": "agent",
59
+ "status": "covered",
60
+ "evidence": "src/input/agent-workspace-categories.ts; src/renderer/agent-workspace.ts; docs/getting-started.md",
61
+ "action": "Keep Agent workspace as the first-screen product surface and avoid adding a marketing or coding-first front door.",
62
+ "quality": {
63
+ "capabilityCoverage": "Matches the release expectation that the product opens into the real operator workspace, with setup, runtime posture, local context, channels, media, planning, and delegation reachable from one first-screen TUI.",
64
+ "userAccess": "The user can open the workspace by default or through /agent, /home, and /operator, then browse workspace categories and actions directly.",
65
+ "modelAccess": "agent_harness summary, workspace_categories, workspace_actions, workspace_action, run_workspace_action, ui_surfaces, and open_ui_surface expose the same workspace map and visible navigation routes to the model.",
66
+ "safetyBoundary": "The workspace stays Agent-first and avoids hidden connected-host lifecycle control, coding-first front doors, and marketing-only surfaces.",
67
+ "releaseEvidence": "release-readiness inventory plus package-facing README and getting-started docs cite the workspace files and keep this as a required release item."
68
+ }
69
+ },
70
+ {
71
+ "id": "first-run-onboarding",
72
+ "capability": "First-run setup covers provider access, Agent Knowledge, local behavior libraries, channels, voice/media, and connected-host posture.",
73
+ "owner": "agent",
74
+ "status": "covered",
75
+ "evidence": "src/input/onboarding/onboarding-wizard.ts; src/input/onboarding/onboarding-wizard-steps.ts; src/runtime/onboarding/verify.ts; src/tools/agent-harness-setup-posture.ts",
76
+ "action": "Keep onboarding tied to Agent-owned settings and connected-host readiness checks.",
77
+ "quality": {
78
+ "capabilityCoverage": "Covers first-run provider setup, Agent Knowledge readiness, local behavior libraries, channels, voice/media, support posture, and connected-host compatibility as a single setup path.",
79
+ "userAccess": "The user gets onboarding and setup workspaces with preloaded current settings and reviewable readiness state.",
80
+ "modelAccess": "agent_harness setup_posture/setup_item exposes onboarding snapshot posture, setup marker state, derived capability flags, provider route, provider-account counts, subscription counts, local behavior discovery, channel/media/setup signals, and single setup-item lookup; visible UI, settings, workspace, and command routes remain for confirmed setup mutations.",
81
+ "safetyBoundary": "Setup reads and writes Agent-owned settings only, keeps token values redacted, and does not start or install connected-host services.",
82
+ "releaseEvidence": "Readiness evidence cites onboarding wizard, verification, and direct harness sources, while ledger accounting and package-facing docs cover model-visible setup/onboarding posture."
83
+ }
84
+ },
85
+ {
86
+ "id": "provider-model-routing",
87
+ "capability": "Provider and model selection includes active model visibility, custom provider setup, model refresh, pinned models, and reasoning effort.",
88
+ "owner": "agent",
89
+ "status": "covered",
90
+ "evidence": "src/input/agent-workspace-categories.ts; src/input/commands/local-provider-runtime.ts; src/input/commands/shell-core.ts; src/tools/agent-harness-model-routing.ts; docs/providers-and-routing.md",
91
+ "action": "Preserve workspace-first model/provider controls and scriptable mirrors.",
92
+ "quality": {
93
+ "capabilityCoverage": "Covers active model visibility, custom provider setup, model refresh, favorites, pinned models, context windows, provider health, and reasoning effort controls.",
94
+ "userAccess": "The user can operate provider and model routing from the Agent workspace, /model, /provider, model picker, provider workspace, and scriptable CLI mirrors.",
95
+ "modelAccess": "agent_harness model_routing/model_route exposes current provider/model route, selectable models, provider ids, pinned models, reasoning support, context windows, safe route setting keys, and single route/model lookup; visible picker, settings, workspace, and command routes remain for confirmed selection, refresh, pin/unpin, custom provider, and setting mutations.",
96
+ "safetyBoundary": "Provider auth and model changes are explicit, secret-backed where needed, and do not print raw credentials.",
97
+ "releaseEvidence": "Provider routing docs, direct harness source, package-facing text checks, and readiness item evidence keep this feature required for stable releases."
98
+ }
99
+ },
100
+ {
101
+ "id": "provider-account-posture",
102
+ "capability": "Provider auth and subscription posture are inspectable without printing tokens, with login/logout flows requiring explicit confirmation.",
103
+ "owner": "agent",
104
+ "status": "covered",
105
+ "evidence": "src/input/commands/provider-accounts-runtime.ts; src/input/commands/subscription-runtime.ts; src/input/agent-workspace-categories.ts; src/tools/agent-harness-provider-account-metadata.ts",
106
+ "action": "Keep account inspection read-only by default and confirmation-gate login mutations.",
107
+ "quality": {
108
+ "capabilityCoverage": "Covers account snapshots, subscriptions, usage windows, auth route posture, and login/logout safety without token leakage.",
109
+ "userAccess": "The user can inspect provider accounts and subscription state through Agent workspace routes and /accounts, /auth, and /subscription commands.",
110
+ "modelAccess": "agent_harness provider_accounts/provider_account exposes provider auth route posture, subscription freshness, usage windows, route issues, repair guidance, and single-provider lookup; model_routing/model_route, settings/get_setting/set_setting, and connected_host_status expose related routing/readiness context while login/logout remains a visible confirmation-gated user flow.",
111
+ "safetyBoundary": "Account inspection is read-only by default, auth mutations require explicit confirmation, and captured output redacts tokens.",
112
+ "releaseEvidence": "Readiness evidence points to provider account and subscription command implementations, with package policy guarding token-safe docs and release smoke."
113
+ }
114
+ },
115
+ {
116
+ "id": "isolated-agent-knowledge",
117
+ "capability": "Agent Knowledge uses the isolated Agent route family only, with ask, search, source review, connector inspection, ingest, reindex, and consolidation actions.",
118
+ "owner": "agent",
119
+ "status": "covered",
120
+ "evidence": "src/input/commands/knowledge.ts; src/cli/agent-knowledge-command.ts; docs/knowledge-artifacts-and-multimodal.md",
121
+ "action": "Never fall back to default knowledge or non-Agent product knowledge segments.",
122
+ "quality": {
123
+ "capabilityCoverage": "Covers isolated Agent Knowledge ask, search, source review, connectors, ingest, reindex, consolidation, graph operations, and status without default knowledge fallback.",
124
+ "userAccess": "The user can operate Agent Knowledge from the workspace, /knowledge, and goodvibes-agent knowledge CLI mirrors.",
125
+ "modelAccess": "agent_knowledge and agent_knowledge_ingest expose status, ask/search, source/node/issue lists, item lookup, map summary, connector inspection, and ingest; agent_harness operator_methods/operator_method and tool/schema lookup expose route metadata to the model.",
126
+ "safetyBoundary": "All Knowledge traffic targets only /api/goodvibes-agent/knowledge/*, rejects non-Agent space-selection flags, and fails closed when successful responses expose default scope metadata or known non-Agent payload markers.",
127
+ "releaseEvidence": "Package-facing required text, architecture policy, readiness evidence, and live verification checks require isolated Knowledge status, ask, search, library, item, map, connector outcomes, and response-scope contamination detection."
128
+ }
129
+ },
130
+ {
131
+ "id": "artifact-ingest-boundary",
132
+ "capability": "Artifacts, file ingest, URL lists, bookmarks, browser history, and generated media are explicit Agent Knowledge or artifact workflows instead of silent memory promotion.",
133
+ "owner": "agent",
134
+ "status": "covered",
135
+ "evidence": "src/input/agent-workspace-categories.ts; src/input/commands/knowledge.ts; src/agent/media-generation.ts; docs/knowledge-artifacts-and-multimodal.md",
136
+ "action": "Keep source-to-knowledge handoff explicit and confirmation-gated.",
137
+ "quality": {
138
+ "capabilityCoverage": "Covers explicit handling for artifacts, files, URL lists, bookmarks, browser history, generated media, and reviewed source promotion.",
139
+ "userAccess": "The user can use workspace ingest forms, media generation, notes, bookmarks, and Knowledge ingest mirrors with clear review steps.",
140
+ "modelAccess": "agent_knowledge_ingest exposes URL/file/URL-list/bookmarks/browser-history/connector ingest, agent_media_generate exposes confirmed generated artifacts, media_posture/media_provider exposes media readiness, and sessions/session exposes bookmark/session artifact posture.",
141
+ "safetyBoundary": "No artifact, generated media, or research source is silently promoted into durable memory or non-Agent knowledge.",
142
+ "releaseEvidence": "Readiness and docs cite Knowledge/artifact/media boundaries, and package policy requires those docs in the installable package."
143
+ }
144
+ },
145
+ {
146
+ "id": "local-memory-notes-personas",
147
+ "capability": "Agent-local memory, notes, personas, and runtime profiles support durable personal context without default knowledge contamination.",
148
+ "owner": "agent",
149
+ "status": "covered",
150
+ "evidence": "src/agent/persona-registry.ts; src/agent/note-registry.ts; src/cli/memory-command.ts; src/input/commands/personas-runtime.ts",
151
+ "action": "Keep local context libraries Agent-owned and secret-rejecting.",
152
+ "quality": {
153
+ "capabilityCoverage": "Covers durable local memory, scratch notes, personas, profiles, search/review/stale/delete flows, and promotion without knowledge contamination.",
154
+ "userAccess": "The user can manage records through Agent workspace Memory, Notes, Personas, Profiles, and /memory or /personas mirrors.",
155
+ "modelAccess": "agent_local_registry exposes record lookup/search/get/create/update/review/use/delete for memory, notes, personas, skills, skill bundles, and routines; agent_harness exposes confirmed workspace editor routes when the user starts from visible workspace forms.",
156
+ "safetyBoundary": "Local libraries reject secret-looking content and keep destructive or cross-surface promotion actions confirmation-gated.",
157
+ "releaseEvidence": "Readiness evidence cites local registries and CLI/runtime commands, with package policy requiring model-visible local action docs."
158
+ }
159
+ },
160
+ {
161
+ "id": "skills-routines-behavior-library",
162
+ "capability": "Local skills, skill bundles, routines, and learned behavior capture reusable operator behavior from reviewed user workflows.",
163
+ "owner": "agent",
164
+ "status": "covered",
165
+ "evidence": "src/agent/skill-registry.ts; src/agent/routine-registry.ts; src/input/agent-workspace-learned-behavior.ts; src/input/commands/agent-skills-runtime.ts",
166
+ "action": "Keep behavior capture local until the user explicitly promotes or exports it.",
167
+ "quality": {
168
+ "capabilityCoverage": "Covers local skills, skill bundles, routines, learned behavior capture, imports, review states, and reusable operator workflows.",
169
+ "userAccess": "The user can manage skills, routines, bundles, and learned behavior through workspace routes and /skills or /routines commands.",
170
+ "modelAccess": "agent_local_registry and agent_harness expose skill/routine actions, editor schemas, selected-record promotion, and routine schedule prefill to the model.",
171
+ "safetyBoundary": "Behavior capture remains local until the user explicitly promotes, exports, schedules, or deletes a reviewed record.",
172
+ "releaseEvidence": "Readiness evidence cites registry and command sources, and release docs describe local behavior library ownership."
173
+ }
174
+ },
175
+ {
176
+ "id": "routine-schedule-bridge",
177
+ "capability": "Local routines can be promoted to connected-host schedules only by explicit confirmation, with redacted receipts and reconciliation.",
178
+ "owner": "agent",
179
+ "status": "covered",
180
+ "evidence": "src/agent/routine-schedule-promotion.ts; src/agent/routine-schedule-receipts.ts; src/input/commands/routines-runtime.ts; docs/getting-started.md",
181
+ "action": "Keep local routine start separate from durable connected-host schedule creation.",
182
+ "quality": {
183
+ "capabilityCoverage": "Covers explicit promotion from local routines to durable connected schedules with receipts, redaction, reconciliation, and delivery options.",
184
+ "userAccess": "The user can promote routines through workspace schedule forms or /routines and /schedule mirrors using explicit confirmation.",
185
+ "modelAccess": "agent_harness exposes routine selection, schedule editor schemas, run_workspace_action dispatch, and first-class reminder/operator route guidance.",
186
+ "safetyBoundary": "Local routine execution stays separate from durable schedule creation, and schedule promotion requires explicit confirmation and redacted receipts.",
187
+ "releaseEvidence": "Readiness evidence cites schedule promotion and receipts code plus docs, with live verification covering connected schedule posture."
188
+ }
189
+ },
190
+ {
191
+ "id": "reminders-and-notifications",
192
+ "capability": "Reminder scheduling and notification delivery are explicit, confirmed, and routed through configured targets without leaking tokens.",
193
+ "owner": "agent",
194
+ "status": "covered",
195
+ "evidence": "src/agent/reminder-schedule.ts; src/input/commands/notify-runtime.ts; src/tools/agent-notify-tool.ts; src/tools/agent-harness-notification-metadata.ts; src/tools/agent-reminder-schedule-tool.ts",
196
+ "action": "Keep reminder delivery opt-in and redacted.",
197
+ "quality": {
198
+ "capabilityCoverage": "Covers reminders, notification targets, webhook delivery, redacted readiness, and explicit one-shot sends.",
199
+ "userAccess": "The user can schedule reminders and manage notifications from the Agent workspace and /notify or /schedule commands.",
200
+ "modelAccess": "agent_reminder_schedule, agent_notify, and agent_harness notifications/notification_target plus command/workspace action metadata expose reminder and notification flows to the model.",
201
+ "safetyBoundary": "Delivery is opt-in, exact-target, confirmation-gated where mutating, and does not render stored tokens.",
202
+ "releaseEvidence": "Readiness evidence cites reminder, notify, and tool implementations, with live outcome certification covering externally backed delivery."
203
+ }
204
+ },
205
+ {
206
+ "id": "channel-readiness-send",
207
+ "capability": "Agent can inspect channel readiness, accounts, policies, status, setup guidance, and send one confirmed delivery.",
208
+ "owner": "agent",
209
+ "status": "covered",
210
+ "evidence": "src/input/commands/channels-runtime.ts; src/agent/channel-delivery.ts; src/tools/agent-channel-send-tool.ts; src/tools/agent-harness-channel-metadata.ts; docs/channels-remote-and-api.md",
211
+ "action": "Keep channel delivery exact-target and confirmation-gated.",
212
+ "quality": {
213
+ "capabilityCoverage": "Covers channel readiness, account posture, setup guidance, policy, status, and one-message confirmed delivery across configured channel surfaces.",
214
+ "userAccess": "The user can inspect and send channel messages through Agent Workspace -> Channels and /channels mirrors.",
215
+ "modelAccess": "agent_harness channels/channel exposes structured readiness, setup state, delivery posture, risk labels, and safe config-key names; agent_channel_send exposes the exact confirmed send route.",
216
+ "safetyBoundary": "Channel sends require explicit target and confirmation, do not infer routes from chat, and do not expose secret values.",
217
+ "releaseEvidence": "Readiness evidence cites channel runtime/tool/docs sources, and live certification requires real external channel outcome coverage before release."
218
+ }
219
+ },
220
+ {
221
+ "id": "companion-pairing",
222
+ "capability": "Companion pairing is QR-first, hides raw tokens by default, and requires explicit confirmation to display manual tokens.",
223
+ "owner": "agent",
224
+ "status": "covered",
225
+ "evidence": "src/input/agent-workspace-categories.ts; src/input/commands/qrcode-runtime.ts; src/tools/agent-harness-pairing-posture.ts; src/cli/help.ts",
226
+ "action": "Keep token display redacted unless the user explicitly asks for manual pairing output.",
227
+ "quality": {
228
+ "capabilityCoverage": "Covers QR-first companion pairing, manual-token fallback, shared-session posture, realtime client readiness, and safe token display.",
229
+ "userAccess": "The user can pair through workspace access routes, /pair, and /qrcode, with manual token display requiring explicit confirmation.",
230
+ "modelAccess": "agent_harness pairing_posture/pairing_route exposes companion pairing endpoint binding, pairing surface id, token presence/fingerprint, route catalog, connected-host status/capability routes, channel readiness routes, and single pairing-route lookup without returning raw tokens or QR payloads.",
231
+ "safetyBoundary": "Raw pairing tokens are hidden by default and only displayed when the user explicitly requests manual output.",
232
+ "releaseEvidence": "Readiness evidence cites workspace, QR runtime, direct harness, and help surfaces, with live certification covering connected-host pairing readiness."
233
+ }
234
+ },
235
+ {
236
+ "id": "approvals-and-automation-actions",
237
+ "capability": "Approvals, automation jobs, runs, and schedules expose read-only status plus narrow confirmed approve, deny, cancel, run, pause, resume, retry, and run-now actions.",
238
+ "owner": "agent",
239
+ "status": "covered",
240
+ "evidence": "src/agent/operator-actions.ts; src/input/commands/operator-actions-runtime.ts; src/input/commands/schedule-runtime.ts; docs/tools-and-commands.md",
241
+ "action": "Do not create or mutate broad automation definitions from ordinary chat.",
242
+ "quality": {
243
+ "capabilityCoverage": "Covers approval queues, automation jobs/runs/schedules, status views, and narrow confirmed approve, deny, cancel, run, pause, resume, retry, and run-now operations.",
244
+ "userAccess": "The user can operate approvals and automation through workspace forms and exact /approval, /automation, and /schedule mirrors.",
245
+ "modelAccess": "agent_operator_briefing, agent_operator_action, and agent_harness command/workspace metadata expose read-only status and exact confirmed actions to the model.",
246
+ "safetyBoundary": "Ordinary chat cannot silently create or mutate broad automation definitions; every mutation is exact and confirmation-gated.",
247
+ "releaseEvidence": "Readiness evidence cites operator action and runtime sources, and live certification covers externally backed automation outcomes."
248
+ }
249
+ },
250
+ {
251
+ "id": "planning-workplan",
252
+ "capability": "Planning, workplan status, and task visibility support personal operator work without auto-spawning parallel implementation jobs.",
253
+ "owner": "agent",
254
+ "status": "covered",
255
+ "evidence": "src/input/commands/planning-runtime.ts; src/input/commands/work-plan-runtime.ts; src/planning/project-planning-coordinator.ts; docs/project-planning.md",
256
+ "action": "Keep planning serial and explicit until the user asks for execution.",
257
+ "quality": {
258
+ "capabilityCoverage": "Covers planning interviews, visible work-plan state, task status, and project planning without implicit parallel execution jobs.",
259
+ "userAccess": "The user can inspect and update planning from /plan, /workplan, workspace planning panels, and task/status surfaces.",
260
+ "modelAccess": "agent_work_plan exposes list/get/create/update/status/remove/clear_completed for visible Agent-local work plans; agent_harness panels/panel and workspace metadata expose the matching TUI visibility without spawning implementation jobs.",
261
+ "safetyBoundary": "Planning stays serial and explicit until the user asks for execution, and it does not auto-spawn implementation roles.",
262
+ "releaseEvidence": "Readiness evidence cites planning coordinator and command sources, with verification ledger accounting for onboarding and work-plan surfaces."
263
+ }
264
+ },
265
+ {
266
+ "id": "explicit-build-delegation",
267
+ "capability": "Build, fix, review, and implementation work delegates to GoodVibes TUI/shared-session routes only when the user explicitly asks.",
268
+ "owner": "agent",
269
+ "status": "covered",
270
+ "evidence": "src/input/commands/delegation-runtime.ts; src/input/agent-workspace-delegation-editor-submission.ts; src/tools/agent-harness-delegation-posture.ts; docs/tools-and-commands.md",
271
+ "action": "Do not turn the personal Agent into a coding TUI or implicit reviewer.",
272
+ "quality": {
273
+ "capabilityCoverage": "Covers build, fix, review, and implementation delegation through explicit shared-session/task routes instead of turning Agent into a coding TUI.",
274
+ "userAccess": "The user can delegate from Agent workspace forms or /delegate when they explicitly ask for build/fix/review/implementation work.",
275
+ "modelAccess": "agent_harness delegation_posture/delegation_route exposes explicit build-delegation routes, runtime availability, delegated-review policy, main-conversation ownership, blocked local coding ownership, and single delegation-route lookup; delegated work submission remains a visible confirmed workspace or slash-command flow.",
276
+ "safetyBoundary": "Delegated review or implementation is never the default reasoning path and requires explicit user intent.",
277
+ "releaseEvidence": "Readiness evidence cites delegation runtime, direct harness source, and docs, with package boundary checks rejecting coding-first Agent product drift."
278
+ }
279
+ },
280
+ {
281
+ "id": "mcp-tool-trust",
282
+ "capability": "MCP servers, tool inventory, trust posture, secrets, and security review are inspectable and confirmation-gated from the Agent workspace.",
283
+ "owner": "agent",
284
+ "status": "covered",
285
+ "evidence": "src/input/commands/mcp-runtime.ts; src/input/commands/security-runtime.ts; src/input/commands/product-runtime.ts; src/input/agent-workspace-categories.ts; src/tools/agent-harness-mcp-metadata.ts",
286
+ "action": "Keep tool trust changes explicit and do not silently install or expose tools.",
287
+ "quality": {
288
+ "capabilityCoverage": "Covers MCP server setup, tool inventory, trust posture, security review, secrets, and confirmation-gated trust changes.",
289
+ "userAccess": "The user can review MCP and tool trust through Agent workspace, /mcp, /security, /trust, and settings surfaces.",
290
+ "modelAccess": "agent_harness mcp_servers/mcp_server exposes read-only server posture, trust mode, role, quarantine state, and optional per-server tool inventory; security_posture/security_finding exposes trust/security findings; tools/tool exposes model tool schema; settings/get_setting/set_setting exposes confirmed setting routes.",
291
+ "safetyBoundary": "Tool trust changes, secret writes, and server mutations are explicit and do not silently install or expose tools.",
292
+ "releaseEvidence": "Readiness evidence cites MCP/security/product runtimes and the direct MCP server harness catalog, with package text policy and the verification ledger documenting model-visible harness boundaries."
293
+ }
294
+ },
295
+ {
296
+ "id": "voice-tts-media",
297
+ "capability": "Voice, live TTS, image input, media provider readiness, and confirmed image/video artifact generation are available from the TUI.",
298
+ "owner": "agent",
299
+ "status": "covered",
300
+ "evidence": "src/input/commands/tts-runtime.ts; src/input/commands/local-runtime.ts; src/input/agent-workspace-voice-media.ts; src/tools/agent-harness-media-posture.ts; docs/voice-and-live-tts.md",
301
+ "action": "Keep spoken output and generated media out of durable knowledge unless explicitly ingested.",
302
+ "quality": {
303
+ "capabilityCoverage": "Covers voice review, live TTS, image input, media provider readiness, transcription/voice posture, and confirmed image/video artifact generation.",
304
+ "userAccess": "The user can operate voice and media through Agent Workspace -> Voice & Media and /tts, /voice, /image, and /media commands.",
305
+ "modelAccess": "agent_harness media_posture/media_provider exposes voice/media provider readiness, selected TTS setup, browser-tool posture, artifact availability, safe secret-key names, and model routes; agent_media_generate performs confirmed media generation.",
306
+ "safetyBoundary": "Spoken output and generated media are not durable knowledge unless the user explicitly ingests reviewed artifacts.",
307
+ "releaseEvidence": "Readiness evidence cites voice/media runtime/docs and direct harness sources, while ledger accounting and live certification cover media and connected-host outcomes."
308
+ }
309
+ },
310
+ {
311
+ "id": "conversation-session-artifacts",
312
+ "capability": "Session save/load/export/search, transcript review, bookmarks, image attachment, and context references are handled inside the TUI.",
313
+ "owner": "agent",
314
+ "status": "covered",
315
+ "evidence": "src/input/commands/session-workflow.ts; src/input/commands/conversation-runtime.ts; src/input/session-picker-modal.ts; src/input/agent-workspace-categories.ts; src/tools/agent-harness-session-metadata.ts",
316
+ "action": "Keep conversation controls local and visible.",
317
+ "quality": {
318
+ "capabilityCoverage": "Covers save/load/export/search, transcript review, bookmarks, image attachment, context references, session continuity, and artifact follow-up.",
319
+ "userAccess": "The user can manage sessions and conversation artifacts through TUI controls, workspace actions, pickers, overlays, and /save, /load, /sessions, /conversation, /bookmarks, and /image commands.",
320
+ "modelAccess": "agent_harness sessions/session exposes current session posture, saved-session metadata/search, bookmark counts, saved bookmark file counts, and single-session lookup; visible save/resume/export/delete/bookmark flows remain confirmation-gated user routes.",
321
+ "safetyBoundary": "Conversation controls stay visible and local; file/URL context references do not silently ingest into Agent Knowledge.",
322
+ "releaseEvidence": "Readiness evidence cites session workflow, workspace, and direct harness sources, while ledger accounting and package text checks cover sessions/bookmarks, overlays, and command catalog docs."
323
+ }
324
+ },
325
+ {
326
+ "id": "support-auth-trust-bundles",
327
+ "capability": "Support, auth, subscription, and trust bundles can be exported or inspected with redaction and explicit confirmation.",
328
+ "owner": "agent",
329
+ "status": "covered",
330
+ "evidence": "src/cli/bundle-command.ts; src/input/commands/recall-bundle.ts; src/input/commands/security-runtime.ts; src/input/commands/platform-access-runtime.ts; src/input/commands/product-runtime.ts; src/input/agent-workspace-categories.ts; src/tools/agent-harness-security-posture.ts",
331
+ "action": "Keep sensitive bundle export confirmation-gated.",
332
+ "quality": {
333
+ "capabilityCoverage": "Covers support, auth, subscription, trust, recall, and portable bundle inspection/export/import with redaction and confirmation.",
334
+ "userAccess": "The user can export and inspect bundles through workspace routes and /bundle, /auth, /trust, /subscription, and recall bundle commands.",
335
+ "modelAccess": "agent_harness security_posture/security_finding exposes redacted token, policy, MCP, plugin, incident, auth, and support-bundle posture; support_bundles/support_bundle exposes bundle routes and redacted existing-bundle inspection without returning raw config, token, or secret values.",
336
+ "safetyBoundary": "Sensitive bundle export/import and trust changes are confirmation-gated and redact secret values.",
337
+ "releaseEvidence": "Readiness evidence cites bundle, security, auth, trust, workspace, and direct harness sources, with package policy and ledger accounting guarding token-safe documentation and install smoke."
338
+ }
339
+ },
340
+ {
341
+ "id": "doctor-compat-status",
342
+ "capability": "Agent status, doctor, compatibility, health, auth review, and connected-host route posture are available from CLI and TUI.",
343
+ "owner": "agent",
344
+ "status": "covered",
345
+ "evidence": "src/cli/status.ts; src/cli/management.ts; src/input/commands/health-runtime.ts; src/input/commands/compat-runtime.ts",
346
+ "action": "Keep diagnostics read-only and linked to connected-host repair guidance.",
347
+ "quality": {
348
+ "capabilityCoverage": "Covers status, doctor, compatibility, health, auth review, connected-host route posture, SDK pin checks, and Agent Knowledge readiness.",
349
+ "userAccess": "The user can run workspace health routes and goodvibes-agent status, doctor, compat, and auth review mirrors.",
350
+ "modelAccess": "agent_harness operator_methods, operator_method, service_posture, service_endpoint, connected_host, connected_host_capability, connected_host_status, cli_command, setup_posture/setup_item, provider_accounts/provider_account, and mcp_servers/mcp_server expose the same diagnostics to the model.",
351
+ "safetyBoundary": "Diagnostics are read-only, redact token state, and provide repair guidance without lifecycle control.",
352
+ "releaseEvidence": "Readiness evidence cites status/health/compat sources, with live verification requiring CLI status, compat, doctor, connected-host, model, and Agent Knowledge checks."
353
+ }
354
+ },
355
+ {
356
+ "id": "release-package-install",
357
+ "capability": "Package metadata, docs, Bun-only install, runtime build, compiled binary smoke, performance fixture checks, publish checks, install checks, and release workflows are guarded by shared release metadata verification.",
358
+ "owner": "release",
359
+ "status": "covered",
360
+ "evidence": "release/performance-snapshot.json; src/cli/package-verification.ts; scripts/release.ts; scripts/perf-check.ts; scripts/publish-check.ts; scripts/package-install-check.ts; .github/workflows/ci.yml",
361
+ "action": "Keep release validation centralized and package-facing docs aligned with Agent product boundaries.",
362
+ "quality": {
363
+ "capabilityCoverage": "Covers package identity, Bun-only install, runtime build, package docs, compact model tool description policy, compiled binary smoke, pack/install smoke, publish checks, performance checks, and tarball policy.",
364
+ "userAccess": "The user receives one installable package with goodvibes-agent as the executable and package-facing docs included in the tarball.",
365
+ "modelAccess": "agent_harness exposes package-facing CLI mirror metadata and docs describe model routes so the assistant can operate installed surfaces instead of hidden nested processes.",
366
+ "safetyBoundary": "The package excludes tests, private verification internals, connected-host binaries, lifecycle ownership, and forbidden boundary paths.",
367
+ "releaseEvidence": "Shared package verification, compact model tool description thresholds, release scripts, performance snapshot, and release workflow policy keep the package gate required for every release."
368
+ }
369
+ },
370
+ {
371
+ "id": "live-release-evidence",
372
+ "capability": "Live release verification records external outcome checks for compiled CLI, connected-host status, health, model routes, and isolated Agent Knowledge.",
373
+ "owner": "release",
374
+ "status": "covered",
375
+ "evidence": "src/verification/live-verifier.ts; scripts/verify-live.ts; docs/release-and-publishing.md",
376
+ "action": "Run live verification for stable releases after product work is complete.",
377
+ "quality": {
378
+ "capabilityCoverage": "Covers external outcome checks for compiled CLI, connected-host status/health/model routes, SDK compatibility, isolated Agent Knowledge status/ask/search/source/node/issue/map/connector routes, and packaged evidence for item inspection.",
379
+ "userAccess": "The user gets release artifacts backed by recorded live verification rather than only local static checks.",
380
+ "modelAccess": "agent_harness service_posture, service_endpoint, and connected_host_status mirror service endpoint posture and live-readiness posture into the main conversation for assistant use.",
381
+ "safetyBoundary": "Live reports redact local paths, private network addresses, and token values while refusing SDK mismatch as a passing state.",
382
+ "releaseEvidence": "release/live-verification JSON and Markdown reports are required release evidence and must be fresh once blockers are absent."
383
+ }
384
+ },
385
+ {
386
+ "id": "release-readiness-inventory-gate",
387
+ "capability": "The release readiness inventory is staged with release metadata and blocks stable releases when unknown or gap entries remain.",
388
+ "owner": "release",
389
+ "status": "covered",
390
+ "evidence": "release/release-readiness.json; src/tools/agent-harness-release-evidence.ts; src/tools/agent-harness-release-readiness.ts; src/tools/agent-harness-tool.ts; src/cli/package-verification.ts; scripts/release.ts",
391
+ "action": "Keep this inventory current whenever quality evidence or ownership changes.",
392
+ "quality": {
393
+ "capabilityCoverage": "Makes release-quality coverage a release criterion for each capability item rather than accepting a bare covered status.",
394
+ "userAccess": "The user can inspect the release/release-readiness.json inventory to see every capability, owner, action, evidence, and quality dimension.",
395
+ "modelAccess": "agent_harness release_evidence, release_evidence_artifact, release_readiness, and release_readiness_item expose the same release evidence bundle and inventory to the model with summary, search, single-artifact, and single-item lookup routes, while package verification keeps the packaged files present.",
396
+ "safetyBoundary": "The inventory uses neutral evidence aliases and excludes local or private evidence details from the repository.",
397
+ "releaseEvidence": "Package verification requires required item ids, zero blocker statuses, quality dimensions, fresh live evidence, and release script staging."
398
+ }
399
+ },
400
+ {
401
+ "id": "connected-host-channel-core",
402
+ "capability": "Core external messaging surfaces, route bindings, delivery records, ingress, egress, account lifecycle, directory lookup, target resolution, and render policy are owned by the connected host and SDK.",
403
+ "owner": "connected-host",
404
+ "status": "covered",
405
+ "evidence": "goodvibes-connected-host: channel surface and automation contract inventory reviewed under runtime-contract-review; docs/channels-remote-and-api.md",
406
+ "action": "Agent should keep readiness and confirmed send UX while connected-host owns adapters and lifecycle.",
407
+ "quality": {
408
+ "capabilityCoverage": "Covers core external messaging routes, delivery records, ingress/egress, account lifecycle, directory lookup, target resolution, render policy, and adapter contracts through connected-host ownership.",
409
+ "userAccess": "The user sees channel readiness and confirmed sends in Agent while connected-host owns adapter lifecycle and route execution.",
410
+ "modelAccess": "agent_channel_send plus agent_harness channels/channel, connected-host capability, channel workspace, slash-command, and settings metadata expose channel operation boundaries to the model.",
411
+ "safetyBoundary": "Agent never owns host lifecycle or secret-bearing adapters; it routes exact confirmed delivery through public connected-host contracts.",
412
+ "releaseEvidence": "Readiness evidence cites connected-host evidence alias and Agent channel docs, with live outcome certification covering real delivery before release."
413
+ }
414
+ },
415
+ {
416
+ "id": "connected-host-automation-runtime",
417
+ "capability": "Durable jobs, runs, schedules, route bindings, deliveries, watchers, and service lifecycle are connected-host responsibilities.",
418
+ "owner": "connected-host",
419
+ "status": "covered",
420
+ "evidence": "goodvibes-connected-host: automation runtime and operator API contract inventory reviewed under runtime-contract-review; docs/tools-and-commands.md",
421
+ "action": "Agent should expose read-only status and narrow confirmed actions, not host lifecycle ownership.",
422
+ "quality": {
423
+ "capabilityCoverage": "Covers durable jobs, runs, schedules, watchers, deliveries, route bindings, and service lifecycle through connected-host runtime ownership.",
424
+ "userAccess": "The user can inspect automation state and run narrow confirmed actions from Agent without managing host services.",
425
+ "modelAccess": "agent_operator_briefing, agent_operator_action, and agent_harness connected-host capability reports expose automation status/action boundaries to the model.",
426
+ "safetyBoundary": "Agent does not create broad host automation definitions or lifecycle operations from chat.",
427
+ "releaseEvidence": "Readiness evidence cites connected-host automation inventory and Agent tools docs, with live certification covering external automation outcomes."
428
+ }
429
+ },
430
+ {
431
+ "id": "connected-host-operator-api",
432
+ "capability": "Operator API covers methods, events, auth, realtime transport, status, control-plane catalogs, and WebSocket/SSE event feeds.",
433
+ "owner": "connected-host",
434
+ "status": "covered",
435
+ "evidence": "goodvibes-connected-host: operator API and realtime transport contract inventory reviewed under runtime-contract-review; docs/connected-host.md",
436
+ "action": "Agent should use public operator routes only.",
437
+ "quality": {
438
+ "capabilityCoverage": "Covers operator methods, events, auth, realtime transport, status, control-plane catalogs, WebSocket/SSE feeds, and route families.",
439
+ "userAccess": "The user receives status, health, model route, work/approval/automation, and realtime posture through Agent diagnostics and workspace surfaces.",
440
+ "modelAccess": "agent_harness operator_methods, operator_method, service_posture, service_endpoint, connected_host, connected_host_capability, connected_host_status, and first-class operator tools expose public operator routes and endpoint diagnostics to the model.",
441
+ "safetyBoundary": "Agent uses public authenticated operator routes only and does not expose lifecycle or non-Agent host internals.",
442
+ "releaseEvidence": "Readiness evidence cites connected-host operator inventory and connected-host docs, with live verification requiring status, health, and model route checks."
443
+ }
444
+ },
445
+ {
446
+ "id": "connected-host-agent-knowledge-routes",
447
+ "capability": "The connected host owns Agent Knowledge route handlers, source ingestion, connectors, graph operations, refinement, jobs, and schedules.",
448
+ "owner": "connected-host",
449
+ "status": "covered",
450
+ "evidence": "goodvibes-connected-host: isolated Agent Knowledge route contract reviewed under runtime-contract-review; docs/knowledge-artifacts-and-multimodal.md",
451
+ "action": "Agent should target only the isolated Agent Knowledge route family.",
452
+ "quality": {
453
+ "capabilityCoverage": "Covers Agent Knowledge handlers, ingestion, connectors, graph operations, refinement, jobs, schedules, ask, search, and status through isolated connected-host routes.",
454
+ "userAccess": "The user can operate isolated Agent Knowledge from TUI and CLI without selecting or leaking into non-Agent knowledge spaces.",
455
+ "modelAccess": "agent_knowledge, agent_knowledge_ingest, agent_harness operator_methods/operator_method, and connected-host capability reports expose isolated Knowledge operation to the model.",
456
+ "safetyBoundary": "Only /api/goodvibes-agent/knowledge/* routes are allowed, and Agent rejects default or alternate knowledge space routing plus successful responses that carry default scope metadata.",
457
+ "releaseEvidence": "Readiness evidence cites connected-host evidence alias and Knowledge docs, with live verification requiring isolated status, ask, search, library, item, map, connector checks, and response-scope contamination detection."
458
+ }
459
+ },
460
+ {
461
+ "id": "connected-host-media-routes",
462
+ "capability": "Voice synthesis, streaming voice, transcription, realtime voice session setup, media analysis, artifact storage, and media provider route handlers are connected-host responsibilities.",
463
+ "owner": "connected-host",
464
+ "status": "covered",
465
+ "evidence": "goodvibes-connected-host: media and voice route contract inventory reviewed under runtime-contract-review; docs/voice-and-live-tts.md",
466
+ "action": "Agent should keep TUI controls and artifact UX rather than provider runtime ownership.",
467
+ "quality": {
468
+ "capabilityCoverage": "Covers voice synthesis, streaming voice, transcription, realtime voice setup, media analysis, artifact storage, and media provider route handlers through connected-host ownership.",
469
+ "userAccess": "The user can inspect media readiness and generate artifacts from Agent while provider runtime ownership stays outside the package.",
470
+ "modelAccess": "agent_media_generate and agent_harness media_posture/media_provider expose media provider readiness, selected TTS setup, browser-tool posture, artifact availability, safe secret-key names, model routes, and single provider lookup; connected-host capability metadata exposes ownership boundaries.",
471
+ "safetyBoundary": "Agent stores generated bytes as artifacts and does not print inline base64 or silently ingest media into knowledge.",
472
+ "releaseEvidence": "Readiness evidence cites connected-host media inventory and voice/media docs, with live certification covering externally backed media outcomes."
473
+ }
474
+ },
475
+ {
476
+ "id": "connected-host-provider-accounts",
477
+ "capability": "Provider account snapshots, usage windows, OAuth/service route metadata, and provider usage endpoints are owned by the connected host and SDK.",
478
+ "owner": "connected-host",
479
+ "status": "covered",
480
+ "evidence": "goodvibes-connected-host: provider account and usage route contract inventory reviewed under runtime-contract-review; src/input/commands/provider-accounts-runtime.ts; src/tools/agent-harness-provider-account-metadata.ts",
481
+ "action": "Agent should inspect and guide provider auth without owning provider service internals.",
482
+ "quality": {
483
+ "capabilityCoverage": "Covers provider account snapshots, usage windows, OAuth/service route metadata, auth routes, and provider usage endpoints through connected-host and SDK ownership.",
484
+ "userAccess": "The user can inspect account posture and usage from Agent surfaces while provider services remain connected-host responsibilities.",
485
+ "modelAccess": "agent_harness provider_accounts/provider_account, model_routing/model_route, service_posture, service_endpoint, connected_host_status, and connected_host_capability expose account and routing posture to the model.",
486
+ "safetyBoundary": "Agent guides and inspects auth without owning provider service internals or printing raw secrets.",
487
+ "releaseEvidence": "Readiness evidence cites connected-host provider account inventory and Agent provider-account runtime sources."
488
+ }
489
+ },
490
+ {
491
+ "id": "connected-host-pairing-realtime",
492
+ "capability": "Companion pairing, token bootstrap, realtime event delivery, browser/mobile-safe SDK surfaces, and transport compatibility are connected-host and SDK responsibilities.",
493
+ "owner": "connected-host",
494
+ "status": "covered",
495
+ "evidence": "goodvibes-connected-host: pairing, token bootstrap, realtime, browser-safe, and mobile-safe transport inventory reviewed under runtime-contract-review; docs/channels-remote-and-api.md",
496
+ "action": "Agent should render pairing and status UX while the connected host owns token issuance and realtime transport.",
497
+ "quality": {
498
+ "capabilityCoverage": "Covers token bootstrap, QR pairing, realtime delivery, browser/mobile-safe SDK surfaces, foreground events, and transport compatibility through connected-host and SDK ownership.",
499
+ "userAccess": "The user pairs companion clients and sees realtime compatibility from Agent while token issuance remains outside Agent.",
500
+ "modelAccess": "agent_harness pairing_posture/pairing_route, service_posture, service_endpoint, connected_host, connected_host_capability, and connected_host_status expose pairing endpoint binding, token fingerprint, route catalog, realtime/status boundaries, and single route/capability lookup without returning raw tokens or QR payloads.",
501
+ "safetyBoundary": "Agent renders pairing UX and status without owning token issuance or exposing raw tokens by default.",
502
+ "releaseEvidence": "Readiness evidence cites connected-host pairing/realtime inventory and channel docs, with live certification covering pairing readiness."
503
+ }
504
+ },
505
+ {
506
+ "id": "connected-host-cloud-batch",
507
+ "capability": "Batch provider jobs, queue signals, optional Cloudflare provisioning, worker proxying, DLQ posture, and batch tick processing are SDK/connected-host responsibilities.",
508
+ "owner": "connected-host",
509
+ "status": "covered",
510
+ "evidence": "goodvibes-connected-host: batch job, queue, worker proxy, DLQ, and tick-processing inventory reviewed under runtime-contract-review; docs/connected-host.md",
511
+ "action": "Agent should not implement cloud provisioning or batch worker internals.",
512
+ "quality": {
513
+ "capabilityCoverage": "Covers batch jobs, queue signals, optional cloud provisioning, worker proxying, DLQ posture, and tick processing through SDK/connected-host ownership.",
514
+ "userAccess": "The user sees batch and queue posture through Agent diagnostics where exposed, without Agent shipping cloud provisioning controls.",
515
+ "modelAccess": "agent_harness connected-host capability reports and operator briefing/action tools expose allowed batch/automation posture to the model.",
516
+ "safetyBoundary": "Agent does not implement cloud provisioning, batch workers, listener hosting, or service lifecycle internals.",
517
+ "releaseEvidence": "Readiness evidence cites connected-host batch inventory and connected-host docs, with release certification requiring connected-host compatibility."
518
+ }
519
+ },
520
+ {
521
+ "id": "additional-channel-adapter-matrix",
522
+ "capability": "The release channel coverage includes additional long-tail chat surfaces beyond the current connected-host core surface set.",
523
+ "owner": "connected-host",
524
+ "status": "covered",
525
+ "evidence": "goodvibes-connected-host: long-tail channel type, plugin, enterprise delivery, bridge delivery, and setup-schema inventory reviewed under runtime-contract-review; docs/channels-remote-and-api.md",
526
+ "action": "Keep the long-tail channel matrix registered in the connected-host surface union, plugin registry, delivery strategies, setup schemas, and operator channel routes.",
527
+ "quality": {
528
+ "capabilityCoverage": "Covers the long-tail channel matrix through connected-host surface unions, plugin registry, delivery strategies, setup schemas, and operator channel routes.",
529
+ "userAccess": "The user sees all configured channel readiness and exact send paths through Agent channel surfaces.",
530
+ "modelAccess": "agent_channel_send and agent_harness channels/channel, channel workspace, command, settings, and connected-host capability reports expose the channel matrix to the model.",
531
+ "safetyBoundary": "Agent keeps adapter setup and secret-bearing lifecycle in connected-host/SDK ownership while confirmed sends stay exact-target.",
532
+ "releaseEvidence": "Readiness evidence cites connected-host long-tail channel inventory and Agent channel docs, with live outcome certification covering external sends."
533
+ }
534
+ },
535
+ {
536
+ "id": "telephony-conversation-channel",
537
+ "capability": "The release coverage includes phone-call style conversation or notification delivery as a channel-class surface.",
538
+ "owner": "connected-host",
539
+ "status": "covered",
540
+ "evidence": "goodvibes-connected-host: telephony channel adapter and bridge delivery inventory reviewed under runtime-contract-review; docs/channels-remote-and-api.md; src/agent/channel-delivery.ts; src/input/agent-workspace-channels.ts; src/tools/agent-harness-channel-metadata.ts; src/agent/reminder-schedule.ts; src/agent/routine-schedule-args.ts",
541
+ "action": "Keep telephony owned by the connected-host SDK and expose Agent readiness/send UX through existing channel routes.",
542
+ "quality": {
543
+ "capabilityCoverage": "Covers phone-call style conversation or notification delivery as a channel-class surface through connected-host telephony adapters and bridge delivery.",
544
+ "userAccess": "The user can inspect telephony readiness and send via channel/reminder/routine delivery routes when configured.",
545
+ "modelAccess": "agent_channel_send, agent_reminder_schedule, and agent_harness channels/channel plus connected-host metadata expose telephony as a routed channel surface to the model.",
546
+ "safetyBoundary": "Agent does not own telephony adapter credentials or service lifecycle and uses explicit target/confirmation rules for delivery.",
547
+ "releaseEvidence": "Readiness evidence cites connected-host telephony inventory and Agent channel/reminder/routine sources."
548
+ }
549
+ },
550
+ {
551
+ "id": "mobile-device-command-depth",
552
+ "capability": "The release coverage includes deeper mobile-device command surfaces beyond pairing, chat, voice, camera/media attachment, and realtime client support.",
553
+ "owner": "companion",
554
+ "status": "covered",
555
+ "evidence": "goodvibes-companion: companion command-depth, pairing, chat, shared-session, approvals, tasks, provider/model controls, attachments, and realtime foreground-event inventory reviewed under runtime-contract-review; docs/channels-remote-and-api.md",
556
+ "action": "Keep the companion app aligned with SDK contracts for secure auth, QR pairing, companion chat, shared sessions, approvals, tasks, provider/model controls, attachments, and realtime foreground events.",
557
+ "quality": {
558
+ "capabilityCoverage": "Covers companion command depth beyond pairing: chat, shared sessions, approvals, tasks, provider/model controls, attachments, and realtime foreground events.",
559
+ "userAccess": "The user gets companion-facing command depth through the companion app and Agent pairing/session surfaces.",
560
+ "modelAccess": "agent_harness pairing_posture/pairing_route, model_routing/model_route, connected_host, connected_host_capability, connected_host_status, operator methods, and first-class operator/channel/media tools expose pairing, shared-session, task, approval, provider/model, attachment, and mobile route boundaries for companion workflows.",
561
+ "safetyBoundary": "Companion commands align to SDK contracts for secure auth and do not bypass Agent confirmation or token policy.",
562
+ "releaseEvidence": "Readiness evidence cites companion evidence alias and channel docs, with live certification covering companion/pairing outcomes."
563
+ }
564
+ },
565
+ {
566
+ "id": "live-outcome-certification",
567
+ "capability": "Every externally backed capability needs fresh live evidence before a stable release, including real channel sends, schedule execution, provider usage, media generation, pairing, and Agent Knowledge answers.",
568
+ "owner": "release",
569
+ "status": "covered",
570
+ "evidence": "release/live-verification/live-verification.json; release/live-verification/live-verification.md; strict live verification on 2026-06-04 reported 19 pass, 0 warn, 0 fail, 0 skip against connected host SDK 0.33.36.",
571
+ "action": "Keep strict live verification current for every stable release and rerun it after connected-host, provider, channel, media, pairing, Agent Knowledge, or package-runtime changes.",
572
+ "quality": {
573
+ "capabilityCoverage": "Requires fresh external outcome evidence for externally backed capabilities, including channel sends, schedule execution, provider usage, media generation, pairing, and Agent Knowledge answers.",
574
+ "userAccess": "The user receives releases only after live outcomes are recorded for the external surfaces that cannot be fully proven locally.",
575
+ "modelAccess": "The model can inspect live-verification artifacts through agent_harness release_evidence_artifact and inspect service_posture, service_endpoint, and connected_host_status for the endpoint and live posture used by the release gate.",
576
+ "safetyBoundary": "Live certification redacts token values, local paths, and private addresses and treats warnings, failures, skips, and SDK mismatch as release blockers.",
577
+ "releaseEvidence": "The current strict live verification artifacts record pass-only release evidence and are required by package verification once readiness blockers are absent."
578
+ }
579
+ }
580
+ ]
581
+ }