@pellux/goodvibes-tui 0.19.87 → 0.19.89

package/CHANGELOG.md

@@ -4,6 +4,16 @@ All notable changes to GoodVibes TUI.
 
 ---
 
+## [0.19.89] — 2026-05-10
+
+### Changes
+- 0849fa4b chore: update sdk to 0.33.23
+
+## [0.19.88] — 2026-05-10
+
+### Changes
+- 3de00981 fix: preserve WRFC implementation scope
+
 ## [0.19.87] — 2026-05-09
 
 ### Changes

package/README.md

@@ -2,7 +2,7 @@
 
 [![CI](https://github.com/mgd34msu/goodvibes-tui/actions/workflows/ci.yml/badge.svg)](https://github.com/mgd34msu/goodvibes-tui/actions/workflows/ci.yml)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![Version](https://img.shields.io/badge/version-0.19.87-blue.svg)](https://github.com/mgd34msu/goodvibes-tui)
+[![Version](https://img.shields.io/badge/version-0.19.89-blue.svg)](https://github.com/mgd34msu/goodvibes-tui)
 
 A terminal-native AI coding, operations, automation, knowledge, and integration console with a typed runtime, omnichannel surfaces, structured memory/knowledge, and a raw ANSI renderer.
 

package/docs/foundation-artifacts/operator-contract.json

@@ -3,7 +3,7 @@
   "product": {
     "id": "goodvibes",
     "surface": "operator",
-    "version": "0.33.22"
+    "version": "0.33.23"
   },
   "auth": {
     "modes": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pellux/goodvibes-tui",
-  "version": "0.19.87",
+  "version": "0.19.89",
   "description": "Terminal-native GoodVibes product for coding, operations, automation, knowledge, channels, and daemon-backed control-plane workflows.",
   "type": "module",
   "main": "src/main.ts",
@@ -97,7 +97,7 @@
     "@anthropic-ai/vertex-sdk": "^0.16.0",
     "@ast-grep/napi": "^0.42.0",
     "@aws/bedrock-token-generator": "^1.1.0",
-    "@pellux/goodvibes-sdk": "0.33.22",
+    "@pellux/goodvibes-sdk": "0.33.23",
     "bash-language-server": "^5.6.0",
     "fuse.js": "^7.1.0",
     "graphql": "^16.13.2",

package/src/runtime/bootstrap-core.ts

@@ -222,7 +222,9 @@ export async function initializeBootstrapCore(
     overflowHandler: services.overflowHandler,
     changeTracker: services.sessionChangeTracker,
   });
-  installWrfcAgentToolGuard(toolRegistry);
+  installWrfcAgentToolGuard(toolRegistry, {
+    getLastUserMessage: () => conversation.getLastUserMessage(),
+  });
   services.agentOrchestrator.setDependencies({
     surfaceRoot: 'tui',
     fileCache,

package/src/runtime/bootstrap.ts

@@ -49,6 +49,19 @@ import { createSafeHostServeFactory } from '../daemon/safe-serve.ts';
 
 type ExternalServiceFactories = NonNullable<Parameters<typeof startExternalServices>[4]>;
 
+const TUI_ORCHESTRATION_GUARDRAILS = [
+  '## GoodVibes TUI Orchestration Guardrails',
+  '- If the user asks to make, build, implement, create, add, fix, update, or patch something, preserve that implementation request. Do not restate it as design-only, planning-only, read-only, or no-write work unless the user explicitly requested that.',
+  '- Do not add "Do not write files", restrict tools to read/find/inspect, or remove write/exec capability for implementation work unless the user explicitly asked for read-only analysis.',
+  '- For one deliverable that needs WRFC, reviewed implementation, testing, verification, or review/fix cycles, use one `agent` spawn with `template: "engineer"` and `reviewMode: "wrfc"` whose `task` is the full user request. Do not batch-spawn sibling Engineer/Reviewer/Tester/Verifier roots for the same deliverable.',
+  '- Use `batch-spawn` only for genuinely independent sidecar tasks. Review, test, verify, and fix phases for one deliverable belong inside the WRFC owner chain.',
+  '- If an `agent` tool result reports `authoritativeWrfcChain: true`, `continueRootSpawning: false`, or `orchestrationStopSignal: "wrfc_owner_chain_started"`, stop spawning root agents for that deliverable and wait/report status instead.',
+].join('\n');
+
+function joinPromptParts(...parts: Array<string | null | undefined>): string {
+  return parts.map((part) => part?.trim()).filter((part): part is string => Boolean(part)).join('\n\n');
+}
+
 // ── Bootstrap context type ──────────────────────────────────────────────────
 
 /**
@@ -196,7 +209,7 @@ export async function bootstrapRuntime(
       const contextWindow = providerRegistry.getContextWindowForModel(currentModel);
       const tier = getTierForContextWindow(contextWindow);
       const supplement = getTierPromptSupplement(tier);
-      return supplement ? runtime.systemPrompt + '\n\n' + supplement : runtime.systemPrompt;
+      return joinPromptParts(runtime.systemPrompt, TUI_ORCHESTRATION_GUARDRAILS, supplement);
     },
     hookDispatcher,
     flagManager: services.featureFlags,

package/src/tools/wrfc-agent-guard.ts

@@ -5,6 +5,17 @@ type AgentToolArgs = {
   readonly mode?: unknown;
   readonly task?: unknown;
   readonly template?: unknown;
+  readonly tools?: unknown;
+  readonly restrictTools?: unknown;
+  readonly context?: unknown;
+  readonly successCriteria?: unknown;
+  readonly requiredEvidence?: unknown;
+  readonly writeScope?: unknown;
+  readonly executionProtocol?: unknown;
+  readonly model?: unknown;
+  readonly provider?: unknown;
+  readonly fallbackModels?: unknown;
+  readonly cohort?: unknown;
   readonly reviewMode?: unknown;
   readonly dangerously_disable_wrfc?: unknown;
   readonly tasks?: unknown;
@@ -14,23 +25,37 @@ type AgentToolArgs = {
 type AgentTaskArgs = {
   readonly task?: unknown;
   readonly template?: unknown;
+  readonly tools?: unknown;
+  readonly restrictTools?: unknown;
+  readonly context?: unknown;
+  readonly successCriteria?: unknown;
+  readonly requiredEvidence?: unknown;
+  readonly writeScope?: unknown;
+  readonly executionProtocol?: unknown;
+  readonly model?: unknown;
+  readonly provider?: unknown;
+  readonly fallbackModels?: unknown;
   readonly reviewMode?: unknown;
   readonly dangerously_disable_wrfc?: unknown;
   readonly [key: string]: unknown;
 };
 
-export function installWrfcAgentToolGuard(registry: ToolRegistry): void {
+type WrfcAgentToolGuardOptions = {
+  readonly getLastUserMessage?: () => string | null;
+};
+
+export function installWrfcAgentToolGuard(registry: ToolRegistry, options: WrfcAgentToolGuardOptions = {}): void {
   const agentTool = registry.list().find((tool) => tool.definition.name === 'agent');
   if (!agentTool) throw new Error('WRFC agent guard could not find the agent tool.');
-  wrapWrfcAgentTool(agentTool);
+  wrapWrfcAgentTool(agentTool, options);
 }
 
-export function wrapWrfcAgentTool(tool: Tool): void {
+export function wrapWrfcAgentTool(tool: Tool, options: WrfcAgentToolGuardOptions = {}): void {
   const originalExecute = tool.execute.bind(tool);
   tool.execute = async (args) => {
     const denial = validateWrfcAgentToolInvocation(args as AgentToolArgs);
     if (denial) return { success: false, error: denial };
-    return originalExecute(normalizeWrfcAgentToolInvocation(args as AgentToolArgs) as Parameters<Tool['execute']>[0]);
+    return originalExecute(normalizeWrfcAgentToolInvocation(args as AgentToolArgs, options) as Parameters<Tool['execute']>[0]);
   };
 }
 
@@ -41,14 +66,26 @@ export function validateWrfcAgentToolInvocation(args: AgentToolArgs): string | n
   return null;
 }
 
-export function normalizeWrfcAgentToolInvocation(args: AgentToolArgs): AgentToolArgs {
+export function normalizeWrfcAgentToolInvocation(args: AgentToolArgs, options: WrfcAgentToolGuardOptions = {}): AgentToolArgs {
+  const lastUserMessage = cleanText(options.getLastUserMessage?.() ?? null);
   if (args.mode === 'spawn') {
-    if (isExplicitWrfcTask(args, args)) return { ...args, reviewMode: 'wrfc', dangerously_disable_wrfc: false };
+    if (shouldRouteSpawnToWrfc(args)) {
+      const normalized: AgentToolArgs = {
+        ...args,
+        task: selectAuthoritativeTask(args.task, lastUserMessage),
+        reviewMode: 'wrfc',
+        dangerously_disable_wrfc: false,
+      };
+      return cleanText(args.template) ? normalized : { ...normalized, template: 'engineer' };
+    }
     return { ...args, reviewMode: 'none', dangerously_disable_wrfc: true };
   }
 
   if (args.mode !== 'batch-spawn') return args;
   const tasks = Array.isArray(args.tasks) ? args.tasks.filter(isRecord) : [];
+  if (shouldCollapseBatchToAuthoritativeWrfc(args, tasks) && lastUserMessage) {
+    return buildAuthoritativeWrfcSpawn(args, tasks, lastUserMessage);
+  }
   const wrfcTasks = tasks.filter((task) => isExplicitWrfcTask(task, args));
   if (wrfcTasks.length === 0) {
     return {
@@ -77,9 +114,63 @@ function isRecord(value: unknown): value is AgentTaskArgs {
   return Boolean(value) && typeof value === 'object';
 }
 
+function shouldRouteSpawnToWrfc(args: AgentToolArgs): boolean {
+  return isExplicitWrfcTask(args, args)
+    || isRootReviewRoleTask(args)
+    || isImplementationLikeTask(args);
+}
+
+function shouldCollapseBatchToAuthoritativeWrfc(root: AgentToolArgs, tasks: AgentTaskArgs[]): boolean {
+  if (tasks.length === 0) return false;
+  if (containsWrfcSignal(root.task)) return true;
+  return tasks.some((task) => isExplicitWrfcTask(task, root) || isRootReviewRoleTask(task));
+}
+
+function buildAuthoritativeWrfcSpawn(root: AgentToolArgs, tasks: AgentTaskArgs[], lastUserMessage: string): AgentToolArgs {
+  const context = [
+    cleanText(root.context) ? `Caller context:\n${cleanText(root.context)}` : null,
+    'TUI WRFC scope guard: the root model attempted to decompose one deliverable into role/root child tasks.',
+    'The authoritative task is the user request below. Proposed child tasks are non-authoritative context only.',
+    'Ignore any proposed child instruction that narrows the task to design-only/read-only/no-write unless the user request itself says that.',
+    `Authoritative user request:\n${lastUserMessage}`,
+    'Proposed child tasks:',
+    ...tasks.map((task, index) => `${index + 1}. [${cleanText(task.template) || 'general'}] ${cleanText(task.task)}`),
+  ].filter((line): line is string => Boolean(line)).join('\n');
+
+  return {
+    mode: 'spawn',
+    task: lastUserMessage,
+    template: 'engineer',
+    model: root.model,
+    provider: root.provider,
+    fallbackModels: root.fallbackModels,
+    context,
+    successCriteria: uniqueStrings([
+      root.successCriteria,
+      ...tasks.map((task) => task.successCriteria),
+      [
+        'Satisfy the original user request, not a narrowed child-task restatement.',
+        'Keep review, test, verification, and fix work inside this single WRFC owner chain.',
+      ],
+    ]),
+    requiredEvidence: uniqueStrings([
+      root.requiredEvidence,
+      ...tasks.map((task) => task.requiredEvidence),
+    ]),
+    writeScope: uniqueStrings([
+      root.writeScope,
+      ...tasks.map((task) => task.writeScope),
+    ]),
+    executionProtocol: root.executionProtocol ?? 'gather-plan-apply',
+    reviewMode: 'wrfc',
+    dangerously_disable_wrfc: false,
+    cohort: root.cohort,
+  };
+}
+
 function isExplicitWrfcTask(task: AgentTaskArgs, root: AgentToolArgs): boolean {
   const disabled = task.dangerously_disable_wrfc === true || root.dangerously_disable_wrfc === true;
-  if (disabled) return false;
+  if (disabled && !containsWrfcSignal(task.task) && !containsWrfcSignal(root.task)) return false;
   return task.reviewMode === 'wrfc'
     || root.reviewMode === 'wrfc'
     || containsWrfcSignal(task.task)
@@ -90,3 +181,38 @@ function containsWrfcSignal(value: unknown): boolean {
   if (typeof value !== 'string') return false;
   return /\bwrfc\b|work[-\s]*review[-\s]*fix/i.test(value);
 }
+
+function isRootReviewRoleTask(task: AgentTaskArgs): boolean {
+  const template = cleanText(task.template).toLowerCase();
+  if (/^(reviewer|tester|verifier|review|test|qa)$/.test(template)) return true;
+  const text = cleanText(task.task);
+  return /^\s*(?:\[?\s*)?(?:reviewer|tester|verifier|qa|quality\s+assurance|test|review|verify|validator)\b[\]\s:;-]*/i.test(text)
+    || /\b(?:test|tests|testing|review|reviews|reviewing|verify|verifies|verifying|verification|validate|validates|validating|validation|qa)\s+(?:the|this|that|implementation|solution|feature|deliverable|code|changes|work|output|result|patch|diff)\b/i.test(text);
+}
+
+function isImplementationLikeTask(task: AgentTaskArgs): boolean {
+  const text = cleanText(task.task);
+  if (!text) return false;
+  return /\b(?:build|implement|create|add|write|fix|repair|update|refactor|change|modify|deliver|make|patch)\b/i.test(text)
+    && !isReadOnlyTask(text);
+}
+
+function isReadOnlyTask(text: string): boolean {
+  if (/\bdo\s+not\s+(?:write|edit|modify|change|create)\b|\bread[-\s]*only\b|\bwithout\s+(?:writing|editing|modifying|changing|creating)\b/i.test(text)) return true;
+  return /^\s*(?:inspect|research|read|find|list|summarize|analy[sz]e|explain)\b/i.test(text)
+    && !/\b(?:build|implement|create|add|write|fix|repair|update|refactor|change|modify|deliver|make|patch)\b/i.test(text);
+}
+
+function selectAuthoritativeTask(candidate: unknown, lastUserMessage: string): string {
+  return lastUserMessage || cleanText(candidate);
+}
+
+function uniqueStrings(groups: readonly unknown[]): string[] | undefined {
+  const values = groups.flatMap((group) => Array.isArray(group) ? group : []).filter((value): value is string => typeof value === 'string' && value.trim().length > 0);
+  const unique = [...new Set(values)];
+  return unique.length > 0 ? unique : undefined;
+}
+
+function cleanText(value: unknown): string {
+  return typeof value === 'string' ? value.trim() : '';
+}

package/src/version.ts

@@ -6,7 +6,7 @@ import { join } from 'node:path';
 // The prebuild script updates the fallback value before compilation.
 // Uses import.meta.dir (Bun) to locate package.json relative to this file,
 // which is correct regardless of the process working directory.
-let _version = '0.19.87';
+let _version = '0.19.89';
 try {
   const pkg = JSON.parse(readFileSync(join(import.meta.dir, '..', 'package.json'), 'utf-8'));
   _version = pkg.version ?? _version;