npm - @rubytech/create-realagent - Versions diffs - 1.0.794 → 1.0.797 - Mend

@rubytech/create-realagent 1.0.794 → 1.0.797

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (70) hide show

package/payload/platform/scripts/logs-read.sh CHANGED Viewed

@@ -16,8 +16,10 @@
 #   logs-read.sh --tail [type] [lines]         Tail most recent file of type
 #   logs-read.sh --grep <sessionKey> [type]    Legacy grep across log files
 #
-# Types: system, session, error, heartbeat, public, server, mcp, vnc, review
-# For per-conversation types (system/session/error/public): conversationId is
+# Types: agent-stream (canonical, per-conversation tool-use/tool-result archive;
+#        `system` is kept as a backwards-compatible alias), session, error,
+#        heartbeat, public, server, mcp, vnc, review
+# For per-conversation types (agent-stream/system/session/error/public): conversationId is
 # required in the first mode. For platform-scoped types (server/vnc/review/
 # heartbeat): conversationId is ignored.
 #
@@ -93,9 +95,12 @@ account_suffix() {
 # --- Prefix map (mirrors MCP tool exactly) ---
 # Per-conversation types: stream log + its siblings (stderr, sse, public).
+# Task 850 — `agent-stream` is the canonical name for the per-conversation
+# tool-use/tool-result archive; `system` is kept as a backwards-compatible
+# alias.
 prefix_for_type() {
   case "$1" in
-    system)  echo "claude-agent-stream-" ;;
+    agent-stream|system) echo "claude-agent-stream-" ;;
     error)   echo "claude-agent-stderr-" ;;
     session) echo "sse-events-" ;;
     public)  echo "public-agent-stream-" ;;
@@ -107,13 +112,13 @@ prefix_for_type() {
 # Which types are per-conversation (the first mode's convId argument applies)
 is_per_conversation_type() {
   case "$1" in
-    system|error|session|public) return 0 ;;
+    agent-stream|system|error|session|public) return 0 ;;
     *) return 1 ;;
   esac
 }
-SEARCH_TYPES="system error session public server mcp vnc review"
-VALID_TYPES="system, session, error, heartbeat, public, server, mcp, vnc, review"
+SEARCH_TYPES="agent-stream error session public server mcp vnc review"
+VALID_TYPES="agent-stream, system, session, error, heartbeat, public, server, mcp, vnc, review"
 usage() {
   cat >&2 <<EOF
@@ -123,9 +128,9 @@ Usage:
   logs-read.sh --grep <sessionKey> [type]    Legacy grep across log files
 Types: $VALID_TYPES
-Default type: system | Default lines: 50
+Default type: agent-stream | Default lines: 50
-Per-conversation types (system, session, error, public) require conversationId
+Per-conversation types (agent-stream, system, session, error, public) require conversationId
 in the first mode — the log file is named {prefix}-{conversationId}.log.
 Platform-scoped types (server, vnc, review, heartbeat) ignore conversationId.
 EOF
@@ -135,7 +140,7 @@ EOF
 validate_type() {
   local t="$1"
   case "$t" in
-    system|session|error|heartbeat|public|server|mcp|vnc|review) return 0 ;;
+    agent-stream|system|session|error|heartbeat|public|server|mcp|vnc|review) return 0 ;;
     *) echo "Error: invalid type '$t'. Valid types: $VALID_TYPES" >&2; exit 2 ;;
   esac
 }
@@ -161,7 +166,7 @@ validate_type() {
 #   - platform/plugins/admin/mcp/src/index.ts (conversationId branch)
 per_conversation_mode() {
   local conv_id="$1"
-  local filter_type="${2:-system}"
+  local filter_type="${2:-agent-stream}"
   if [[ -z "$conv_id" ]]; then
     echo "Error: conversationId cannot be empty" >&2
@@ -362,7 +367,7 @@ grep_mode() {
 }
 tail_mode() {
-  local log_type="${1:-system}"
+  local log_type="${1:-agent-stream}"
   local lines="${2:-50}"
   validate_type "$log_type"
@@ -462,7 +467,7 @@ fi
 case "$1" in
   --tail)
     shift
-    tail_mode "${1:-system}" "${2:-50}"
+    tail_mode "${1:-agent-stream}" "${2:-50}"
     ;;
   --grep)
     shift

package/payload/platform/scripts/seed-neo4j.sh CHANGED Viewed

@@ -98,6 +98,15 @@ fi
 #                webfetch-preflight.mjs: detects JS-SPA shells before WebFetch's
 #                  60s extraction timeout (Task 536). Fail-open on any error;
 #                  on positive SPA detection exits 2 with WEBFETCH_CANNOT_READ_JS_SPA.
+#                archive-ingest-gate.sh (Task 846): blocks plugin-source edits, JS
+#                  test runners, and any tool call after a *-export-parse /
+#                  *-import-parse tool returns isError=true (cleared on next user
+#                  prompt). Wired at three points: explicit Edit/Write/NotebookEdit/
+#                  Bash matchers (path + test-runner enforcement), a no-matcher
+#                  PreToolUse entry (post-parse-error gate fires on every tool),
+#                  and a PostToolUse regex matcher for parse tools.
+#                UserPromptSubmit — archive-ingest-gate.sh clears the parse-error
+#                  flag when the operator's next prompt arrives.
 HOOKS_PATH="\$PLATFORM_ROOT/plugins/admin/hooks"
 cat > "$ACCOUNT_SETTINGS" << SETTINGS_EOF
 {
@@ -109,46 +118,60 @@ cat > "$ACCOUNT_SETTINGS" << SETTINGS_EOF
       {
         "matcher": "Write",
         "hooks": [
-          {
-            "type": "command",
-            "command": "bash $HOOKS_PATH/pre-tool-use.sh admin"
-          }
+          { "type": "command", "command": "bash $HOOKS_PATH/pre-tool-use.sh admin" },
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
         ]
       },
       {
         "matcher": "Edit",
         "hooks": [
-          {
-            "type": "command",
-            "command": "bash $HOOKS_PATH/pre-tool-use.sh admin"
-          }
+          { "type": "command", "command": "bash $HOOKS_PATH/pre-tool-use.sh admin" },
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
+        ]
+      },
+      {
+        "matcher": "NotebookEdit",
+        "hooks": [
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
         ]
       },
       {
         "matcher": "Bash",
         "hooks": [
-          {
-            "type": "command",
-            "command": "bash $HOOKS_PATH/pre-tool-use.sh admin"
-          }
+          { "type": "command", "command": "bash $HOOKS_PATH/pre-tool-use.sh admin" },
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
+        ]
+      },
+      {
+        "hooks": [
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
         ]
       },
       {
         "matcher": "mcp__plugin_playwright_playwright__browser_navigate",
         "hooks": [
-          {
-            "type": "command",
-            "command": "bash $HOOKS_PATH/playwright-file-guard.sh"
-          }
+          { "type": "command", "command": "bash $HOOKS_PATH/playwright-file-guard.sh" }
         ]
       },
       {
         "matcher": "WebFetch",
         "hooks": [
-          {
-            "type": "command",
-            "command": "node $HOOKS_PATH/webfetch-preflight.mjs"
-          }
+          { "type": "command", "command": "node $HOOKS_PATH/webfetch-preflight.mjs" }
+        ]
+      }
+    ],
+    "PostToolUse": [
+      {
+        "matcher": "mcp__.*__.*-(export|import)-parse$",
+        "hooks": [
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
+        ]
+      }
+    ],
+    "UserPromptSubmit": [
+      {
+        "hooks": [
+          { "type": "command", "command": "bash $HOOKS_PATH/archive-ingest-gate.sh" }
         ]
       }
     ]

package/payload/platform/templates/agents/admin/IDENTITY.md CHANGED Viewed

@@ -202,6 +202,12 @@ The owner can manage who has admin access to this account through conversation.
 Only the owner (or any current admin) can manage admins. Role is a label only — "owner" marks the original creator, "admin" marks subsequent additions. No capability differences are enforced.
+**Three-store admin auth invariant.** Admin identity lives in three places that must stay in lockstep: `account.json` `admins[]` (account-level role), `users.json` (device-level PIN auth — the source of truth at login time), Neo4j `:AdminUser` + `:Person` + `OWNS` + `ADMIN_OF` (display + graph identity). `admin-add` writes all three; `admin-update-pin` writes `users.json` only (the other stores carry no PIN). Any leg failing makes the tool return `is_error: true` with a `[admin-auth-store] action=… userId=… result=fail store=…` line in `server.log` naming exactly which leg failed and what was already written. When you see such a line, treat the admin record as half-written and tell the owner — manual reconciliation may be needed.
+**Never `Edit` or `Write` `account.json` directly.** All account-level mutations — `tier`, `outputStyle`, `thinkingView`, `effort`, `enabledPlugins`, `admins[]`, agent settings — go through the dedicated MCP tools: `account-update`, `plugin-toggle-enabled`, `admin-add`, `admin-remove`. The pre-tool-use hook denies direct `Edit`/`Write` on `account.json` server-side; this rule is the LLM-visible explanation. `tier` and `purchasedPlugins` specifically derive from a Rubytech-signed entitlement payload — the disk value of `account.json.tier` is ignored on commercial installs, so a hand-edit is silently void.
+**`admin-add` retries — re-pass any user-stated PIN.** If `admin-add` returns an error (tier cap reached, PIN collision) and the owner resolves the blocker (upgrade tier, remove an existing admin), the retried `admin-add` MUST re-pass the PIN the owner originally stated as the `pin` parameter. Omitting `pin` on the retry auto-generates a different 4-digit PIN — silently substituting what the owner asked for. The resulting `admin-update-pin` correction loop is exactly the failure mode that hid the Adam Mackay incident from the recovery agent.
 ## Plugin and Account Management
 Plugin installation, removal, and account settings changes are managed via conversation. Load the relevant skill via `plugin-read` (find its path in the manifest under `admin`).

package/payload/platform/templates/specialists/agents/database-operator.md CHANGED Viewed

@@ -30,6 +30,8 @@ A landfill graph defeats EVIDENCE-BASED: search returns noise, the agent re-writ
 The pre-publish gate (`platform/scripts/verify-skill-tool-surface.sh`) statically asserts every shipped skill's prescribed `mcp__*` tokens resolve against your frontmatter `tools:` list, so a missing tool is a build error, not a production discovery. LOUD-FAIL is the runtime backstop when that gate is bypassed (e.g. operator-edited skill).
+**Archive-ingest gate (Task 846).** During archive imports the LOUD-FAIL contract is structurally enforced by `platform/plugins/admin/hooks/archive-ingest-gate.sh`. When any `mcp__*__*-export-parse` / `mcp__*__*-import-parse` tool returns `isError: true`, the hook records a parse-error flag — every subsequent tool call in this turn is blocked at the harness, and you must yield back to the admin agent with a user-facing message naming the parse-error. The flag clears on the operator's next prompt. The same hook denies `Edit`/`Write`/`NotebookEdit` against `platform/plugins/*/lib/*` and Bash invocations of `vitest`/`bun test`/`npm test`/`npx jest` regardless of state — the operator does not own plugin source. *Failure symptoms (now harness-blocked):* appending vitest cases to a parser test file after `whatsapp-export-parse` returned isError, running `npx vitest` to "diagnose" a parser, editing `parse-export.ts` to "fix" a malformed input. Treat these blocks as confirmation that the gate is doing its job — surface the parse-error and yield, do not retry around the block.
 ---
 ## Output contract