autosnippet 2.1.0 → 2.4.0

package/lib/service/chat/tools.js

@@ -1,7 +1,7 @@
 /**
  * tools.js — ChatAgent 全部工具定义
  *
- * 33 个工具覆盖项目全部 AI 能力:
+ * 37 个工具覆盖项目全部 AI 能力:
  *
  * ┌─── 查询类 (8) ─────────────────────────────────┐
  * │  1. search_recipes       搜索 Recipe            │
@@ -53,6 +53,11 @@
  * │ 32. load_skill            加载 Agent Skill 文档   │
  * │ 33. bootstrap_knowledge   冷启动知识库初始化      │
  * └─────────────────────────────────────────────────────┘
+ * ┌─── 组合工具 (3) ───────────────────────────────────┐
+ * │ 34. analyze_code          Guard + Recipe 搜索      │
+ * │ 35. knowledge_overview    全局知识库概览           │
+ * │ 36. submit_with_check     查重 + 提交              │
+ * └─────────────────────────────────────────────────────┘
  */
 
 import fs from 'node:fs';
@@ -63,8 +68,11 @@ import Logger from '../../infrastructure/logging/Logger.js';
 
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 
+const PROJECT_ROOT = path.resolve(__dirname, '../../..');
 /** skills/ 目录绝对路径 */
-const SKILLS_DIR = path.resolve(__dirname, '../../../skills');
+const SKILLS_DIR = path.resolve(PROJECT_ROOT, 'skills');
+/** 项目级 skills 目录 */
+const PROJECT_SKILLS_DIR = path.resolve(PROJECT_ROOT, '.autosnippet', 'skills');
 
 // ────────────────────────────────────────────────────────────
 // 1. search_recipes
@@ -206,7 +214,24 @@ const searchKnowledge = {
       const searchEngine = ctx.container.get('searchEngine');
       const results = await searchEngine.search(query, { limit: topK });
       if (results && results.length > 0) {
-        return { source: 'searchEngine', results: results.slice(0, topK) };
+        const enriched = results.slice(0, topK).map((r, i) => ({
+          ...r,
+          reasoning: {
+            whyRelevant: r.score != null
+              ? `匹配分 ${(r.score * 100).toFixed(0)}%` + (r.matchType ? ` (${r.matchType})` : '')
+              : '语义相关',
+            rank: i + 1,
+          },
+        }));
+        const topScore = enriched[0]?.score ?? 0;
+        return {
+          source: 'searchEngine',
+          results: enriched,
+          _meta: {
+            confidence: topScore > 0.7 ? 'high' : topScore > 0.3 ? 'medium' : 'low',
+            hint: topScore < 0.3 ? '匹配度较低，结果可能不够相关。建议尝试更具体的查询词。' : null,
+          },
+        };
       }
     } catch { /* SearchEngine not available */ }
 
@@ -233,7 +258,7 @@ const searchKnowledge = {
       }
     } catch { /* RetrievalFunnel not available */ }
 
-    return { source: 'none', results: [], message: 'No search engine available' };
+    return { source: 'none', results: [], message: 'No search engine available', _meta: { confidence: 'none', hint: '搜索引擎不可用。请确认向量索引已构建（rebuild_index）。' } };
   },
 };
 
@@ -464,6 +489,13 @@ const checkDuplicate = {
       similar,
       hasDuplicate: similar.some(s => s.similarity >= 0.7),
       highestSimilarity: similar.length > 0 ? similar[0].similarity : 0,
+      _meta: {
+        confidence: similar.length === 0 ? 'none'
+          : similar[0].similarity >= 0.7 ? 'high' : 'low',
+        hint: similar.length === 0 ? '未发现相似 Recipe，可放心提交。'
+          : similar[0].similarity >= 0.7 ? '发现高度相似 Recipe，建议人工审核是否重复。'
+          : '有低相似度匹配，大概率不是重复。',
+      },
     };
   },
 };
@@ -696,6 +728,7 @@ const guardCheckCode = {
     try {
       const engine = ctx.container.get('guardCheckEngine');
       const violations = engine.checkCode(code, language || 'unknown', { scope });
+      // reasoning 已由 GuardCheckEngine.checkCode() 内置附加
       return { violationCount: violations.length, violations };
     } catch { /* not available */ }
 
@@ -1116,15 +1149,19 @@ const loadSkill = {
     required: ['skillName'],
   },
   handler: async (params) => {
-    const skillPath = path.join(SKILLS_DIR, params.skillName, 'SKILL.md');
+    // 项目级 Skills 优先（覆盖同名内置 Skill）
+    const projectSkillPath = path.join(PROJECT_SKILLS_DIR, params.skillName, 'SKILL.md');
+    const builtinSkillPath = path.join(SKILLS_DIR, params.skillName, 'SKILL.md');
+    const skillPath = fs.existsSync(projectSkillPath) ? projectSkillPath : builtinSkillPath;
     try {
       const content = fs.readFileSync(skillPath, 'utf8');
-      return { skillName: params.skillName, content };
+      const source = skillPath === projectSkillPath ? 'project' : 'builtin';
+      return { skillName: params.skillName, source, content };
     } catch {
-      const available = fs.readdirSync(SKILLS_DIR, { withFileTypes: true })
-        .filter(d => d.isDirectory())
-        .map(d => d.name);
-      return { error: `Skill "${params.skillName}" not found`, availableSkills: available };
+      const available = new Set();
+      try { fs.readdirSync(SKILLS_DIR, { withFileTypes: true }).filter(d => d.isDirectory()).forEach(d => available.add(d.name)); } catch {}
+      try { fs.readdirSync(PROJECT_SKILLS_DIR, { withFileTypes: true }).filter(d => d.isDirectory()).forEach(d => available.add(d.name)); } catch {}
+      return { error: `Skill "${params.skillName}" not found`, availableSkills: [...available] };
     }
   },
 };
@@ -1166,6 +1203,199 @@ const bootstrapKnowledgeTool = {
 // 导出全部工具
 // ────────────────────────────────────────────────────────────
 
+// ────────────────────────────────────────────────────────────
+// 34. analyze_code — 组合工具 (Guard + Recipe 搜索)
+// ────────────────────────────────────────────────────────────
+const analyzeCode = {
+  name: 'analyze_code',
+  description: '综合分析一段代码：Guard 规范检查 + 相关 Recipe 搜索。一次调用完成完整分析，减少多轮工具调用。',
+  parameters: {
+    type: 'object',
+    properties: {
+      code:     { type: 'string', description: '待分析的源码' },
+      language: { type: 'string', description: '编程语言 (swift/objc/javascript 等)' },
+      filePath: { type: 'string', description: '文件路径（可选，用于上下文）' },
+    },
+    required: ['code'],
+  },
+  handler: async (params, ctx) => {
+    const { code, language, filePath } = params;
+    const results = {};
+
+    // 并行执行 Guard 检查 + Recipe 搜索
+    const [guardResult, searchResult] = await Promise.all([
+      (async () => {
+        try {
+          const engine = ctx.container.get('guardCheckEngine');
+          const violations = engine.checkCode(code, language || 'unknown', { scope: 'file' });
+          return { violationCount: violations.length, violations };
+        } catch {
+          try {
+            const guardService = ctx.container.get('guardService');
+            const matches = await guardService.checkCode(code, { language });
+            return { violationCount: matches.length, violations: matches };
+          } catch { return { violationCount: 0, violations: [] }; }
+        }
+      })(),
+      (async () => {
+        try {
+          const searchEngine = ctx.container.get('searchEngine');
+          // 取代码首段作为搜索词
+          const query = code.substring(0, 200).replace(/\n/g, ' ');
+          const rawResults = await searchEngine.search(query, { limit: 5 });
+          return { results: rawResults || [], total: rawResults?.length || 0 };
+        } catch { return { results: [], total: 0 }; }
+      })(),
+    ]);
+
+    results.guard = guardResult;
+    results.relatedRecipes = searchResult;
+    results.filePath = filePath || '(inline)';
+
+    const hasFindings = guardResult.violationCount > 0 || searchResult.total > 0;
+    results._meta = {
+      confidence: hasFindings ? 'high' : 'low',
+      hint: hasFindings
+        ? `已完成 Guard 检查（${guardResult.violationCount} 个违规）+ Recipe 搜索（${searchResult.total} 条匹配）。`
+        : '未发现 Guard 违规，也未找到相关 Recipe。可能需要先冷启动知识库。',
+    };
+
+    return results;
+  },
+};
+
+// ────────────────────────────────────────────────────────────
+// 35. knowledge_overview — 组合工具 (一次获取全部类型的 Recipe 统计)
+// ────────────────────────────────────────────────────────────
+const knowledgeOverview = {
+  name: 'knowledge_overview',
+  description: '一次性获取知识库全貌：各类型 Recipe 分布 + 候选状态 + 知识图谱概况 + 质量概览。比分别调用 get_project_stats + search_recipes 更高效。',
+  parameters: {
+    type: 'object',
+    properties: {
+      includeTopRecipes: { type: 'boolean', description: '是否包含热门 Recipe 列表，默认 true' },
+      limit: { type: 'number', description: '每类返回数量，默认 5' },
+    },
+  },
+  handler: async (params, ctx) => {
+    const { includeTopRecipes = true, limit = 5 } = params;
+    const result = {};
+
+    // 并行获取统计 + 可选的热门列表
+    const [statsResult, feedbackResult] = await Promise.all([
+      (async () => {
+        try {
+          const recipeService = ctx.container.get('recipeService');
+          const candidateService = ctx.container.get('candidateService');
+          const [rs, cs] = await Promise.all([
+            recipeService.getRecipeStats(),
+            candidateService.getCandidateStats(),
+          ]);
+          return { recipes: rs, candidates: cs };
+        } catch { return null; }
+      })(),
+      (async () => {
+        if (!includeTopRecipes) return null;
+        try {
+          const feedbackCollector = ctx.container.get('feedbackCollector');
+          return feedbackCollector.getTopRecipes(limit);
+        } catch { return null; }
+      })(),
+    ]);
+
+    if (statsResult) {
+      result.recipes = statsResult.recipes;
+      result.candidates = statsResult.candidates;
+    }
+
+    // 知识图谱统计
+    try {
+      const kgService = ctx.container.get('knowledgeGraphService');
+      result.knowledgeGraph = kgService.getStats();
+    } catch { /* KG not available */ }
+
+    if (feedbackResult) result.topRecipes = feedbackResult;
+
+    const recipeCount = result.recipes?.total || result.recipes?.count || 0;
+    result._meta = {
+      confidence: recipeCount > 0 ? 'high' : 'none',
+      hint: recipeCount === 0 ? '知识库为空，建议先执行冷启动（bootstrap_knowledge）。' : null,
+    };
+
+    return result;
+  },
+};
+
+// ────────────────────────────────────────────────────────────
+// 36. submit_with_check — 组合工具 (查重 + 提交)
+// ────────────────────────────────────────────────────────────
+const submitWithCheck = {
+  name: 'submit_with_check',
+  description: '安全提交候选：先执行查重检测，无重复则自动提交。如果发现高度相似 Recipe 则阻止并返回相似列表。一次调用完成 check_duplicate + submit_candidate。',
+  parameters: {
+    type: 'object',
+    properties: {
+      code:     { type: 'string', description: '代码内容' },
+      language: { type: 'string', description: '编程语言' },
+      category: { type: 'string', description: '分类 (View/Service/Tool/Model 等)' },
+      title:    { type: 'string', description: '候选标题' },
+      summary:  { type: 'string', description: '摘要' },
+      threshold: { type: 'number', description: '相似度阈值，默认 0.7' },
+    },
+    required: ['code', 'language', 'category'],
+  },
+  handler: async (params, ctx) => {
+    const { code, language, category, title, summary, threshold = 0.7 } = params;
+    const projectRoot = ctx.projectRoot;
+
+    // Step 1: 查重
+    const cand = { title: title || '', summary: summary || '', code };
+    const similar = findSimilarRecipes(projectRoot, cand, { threshold: 0.5, topK: 5 });
+    const hasDuplicate = similar.some(s => s.similarity >= threshold);
+
+    if (hasDuplicate) {
+      return {
+        submitted: false,
+        reason: 'duplicate_blocked',
+        similar,
+        highestSimilarity: similar[0]?.similarity || 0,
+        _meta: {
+          confidence: 'high',
+          hint: `发现高度相似 Recipe（相似度 ${(similar[0]?.similarity * 100).toFixed(0)}%），已阻止提交。请人工审核。`,
+        },
+      };
+    }
+
+    // Step 2: 提交
+    try {
+      const candidateService = ctx.container.get('candidateService');
+      const item = {
+        code,
+        language,
+        category,
+        title: title || '',
+        summary_cn: summary || '',
+        reasoning: { whyStandard: 'Submitted via submit_with_check', sources: ['agent'], confidence: 0.7 },
+      };
+      const created = await candidateService.createFromToolParams(item, 'agent', {}, { userId: 'agent' });
+
+      return {
+        submitted: true,
+        candidate: created,
+        similar: similar.length > 0 ? similar : [],
+        _meta: {
+          confidence: 'high',
+          hint: similar.length > 0
+            ? `已提交，但有 ${similar.length} 个低相似度匹配，大概率不是重复。`
+            : '已提交，无重复风险。',
+        },
+      };
+    } catch (err) {
+      return { submitted: false, reason: 'submit_error', error: err.message };
+    }
+  },
+};
+
 export const ALL_TOOLS = [
   // 查询类 (8)
   searchRecipes,
@@ -1209,6 +1439,10 @@ export const ALL_TOOLS = [
   // Skills & Bootstrap (2)
   loadSkill,
   bootstrapKnowledgeTool,
+  // 组合工具 (3) — 减少 ReAct 轮次
+  analyzeCode,
+  knowledgeOverview,
+  submitWithCheck,
 ];
 
 export default ALL_TOOLS;

package/lib/service/guard/GuardCheckEngine.js

@@ -351,7 +351,15 @@ export class GuardCheckEngine {
     // 跟踪 Guard 命中次数（回写 Recipe 统计）
     this.trackGuardHits(violations);
 
-    return violations;
+    // ── Reasoning Enrichment: 推理信息跟随数据流动 ──
+    return violations.map(v => ({
+      ...v,
+      reasoning: {
+        whatViolated: v.ruleId,
+        whyItMatters: v.message,
+        suggestedFix: v.suggestedFix || null,
+      },
+    }));
   }
 
   /**

package/lib/service/recipe/RecipeService.js

@@ -27,6 +27,7 @@ export class RecipeService {
     this.gateway = gateway;
     this._knowledgeGraphService = knowledgeGraphService || null;
     this._fileWriter = options.fileWriter || null;
+    this._skillHooks = options.skillHooks || null;
     this.logger = Logger.getInstance();
   }
 
@@ -110,6 +111,13 @@ export class RecipeService {
         title: created.title,
       });
 
+      // ── SkillHooks: onRecipeCreated (fire-and-forget) ──
+      if (this._skillHooks) {
+        this._skillHooks.run('onRecipeCreated', created, {
+          userId: context.userId,
+        }).catch(err => this.logger.warn('SkillHook onRecipeCreated error', { error: err.message }));
+      }
+
       return created;
     } catch (error) {
       this.logger.error('Error creating recipe', {

package/lib/service/skills/SkillHooks.js

@@ -0,0 +1,126 @@
+/**
+ * SkillHooks — Skill 生命周期钩子管理器
+ *
+ * 每个 Skill 目录可以包含一个 hooks.js 文件，导出生命周期回调。
+ * SkillHooks 在启动时扫描并注册所有钩子，在特定事件发生时按序调用。
+ *
+ * 支持的钩子:
+ *   - onCandidateSubmit(candidate, ctx) → { block?: boolean, reason?: string }
+ *   - onRecipeCreated(recipe, ctx) → void
+ *   - onGuardCheck(violation, ctx) → violation (可修改)
+ *   - onBootstrapComplete(stats, ctx) → void
+ *
+ * 加载顺序: 内置 skills/ → 项目级 .autosnippet/skills/（同名覆盖）
+ */
+
+import fs from 'node:fs';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+import Logger from '../../infrastructure/logging/Logger.js';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const PROJECT_ROOT = path.resolve(__dirname, '../../..');
+const SKILLS_DIR = path.resolve(PROJECT_ROOT, 'skills');
+const PROJECT_SKILLS_DIR = path.resolve(PROJECT_ROOT, '.autosnippet', 'skills');
+
+const HOOK_NAMES = [
+  'onCandidateSubmit',
+  'onRecipeCreated',
+  'onGuardCheck',
+  'onBootstrapComplete',
+];
+
+export class SkillHooks {
+  constructor() {
+    this.logger = Logger.getInstance();
+    /** @type {Map<string, Function[]>} hookName → [handler, ...] */
+    this.hooks = new Map(HOOK_NAMES.map(n => [n, []]));
+  }
+
+  /**
+   * 扫描 skills 目录，加载所有 hooks.js
+   * 项目级 hooks 覆盖同名内置 hooks
+   */
+  async load() {
+    const loaded = new Map(); // skillName → hooks module
+
+    // 1. 内置 skills
+    await this.#loadFromDir(SKILLS_DIR, loaded);
+
+    // 2. 项目级 skills（覆盖同名）
+    await this.#loadFromDir(PROJECT_SKILLS_DIR, loaded);
+
+    // 3. 注册所有钩子
+    for (const [skillName, mod] of loaded) {
+      for (const hookName of HOOK_NAMES) {
+        if (typeof mod[hookName] === 'function') {
+          this.hooks.get(hookName).push(mod[hookName]);
+          this.logger.debug(`SkillHook registered: ${skillName}.${hookName}`);
+        }
+      }
+    }
+
+    const totalHooks = [...this.hooks.values()].reduce((s, a) => s + a.length, 0);
+    if (totalHooks > 0) {
+      this.logger.info(`SkillHooks: loaded ${totalHooks} hooks from ${loaded.size} skills`);
+    }
+  }
+
+  /**
+   * 触发钩子 — 按注册顺序调用
+   *
+   * @param {string} hookName
+   * @param  {...any} args
+   * @returns {Promise<any>} 最后一个返回值（用于 blocking hooks 如 onCandidateSubmit）
+   */
+  async run(hookName, ...args) {
+    const handlers = this.hooks.get(hookName);
+    if (!handlers || handlers.length === 0) return undefined;
+
+    let result;
+    for (const handler of handlers) {
+      try {
+        result = await handler(...args);
+        // 如果是 blocking hook 且返回 block=true，立即中断
+        if (result?.block) return result;
+      } catch (err) {
+        this.logger.warn(`SkillHook error in ${hookName}`, { error: err.message });
+      }
+    }
+    return result;
+  }
+
+  /**
+   * 检查是否有任何钩子注册
+   */
+  has(hookName) {
+    const handlers = this.hooks.get(hookName);
+    return handlers && handlers.length > 0;
+  }
+
+  // ─── Internal ──────────────────────────────────────────
+
+  async #loadFromDir(dir, loaded) {
+    let dirs;
+    try {
+      dirs = fs.readdirSync(dir, { withFileTypes: true })
+        .filter(d => d.isDirectory())
+        .map(d => d.name);
+    } catch {
+      return; // 目录不存在
+    }
+
+    for (const name of dirs) {
+      const hooksPath = path.join(dir, name, 'hooks.js');
+      if (!fs.existsSync(hooksPath)) continue;
+      try {
+        const mod = await import(hooksPath);
+        loaded.set(name, mod.default || mod);
+      } catch (err) {
+        this.logger.warn(`SkillHooks: failed to load ${name}/hooks.js`, { error: err.message });
+      }
+    }
+  }
+}
+
+export default SkillHooks;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "autosnippet",
-  "version": "2.1.0",
+  "version": "2.4.0",
   "description": "AutoSnippet - 连接开发者、AI 与项目知识库的工具",
   "type": "module",
   "main": "lib/bootstrap.js",

package/scripts/init-db.js

@@ -25,14 +25,13 @@ async function main() {
     console.log('  - Gateway:', components.gateway ? '✓' : '✗');
     console.log('  - Permission Manager:', components.permissionManager ? '✓' : '✗');
     console.log('  - Audit Logger:', components.auditLogger ? '✓' : '✗');
-    console.log('  - Session Manager:', components.sessionManager ? '✓' : '✗');
 
     // 显示宪法信息
     const constitutionInfo = components.constitution.toJSON();
     console.log('\n📜 Constitution:');
     console.log('  - Version:', constitutionInfo.version);
     console.log('  - Effective Date:', constitutionInfo.effectiveDate);
-    console.log('  - Priorities:', constitutionInfo.priorities.length);
+    console.log('  - Rules:', (constitutionInfo.rules || []).length);
     console.log('  - Roles:', constitutionInfo.roles.length);
 
     await bootstrap.shutdown();

package/templates/constitution.yaml

@@ -5,65 +5,45 @@
 # 三层权限架构:
 #   ① 能力层 (capabilities) — git push --dry-run 探测物理写权限
 #   ② 角色层 (roles)        — 角色权限矩阵 (action:resource)
-#   ③ 治理层 (priorities)   — 业务规则引擎
+#   ③ 治理层 (rules)        — 扁平规则引擎
 #
 # 双路径模式:
 #   AUTH_ENABLED=false → 子仓库探针自动决定角色（能力层驱动）
 #   AUTH_ENABLED=true  → 登录后根据用户配置角色（角色层驱动）
 # ═══════════════════════════════════════════════════════════
 
-version: "2.0"
-effective_date: "2026-02-10"
+version: "3.0"
+effective_date: "2026-02-13"
 
 # ─── 能力探测 ─────────────────────────────────────────────
 capabilities:
   git_write:
     description: "子仓库 git push 权限"
     probe: "git push --dry-run"
-    # 无子仓库 → 个人项目, 视为 admin (全权限)
     no_subrepo: "allow"
-    # 有子仓库但无 remote → 本地开发, 视为 admin
     no_remote: "allow"
     cache_ttl: 86400
 
-# ─── 治理优先级 ───────────────────────────────────────────
-priorities:
-  - id: 1
-    name: "Data Integrity"
-    description: "保护用户项目数据不被破坏"
-    rules:
-      - "所有写操作必须经过备份"
-      - "删除操作必须有确认步骤"
-      - "关键文件修改需要记录审计日志"
-
-  - id: 2
-    name: "Human Oversight"
-    description: "保持人类对 AI 决策的监督"
-    rules:
-      - "AI 生成的 Candidate 必须经人工审核"
-      - "Guard 规则修改需要人工批准"
-      - "批量操作需要明确授权"
-
-  - id: 3
-    name: "AI Transparency"
-    description: "AI 决策过程必须可追溯"
-    rules:
-      - "Candidate 必须包含 Reasoning 信息"
-      - "Guard 规则必须关联来源 Recipe"
-      - "所有 AI 操作记录到审计日志"
-
-  - id: 4
-    name: "Helpfulness"
-    description: "在保证安全前提下尽可能帮助用户"
-    rules:
-      - "提供充分的错误信息和修复建议"
-      - "优先推荐高质量 Recipe"
-      - "自动优化常见操作"
+# ─── 治理规则（扁平规则替代优先级层级） ─────────────────
+rules:
+  - id: "destructive_confirm"
+    description: "删除操作需要确认"
+    check: "destructive_needs_confirmation"
+  - id: "content_required"
+    description: "创建 candidate/recipe 需要内容"
+    check: "creation_needs_content"
+  - id: "ai_no_direct_recipe"
+    description: "AI 不能直接创建/批准 recipe"
+    check: "ai_cannot_approve_recipe"
+  - id: "batch_authorized"
+    description: "批量操作需要授权"
+    check: "batch_needs_authorization"
 
+# ─── 角色定义 ─────────────────────────────────────────────
 roles:
-  - id: "cursor_agent"
-    name: "Cursor / Copilot Agent"
-    description: "在 IDE 中运行的 AI 助手"
+  - id: "external_agent"
+    name: "External Agent"
+    description: "IDE 中的外部 AI Agent（Cursor / Copilot / Claude Code）"
     permissions:
       - "read:recipes"
       - "read:guard_rules"
@@ -71,14 +51,15 @@ roles:
       - "submit:candidates"
       - "read:audit_logs:self"
       - "knowledge:bootstrap"
+      - "create:skills"
     constraints:
       - "不能直接修改 Recipe"
       - "不能修改 Guard 规则"
       - "不能删除任何数据"
 
-  - id: "asd_ais"
-    name: "ASD AI审查"
-    description: "AutoSnippet 内置的 AI 审查系统"
+  - id: "chat_agent"
+    name: "ChatAgent"
+    description: "AutoSnippet 内置 AI Agent（Dashboard 对话 / 程序化调用）"
     permissions:
       - "read:recipes"
       - "read:candidates"
@@ -88,47 +69,10 @@ roles:
       - "生成的 Candidate 必须包含完整 Reasoning"
       - "不能绕过 Guard 检查"
 
-  - id: "guard_engine"
-    name: "Guard 检查引擎"
-    description: "代码质量检查系统"
-    permissions:
-      - "read:candidates"
-      - "read:guard_rules"
-      - "write:audit_logs"
-    constraints:
-      - "只能读取，不能修改数据"
-
-  - id: "developer_admin"
-    name: "开发者（管理员）"
-    description: "项目管理员"
+  - id: "developer"
+    name: "开发者"
+    description: "项目 Owner，完整权限"
     permissions:
-      - "*"  # 全部权限
+      - "*"
     requires_capability:
       - "git_write"
-
-  - id: "developer_contributor"
-    name: "开发者（贡献者）"
-    description: "项目贡献者"
-    permissions:
-      - "read:*"
-      - "approve:candidates"
-      - "reject:candidates"
-      - "create:recipes"
-    constraints:
-      - "不能删除 Recipe"
-      - "不能禁用 Guard 规则"
-    requires_capability:
-      - "git_write"
-
-  - id: "visitor"
-    name: "访问者"
-    description: "只读访问（无子仓库写权限或未登录）"
-    permissions:
-      - "read:recipes"
-      - "read:snippets"
-      - "read:candidates"
-      - "read:guard_rules"
-      - "search:query"
-    constraints:
-      - "只能查看，不能修改任何数据"
-      - "不能创建 Candidate 或 Recipe"