cool-workflow 0.1.91 → 0.1.93
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +1 -1
- package/.codex-plugin/plugin.json +1 -1
- package/README.md +111 -434
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/architecture-review-fast/workflow.js +15 -2
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/apps/research-synthesis/workflow.js +1 -1
- package/dist/capability-core.js +47 -0
- package/dist/capability-registry.js +2 -0
- package/dist/cli/command-surface.js +165 -1352
- package/dist/cli/format.js +56 -0
- package/dist/cli/handlers/audit.js +82 -0
- package/dist/cli/handlers/blackboard.js +81 -0
- package/dist/cli/handlers/candidate.js +40 -0
- package/dist/cli/handlers/clones.js +34 -0
- package/dist/cli/handlers/collaboration.js +61 -0
- package/dist/cli/handlers/eval.js +40 -0
- package/dist/cli/handlers/maintenance.js +107 -0
- package/dist/cli/handlers/multi-agent.js +165 -0
- package/dist/cli/handlers/node.js +41 -0
- package/dist/cli/handlers/operational.js +155 -0
- package/dist/cli/handlers/operator.js +146 -0
- package/dist/cli/handlers/registry.js +68 -0
- package/dist/cli/handlers/run.js +153 -0
- package/dist/cli/handlers/scheduling.js +126 -0
- package/dist/cli/handlers/workbench.js +41 -0
- package/dist/cli/handlers/worker.js +45 -0
- package/dist/cli/io.js +27 -0
- package/dist/cli/run-summary.js +45 -0
- package/dist/commit.js +0 -5
- package/dist/doctor.js +1 -0
- package/dist/execution-backend.js +0 -11
- package/dist/mcp/tool-call.js +2 -0
- package/dist/mcp/tool-definitions.js +8 -0
- package/dist/orchestrator/app-operations.js +205 -0
- package/dist/orchestrator/report.js +6 -1
- package/dist/orchestrator.js +41 -153
- package/dist/state-explosion.js +0 -7
- package/dist/term.js +0 -18
- package/dist/validation.js +0 -21
- package/dist/version.js +1 -1
- package/docs/agent-delegation-drive.7.md +2 -0
- package/docs/canonical-workflow-apps.7.md +12 -0
- package/docs/cli-mcp-parity.7.md +18 -1
- package/docs/contract-migration-tooling.7.md +2 -0
- package/docs/control-plane-scheduling.7.md +2 -0
- package/docs/durable-state-and-locking.7.md +2 -0
- package/docs/evidence-adoption-reasoning-chain.7.md +2 -0
- package/docs/execution-backends.7.md +2 -0
- package/docs/mcp-app-surface.7.md +12 -0
- package/docs/multi-agent-cli-mcp-surface.7.md +2 -0
- package/docs/multi-agent-eval-replay-harness.7.md +2 -0
- package/docs/multi-agent-operator-ux.7.md +2 -0
- package/docs/node-snapshot-diff-replay.7.md +2 -0
- package/docs/observability-cost-accounting.7.md +2 -0
- package/docs/project-index.md +15 -3
- package/docs/real-execution-backends.7.md +2 -0
- package/docs/release-and-migration.7.md +2 -0
- package/docs/release-tooling.7.md +11 -0
- package/docs/run-registry-control-plane.7.md +26 -2
- package/docs/run-retention-reclamation.7.md +2 -0
- package/docs/state-explosion-management.7.md +2 -0
- package/docs/team-collaboration.7.md +2 -0
- package/docs/web-desktop-workbench.7.md +2 -0
- package/manifest/plugin.manifest.json +1 -1
- package/package.json +3 -1
- package/scripts/agents/agent-adapter-core.js +179 -28
- package/scripts/agents/claude-p-agent.js +24 -7
- package/scripts/agents/codex-agent.js +1 -1
- package/scripts/agents/gemini-agent.js +1 -1
- package/scripts/agents/opencode-agent.js +1 -1
- package/scripts/architecture-review-fast.js +19 -5
- package/scripts/bump-version.js +20 -1
- package/scripts/canonical-apps.js +4 -4
- package/scripts/dogfood-release.js +1 -1
- package/scripts/golden-path.js +4 -4
- package/scripts/parity-check.js +9 -1
- package/scripts/release-check.js +5 -1
- package/scripts/sync-readme.js +123 -0
- package/scripts/version-sync-check.js +10 -1
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
3
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
4
|
-
"version": "0.1.
|
|
4
|
+
"version": "0.1.93",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
|
7
7
|
},
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cool-workflow",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.93",
|
|
4
4
|
"description": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "COOLWHITE LLC"
|
package/README.md
CHANGED
|
@@ -1,24 +1,30 @@
|
|
|
1
|
+
<!-- AUTO-GENERATED from /README.md by scripts/sync-readme.js — edit the root README, then run `npm run sync:readme`. DO NOT edit this file directly. -->
|
|
1
2
|
<div align="center">
|
|
2
3
|
|
|
3
|
-
|
|
4
|
+
<img src="https://raw.githubusercontent.com/coo1white/cool-workflow/main/docs/assets/cw-hero.png" alt="Cool Workflow — your AI report, already proven. Point your agent at any repo or folder and get a saved, cited report you can re-verify offline." width="100%">
|
|
4
5
|
|
|
5
|
-
|
|
6
|
+
<br><br>
|
|
6
7
|
|
|
7
|
-
[](https://github.com/coo1white/cool-workflow/actions/workflows/ci.yml)
|
|
8
|
+
[](https://github.com/coo1white/cool-workflow/actions/workflows/ci.yml)
|
|
8
9
|
[](https://www.npmjs.com/package/cool-workflow)
|
|
9
|
-
[](https://www.npmjs.com/package/cool-workflow)
|
|
10
|
+
[](https://www.npmjs.com/package/cool-workflow)
|
|
10
11
|
[](https://www.npmjs.com/package/cool-workflow)
|
|
11
12
|
[](https://github.com/coo1white/cool-workflow/tags)
|
|
12
13
|
[](https://github.com/coo1white/cool-workflow/blob/main/LICENSE)
|
|
13
|
-

|
|
14
|
-

|
|
15
14
|
|
|
16
|
-
|
|
15
|
+
### Get a saved, cited report from your AI agent — not a chat message you lose.
|
|
17
16
|
|
|
18
17
|
</div>
|
|
19
18
|
|
|
20
|
-
|
|
21
|
-
|
|
19
|
+
Point an AI coding agent at a repo (or any folder of docs) and Cool Workflow turns the run into a
|
|
20
|
+
**durable, inspectable workflow**: it plans the work, delegates each task to *your* agent, records and
|
|
21
|
+
verifies every result, then writes a report where every claim is cited to a `file.ts:42`.
|
|
22
|
+
|
|
23
|
+
> **The model is fuel. CW is the black-box recorder, the dashboard, and the gearbox — never the engine.**
|
|
24
|
+
> It never calls a model API, never holds your keys, and never uploads your code. Your agent spends the
|
|
25
|
+
> tokens; CW keeps the books — as plain JSON on your own disk.
|
|
26
|
+
|
|
27
|
+
---
|
|
22
28
|
|
|
23
29
|
## Install
|
|
24
30
|
|
|
@@ -26,491 +32,162 @@
|
|
|
26
32
|
npm install -g cool-workflow
|
|
27
33
|
```
|
|
28
34
|
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
## Quick Start (3 steps)
|
|
33
|
-
|
|
34
|
-
### 1. Prove it works (30 seconds, no agent needed)
|
|
35
|
+
<details>
|
|
36
|
+
<summary>Or install with <b>Homebrew</b></summary>
|
|
35
37
|
|
|
36
38
|
```bash
|
|
37
|
-
|
|
38
|
-
|
|
39
|
+
brew tap coo1white/cool-workflow https://github.com/coo1white/cool-workflow
|
|
40
|
+
brew install coo1white/cool-workflow/cool-workflow
|
|
41
|
+
cw version
|
|
39
42
|
```
|
|
40
43
|
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
```bash
|
|
44
|
-
cw -q "What are the main risks here?"
|
|
45
|
-
```
|
|
44
|
+
Upgrade later with `brew update && brew upgrade cool-workflow`.
|
|
45
|
+
</details>
|
|
46
46
|
|
|
47
|
-
|
|
48
|
-
|
|
47
|
+
**You need:** Node.js v18+ and one agent CLI on your machine — `claude`, `codex`, `gemini`, or
|
|
48
|
+
`opencode` (all auto-detected). No agent yet? `cw demo` still works — **CW never runs a model itself.**
|
|
49
49
|
|
|
50
|
-
|
|
51
|
-
cw -q "What are the security risks?" -claude
|
|
52
|
-
cw -q "What are the security risks?" -codex
|
|
53
|
-
cw -q "What are the security risks?" -deepseek
|
|
54
|
-
```
|
|
50
|
+
## Quick Start
|
|
55
51
|
|
|
56
|
-
|
|
52
|
+
### 1 · Prove it works — 30 seconds, no agent needed
|
|
57
53
|
|
|
58
54
|
```bash
|
|
59
|
-
cw
|
|
55
|
+
cw demo tamper
|
|
56
|
+
# → builds a real signed ledger, forges it three ways, catches all three offline
|
|
57
|
+
# → VERDICT: tamper-evidence holds ✓
|
|
60
58
|
```
|
|
61
59
|
|
|
62
|
-
|
|
63
|
-
(`-l` / `--link`, or just pass the URL to `-dir`/`--repo`):
|
|
60
|
+
### 2 · Ask a question about your code — one command
|
|
64
61
|
|
|
65
62
|
```bash
|
|
66
|
-
cw -q "What are the risks?"
|
|
67
|
-
cw -q "What are the risks?" --link git@gitlab.com:owner/repo.git --ref v1.2.0
|
|
68
|
-
```
|
|
69
|
-
|
|
70
|
-
Works with GitHub, GitLab, Bitbucket, self-hosted git, `ssh://`, and `file://` — **and with
|
|
71
|
-
downloadable archives** (`.tar.gz`/`.tgz`/`.tar`/`.zip`, e.g. a GitHub "Download ZIP" link),
|
|
72
|
-
which are fetched, extracted, and snapshotted into a local repo before review. The clone is
|
|
73
|
-
cached under `~/.local/state/cool-workflow/clones/` and reused on the next question (`--refresh`
|
|
74
|
-
re-fetches; manage with `cw clones list` / `cw clones gc`). The report records the exact origin —
|
|
75
|
-
`Source: <url>@<commit>` — and a tamper-evident `source.clone` event you can re-prove with
|
|
76
|
-
`cw audit verify`. A private repo with no credentials **fails closed** (it never hangs on a
|
|
77
|
-
prompt). Validate without fetching: `cw -q "…" --link <url> --check`.
|
|
78
|
-
|
|
79
|
-
As it runs you see CW's own phases tick by, then a clean summary — no env vars needed:
|
|
80
|
-
|
|
81
|
-
```text
|
|
82
|
-
==> Map ✓ (6/6)
|
|
83
|
-
==> Assess ✓ (6/6)
|
|
84
|
-
==> Verdict ✓
|
|
85
|
-
|
|
86
|
-
✓ Report: /path/to/project/.cw/runs/<run-id>/report.md
|
|
87
|
-
✓ Status: complete — 14/14
|
|
88
|
-
Next: cw report <run-id> --show
|
|
63
|
+
cw -q "What are the main risks here?"
|
|
89
64
|
```
|
|
90
65
|
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
### 3. Open the report
|
|
66
|
+
CW auto-detects the current repo and the first agent on your `PATH`. Pin a specific one with a flag
|
|
67
|
+
(`-claude`, `-codex`, `-gemini`, `-deepseek`). Point it anywhere — no `cd` required — or review a
|
|
68
|
+
**remote repo by URL** and CW clones, snapshots, and reviews the checkout:
|
|
96
69
|
|
|
97
70
|
```bash
|
|
98
|
-
|
|
99
|
-
|
|
71
|
+
cw -q "What are the security risks?" -dir /path/to/project
|
|
72
|
+
cw -q "What are the risks?" --link https://github.com/owner/repo
|
|
100
73
|
```
|
|
101
74
|
|
|
102
|
-
|
|
75
|
+
**Not just code.** Aim CW at a folder of docs, notes, or papers and it reads them as sources for the
|
|
76
|
+
same saved, cited report:
|
|
103
77
|
|
|
104
78
|
```bash
|
|
105
|
-
cw
|
|
106
|
-
|
|
107
|
-
cw doctor # check your setup
|
|
108
|
-
cw fix # show fix commands for setup issues
|
|
79
|
+
cw quickstart research-synthesis --repo /path/to/papers \
|
|
80
|
+
--question "What do these papers conclude?"
|
|
109
81
|
```
|
|
110
82
|
|
|
111
|
-
|
|
112
|
-
|---|---|
|
|
113
|
-
| `architecture-review` | Map a repo, rank risks, back every claim with evidence |
|
|
114
|
-
| `pr-review-fix-ci` | Review a pull request, suggest fixes, verify CI |
|
|
115
|
-
| `research-synthesis` | Answer a question with fact-backed research |
|
|
116
|
-
| `release-cut` | Run a gated, reviewed release |
|
|
117
|
-
|
|
118
|
-
**Multi-agent, when you need it.** Fan work out across agents with built-in topologies,
|
|
119
|
-
compose flows (a task can run a whole child workflow with `subWorkflow`, or a `loop()` phase
|
|
120
|
-
can keep iterating until a predicate or a token budget says stop) — and re-run fast:
|
|
121
|
-
`cw run <app> --drive --incremental` reuses every step whose inputs didn't change.
|
|
122
|
-
|
|
123
|
-
CW also has an **MCP** surface — **Claude Desktop, Cursor, and VS Code call CW as a tool**, so
|
|
124
|
-
your agent can plan a run, drive it, and verify a report without leaving the editor.
|
|
125
|
-
|
|
126
|
-
## Can I Trust the Report?
|
|
127
|
-
|
|
128
|
-
CW does not run the AI model — it keeps the books. The agent signs its findings (ed25519), and
|
|
129
|
-
`cw report verify-bundle` checks — offline, with nothing but the public key — that every signed
|
|
130
|
-
finding is in the report **unaltered**: edit a finding, in the report or in the agent's own result,
|
|
131
|
-
and the check fails. CW holds no private key — the agent signs, CW only verifies.
|
|
132
|
-
|
|
133
|
-
```bash
|
|
134
|
-
cw demo tamper # proves it in 30s — edits a signed result, watch it fail
|
|
135
|
-
cw telemetry verify <run-id> # checks a real run
|
|
136
|
-
cw audit verify <run-id> # re-proves the trust-audit hash chain
|
|
137
|
-
```
|
|
83
|
+
### 3 · Open the report
|
|
138
84
|
|
|
139
|
-
|
|
85
|
+
The command prints the path. Every finding carries a clickable `file.ts:42` pointer:
|
|
140
86
|
|
|
141
87
|
```bash
|
|
142
|
-
cw
|
|
143
|
-
cw report verify-bundle report.cwrun.json # they check it offline
|
|
144
|
-
cw report verify-bundle report.cwrun.json \
|
|
145
|
-
--require-signatures # …and insist the findings are signed
|
|
88
|
+
cat .cw/runs/<run-id>/report.md
|
|
146
89
|
```
|
|
147
90
|
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
signed finding entirely — so check the findings you act on against the signed results. For exactly
|
|
151
|
-
what is and is not proven, see the [Trust Model](docs/trust-model.md).
|
|
152
|
-
|
|
153
|
-
## Troubleshooting
|
|
154
|
-
|
|
155
|
-
| Problem | Fix |
|
|
156
|
-
|---|---|
|
|
157
|
-
| No agent found | Run `cw doctor` — it shows which agents are on your machine |
|
|
158
|
-
| `status: blocked` | CW failing closed (it never makes up a result). Set `CW_AGENT_COMMAND=builtin:claude` or pass `-claude`; `cw doctor` names the exact reason |
|
|
159
|
-
| `claude: command not found` | Install Claude Code (`npm install -g @anthropic-ai/claude-code`) and run again |
|
|
160
|
-
| Where is my report? | `<repo>/.cw/runs/<id>/report.md` |
|
|
161
|
-
| Preflight before a spawn | `cw quickstart --check` — a zero-write check |
|
|
91
|
+
While it runs you get a calm, Claude-Code-style live view — a compact rolling window of tool calls
|
|
92
|
+
that updates in place instead of an endless wall — and a clean findings table when it's done.
|
|
162
93
|
|
|
163
94
|
---
|
|
164
95
|
|
|
165
|
-
|
|
166
|
-
structure, the full command surface, scheduling, and the result-envelope contract.
|
|
167
|
-
|
|
168
|
-
## Developer Loop
|
|
169
|
-
|
|
170
|
-
Use the shortest check that fits the change (from `plugins/cool-workflow/`):
|
|
171
|
-
|
|
172
|
-
```bash
|
|
173
|
-
cd plugins/cool-workflow
|
|
174
|
-
npm run build
|
|
175
|
-
node test/<nearest-smoke>.js
|
|
176
|
-
npm run test:fast
|
|
177
|
-
```
|
|
178
|
-
|
|
179
|
-
For a source checkout, `cw doctor --onramp --changed-from origin/main` gives the
|
|
180
|
-
nearest smoke tests and release gate commands for the current change. Before a
|
|
181
|
-
release, run `npm run release:check`.
|
|
182
|
-
|
|
183
|
-
## Structure
|
|
96
|
+
## Why Cool Workflow
|
|
184
97
|
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
src/
|
|
189
|
-
dist/
|
|
190
|
-
scripts/cw.js
|
|
191
|
-
workflows/architecture-review.workflow.js
|
|
192
|
-
workflows/research-synthesis.workflow.js
|
|
193
|
-
apps/architecture-review/app.json
|
|
194
|
-
apps/end-to-end-golden-path/app.json
|
|
195
|
-
apps/pr-review-fix-ci/app.json
|
|
196
|
-
apps/release-cut/app.json
|
|
197
|
-
apps/research-synthesis/app.json
|
|
198
|
-
apps/workflow-app-framework-demo/app.json
|
|
199
|
-
docs/index.md
|
|
200
|
-
docs/getting-started.md
|
|
201
|
-
docs/coordinator-blackboard.7.md
|
|
202
|
-
docs/multi-agent-runtime-core.7.md
|
|
203
|
-
docs/multi-agent-eval-replay-harness.7.md
|
|
204
|
-
docs/dogfood-one-real-repo.7.md
|
|
205
|
-
docs/release-and-migration.7.md
|
|
206
|
-
docs/agent-framework.md
|
|
207
|
-
docs/unix-principles.md
|
|
208
|
-
docs/mcp-app-surface.7.md
|
|
209
|
-
docs/operator-ux.7.md
|
|
210
|
-
docs/workflow-app-framework.7.md
|
|
211
|
-
docs/sandbox-profiles.7.md
|
|
212
|
-
docs/candidate-scoring.7.md
|
|
213
|
-
docs/verifier-gated-commit.7.md
|
|
214
|
-
docs/run-registry-control-plane.7.md
|
|
215
|
-
docs/execution-backends.7.md
|
|
216
|
-
```
|
|
217
|
-
|
|
218
|
-
## Commands
|
|
219
|
-
|
|
220
|
-
Installed via npm, the bin is `cw` (alias `cool-workflow`): e.g. `cw list`,
|
|
221
|
-
`cw quickstart …`. From a cloned source checkout, before `npm run build`, use the
|
|
222
|
-
matching `node scripts/cw.js <cmd>` form shown in the examples below.
|
|
223
|
-
|
|
224
|
-
List bundled workflows:
|
|
225
|
-
|
|
226
|
-
```bash
|
|
227
|
-
node scripts/cw.js list
|
|
228
|
-
```
|
|
98
|
+
Most agent tooling runs a whole task as one long prompt, then hands you a chat message. When the work
|
|
99
|
+
is long, parallel, or high-stakes, you can't tell what happened or trust the result. CW treats it as a
|
|
100
|
+
**runtime problem** — and rests on four commitments:
|
|
229
101
|
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
node scripts/cw.js app show pr-review-fix-ci
|
|
237
|
-
node scripts/cw.js app show release-cut
|
|
238
|
-
node scripts/cw.js app show research-synthesis
|
|
239
|
-
node scripts/cw.js app show workflow-app-framework-demo
|
|
240
|
-
node scripts/cw.js app validate apps/workflow-app-framework-demo/app.json
|
|
241
|
-
node scripts/cw.js app validate end-to-end-golden-path
|
|
242
|
-
node scripts/cw.js app package architecture-review
|
|
243
|
-
node scripts/cw.js app init my-app --title "My App"
|
|
244
|
-
```
|
|
245
|
-
|
|
246
|
-
Compose flows from smaller verified ones (app-authoring surface, `workflow-api.ts`):
|
|
247
|
-
|
|
248
|
-
- **Sub-workflow nesting** — a task can run a whole child app instead of one agent:
|
|
249
|
-
`subWorkflow(id, appId, { inputs?, bindResult? })`. The drive plans and drives the
|
|
250
|
-
child, then binds its report (or verdict result) back as the task's result, so the
|
|
251
|
-
parent's verifier/schema gate consumes it like any other. Leaf work stays external-agent
|
|
252
|
-
delegation at every depth; recursion is depth- and cycle-bounded, fail-closed.
|
|
253
|
-
- **Bounded dynamic loops** — converge without unbounded recursion:
|
|
254
|
-
`loop(name, tasks, { maxRounds, until })` is a per-round template. After each round a
|
|
255
|
-
named, registered pure predicate (`until: { kind: "predicate", ref }`) decides whether to
|
|
256
|
-
append another round or stop, hard-capped at `maxRounds`; built-ins `no-new-findings` and
|
|
257
|
-
`single-round`. Or scale by budget — `until: { kind: "budget-target", target }` keeps
|
|
258
|
-
going while recorded (attested-only) usage stays under `target`, with the fail-closed
|
|
259
|
-
`limits.tokenBudget` cap as the absolute backstop. Predicates are registry refs (not
|
|
260
|
-
closures), so runs replay byte-identically; an unregistered predicate stops fail-closed.
|
|
261
|
-
|
|
262
|
-
Create a reusable workflow script:
|
|
263
|
-
|
|
264
|
-
```bash
|
|
265
|
-
node scripts/cw.js init my-workflow --title "My Workflow"
|
|
266
|
-
```
|
|
267
|
-
|
|
268
|
-
Create a run:
|
|
269
|
-
|
|
270
|
-
```bash
|
|
271
|
-
node scripts/cw.js plan architecture-review \
|
|
272
|
-
--repo /path/to/repo \
|
|
273
|
-
--question "Is this architecture sound?" \
|
|
274
|
-
--invariant "single-box self-hosted"
|
|
275
|
-
```
|
|
276
|
-
|
|
277
|
-
Inspect a run as an operator:
|
|
278
|
-
|
|
279
|
-
```bash
|
|
280
|
-
node scripts/cw.js status <run-id>
|
|
281
|
-
node scripts/cw.js status <run-id> --json
|
|
282
|
-
node scripts/cw.js graph <run-id>
|
|
283
|
-
node scripts/cw.js graph <run-id> --json
|
|
284
|
-
node scripts/cw.js report <run-id> --show
|
|
285
|
-
node scripts/cw.js topology summary <run-id>
|
|
286
|
-
node scripts/cw.js topology graph <run-id>
|
|
287
|
-
node scripts/cw.js worker summary <run-id>
|
|
288
|
-
node scripts/cw.js multi-agent summary <run-id>
|
|
289
|
-
node scripts/cw.js multi-agent graph <run-id>
|
|
290
|
-
node scripts/cw.js candidate summary <run-id>
|
|
291
|
-
node scripts/cw.js feedback summary <run-id>
|
|
292
|
-
node scripts/cw.js commit summary <run-id>
|
|
293
|
-
node scripts/cw.js state check <run-id>
|
|
294
|
-
```
|
|
102
|
+
| Commitment | What it means for you |
|
|
103
|
+
|---|---|
|
|
104
|
+
| **Model as fuel, not engine** | CW never calls a model API. Execution is always delegated to your agent, so the backend is swappable and your credentials and code never leave your machine. |
|
|
105
|
+
| **Evidence-gated decisions** | Every adopted result records its **basis, authority, rationale, and the alternative it beat.** Missing evidence doesn't slip through — it fails closed to a visible `unexplained` state. |
|
|
106
|
+
| **Deterministic, local replay** | Every step is plain JSON under `.cw/runs/<id>/` — read it, diff it, resume it, replay it. No hidden database; the runtime never *guesses* success. |
|
|
107
|
+
| **Vendor-neutral by design** | One source-of-truth manifest generates every vendor adapter (Claude, Codex, …) over a shared CLI + MCP runtime, with a fail-closed drift check. No lock-in, no forked logic. |
|
|
295
108
|
|
|
296
|
-
|
|
109
|
+
## How It Works
|
|
297
110
|
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
-> cw_commit -> cw_operator_report
|
|
302
|
-
```
|
|
111
|
+
CW is a small TypeScript tool with **zero runtime dependencies**. It drives your agent over a repo — or
|
|
112
|
+
any folder — in saved, replayable stages, writing everything to disk as inspectable files. It never
|
|
113
|
+
imports a model SDK or stores an API key.
|
|
303
114
|
|
|
304
|
-
|
|
115
|
+
<div align="center">
|
|
116
|
+
<img src="https://raw.githubusercontent.com/coo1white/cool-workflow/main/docs/assets/cw-pipeline.png" alt="The CW pipeline: ask, plan, dispatch (delegated to your agent), verify (evidence gate, fails closed), commit verified state, and a saved, cited, signed report — every step recorded as durable .cw/ JSON." width="100%">
|
|
117
|
+
</div>
|
|
305
118
|
|
|
306
119
|
```text
|
|
307
|
-
|
|
308
|
-
cw_topology_show
|
|
309
|
-
cw_topology_validate
|
|
310
|
-
cw_topology_apply
|
|
311
|
-
cw_topology_summary
|
|
312
|
-
cw_topology_graph
|
|
313
|
-
```
|
|
314
|
-
|
|
315
|
-
List, inspect, validate, and apply official multi-agent topologies:
|
|
316
|
-
|
|
317
|
-
```bash
|
|
318
|
-
node scripts/cw.js topology list
|
|
319
|
-
node scripts/cw.js topology show map-reduce
|
|
320
|
-
node scripts/cw.js topology show debate
|
|
321
|
-
node scripts/cw.js topology show judge-panel
|
|
322
|
-
node scripts/cw.js topology validate map-reduce
|
|
323
|
-
node scripts/cw.js topology apply <run-id> map-reduce --task <task-id> --mappers 2
|
|
324
|
-
node scripts/cw.js topology apply <run-id> debate --id debate-round --rounds 2
|
|
325
|
-
node scripts/cw.js topology apply <run-id> judge-panel --judgeCount 3
|
|
326
|
-
node scripts/cw.js topology summary <run-id>
|
|
327
|
-
node scripts/cw.js topology summary <run-id> --json
|
|
328
|
-
node scripts/cw.js topology graph <run-id>
|
|
329
|
-
node scripts/cw.js topology graph <run-id> --json
|
|
330
|
-
node scripts/cw.js topology show <run-id> <topology-run-id>
|
|
120
|
+
ask simple → run simple → verify simple → resume simple
|
|
331
121
|
```
|
|
332
122
|
|
|
333
|
-
|
|
334
|
-
`state.json`, put into operator status and graph output, and counted in the
|
|
335
|
-
trust audit summary.
|
|
336
|
-
|
|
337
|
-
Create a dispatch manifest for the current runnable phase:
|
|
338
|
-
|
|
339
|
-
```bash
|
|
340
|
-
node scripts/cw.js dispatch <run-id> --limit 6
|
|
341
|
-
node scripts/cw.js dispatch <run-id> --sandbox readonly
|
|
342
|
-
node scripts/cw.js dispatch <run-id> --multi-agent-run ma --multi-agent-group group --multi-agent-role role
|
|
343
|
-
node scripts/cw.js dispatch <run-id> --multi-agent-fanout <fanout-id>
|
|
344
|
-
```
|
|
123
|
+
## What You Can Run
|
|
345
124
|
|
|
346
|
-
|
|
125
|
+
| Workflow | What it produces |
|
|
126
|
+
|---|---|
|
|
127
|
+
| `architecture-review` | Map a repo, rank risks, and back every claim with `file:line` evidence |
|
|
128
|
+
| `pr-review-fix-ci` | Review a PR or branch, diagnose CI, and propose + verify fixes |
|
|
129
|
+
| `research-synthesis` | Answer a question over a local folder of files — your docs, notes, or papers |
|
|
130
|
+
| `release-cut` | Run a gated, reviewed release with dry-run evidence |
|
|
347
131
|
|
|
348
132
|
```bash
|
|
349
|
-
|
|
350
|
-
|
|
351
|
-
node scripts/cw.js sandbox validate ./site-sandbox.json
|
|
133
|
+
cw app list # see everything installed
|
|
134
|
+
cw doctor # check your setup → cw fix shows the fix commands
|
|
352
135
|
```
|
|
353
136
|
|
|
354
|
-
|
|
355
|
-
|
|
356
|
-
|
|
357
|
-
|
|
358
|
-
```
|
|
137
|
+
**Multi-agent, when you need it.** Fan work out across agents with built-in topologies, compose flows
|
|
138
|
+
(a task can run a whole child workflow with `subWorkflow`, or a `loop()` phase can iterate until a
|
|
139
|
+
predicate or token budget says stop), and re-run fast — `cw run <app> --drive --incremental` reuses
|
|
140
|
+
every step whose inputs didn't change.
|
|
359
141
|
|
|
360
|
-
|
|
142
|
+
<div align="center">
|
|
143
|
+
<img src="https://raw.githubusercontent.com/coo1white/cool-workflow/main/docs/assets/topologies.svg" alt="Built-in multi-agent topologies: map-reduce (fan out, fold in), debate (argue then draw a verdict), and judge-panel (N independent judges score one candidate)." width="92%">
|
|
144
|
+
</div>
|
|
361
145
|
|
|
362
|
-
|
|
363
|
-
node scripts/cw.js candidate register <run-id> --worker <worker-id>
|
|
364
|
-
node scripts/cw.js candidate score <run-id> <candidate-id> \
|
|
365
|
-
--criterion correctness=4 \
|
|
366
|
-
--criterion evidence=4 \
|
|
367
|
-
--criterion fit=2 \
|
|
368
|
-
--maxTotal 10 \
|
|
369
|
-
--evidence /path/to/file.ts:42
|
|
370
|
-
node scripts/cw.js candidate rank <run-id>
|
|
371
|
-
node scripts/cw.js candidate select <run-id> <candidate-id> --reason "verified winner"
|
|
372
|
-
```
|
|
146
|
+
## Can You Trust the Report?
|
|
373
147
|
|
|
374
|
-
|
|
148
|
+
CW doesn't run the model — it keeps the books. Your agent signs its findings (**ed25519**), and
|
|
149
|
+
`cw report verify-bundle` checks — **offline, with nothing but the public key** — that every signed
|
|
150
|
+
finding is in the report unaltered. Edit a finding, in the report or in the agent's own result, and the
|
|
151
|
+
check fails. CW holds no private key: the agent signs, CW only verifies.
|
|
375
152
|
|
|
376
153
|
```bash
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
154
|
+
cw demo tamper # proves it in 30s — edits a signed result, watch it fail
|
|
155
|
+
cw -q "…" --bundle # seal a run into one portable file
|
|
156
|
+
cw report verify-bundle report.cwrun.json # anyone can re-check it offline, with just the file
|
|
380
157
|
```
|
|
381
158
|
|
|
382
|
-
|
|
383
|
-
|
|
159
|
+
This attests the agent's **signed findings** — not that nothing else was added or that nothing was left
|
|
160
|
+
out. For exactly what is and isn't proven, see the **[Trust Model](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/trust-model.md)**.
|
|
384
161
|
|
|
385
|
-
|
|
162
|
+
## Use It From Your Editor
|
|
386
163
|
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
164
|
+
CW exposes the same runtime over **MCP** — **Claude Desktop, Cursor, and VS Code call CW as a tool**, so
|
|
165
|
+
your agent can plan a run, drive it, and verify a report without leaving the editor. CLI and MCP share
|
|
166
|
+
one registry and are parity-checked. See the **[Wiki](https://github.com/coo1white/cool-workflow/wiki)**.
|
|
390
167
|
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
```bash
|
|
394
|
-
node scripts/cw.js registry refresh --scope home
|
|
395
|
-
node scripts/cw.js run search --app architecture-review --status failed
|
|
396
|
-
node scripts/cw.js run show <run-id>
|
|
397
|
-
node scripts/cw.js run resume <run-id>
|
|
398
|
-
node scripts/cw.js run resume <run-id> --drive --incremental # re-drive, reusing every step whose inputs are unchanged
|
|
399
|
-
node scripts/cw.js run rerun <failed-run-id> --reason "retry"
|
|
400
|
-
node scripts/cw.js run archive <run-id> --reason "old"
|
|
401
|
-
node scripts/cw.js queue add --app release-cut --priority 10
|
|
402
|
-
node scripts/cw.js queue list
|
|
403
|
-
node scripts/cw.js queue drain --limit 1
|
|
404
|
-
node scripts/cw.js history --scope home --json
|
|
405
|
-
```
|
|
406
|
-
|
|
407
|
-
Run the deterministic release golden path:
|
|
168
|
+
## Troubleshooting
|
|
408
169
|
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
415
|
-
npm run version:sync
|
|
416
|
-
npm test
|
|
417
|
-
```
|
|
170
|
+
| Problem | Fix |
|
|
171
|
+
|---|---|
|
|
172
|
+
| No agent found | `cw doctor` — shows which agents are on your machine |
|
|
173
|
+
| `status: blocked` | Set `CW_AGENT_COMMAND=builtin:claude` or pass `-claude` |
|
|
174
|
+
| `claude: command not found` | Install Claude Code and run again |
|
|
175
|
+
| Where is my report? | `<repo>/.cw/runs/<id>/report.md` |
|
|
418
176
|
|
|
419
|
-
|
|
420
|
-
`--cwd` is left out.
|
|
177
|
+
## Docs & Wiki
|
|
421
178
|
|
|
422
|
-
|
|
179
|
+
New here? Start with the **[Wiki](https://github.com/coo1white/cool-workflow/wiki)** →
|
|
180
|
+
[Getting Started](https://github.com/coo1white/cool-workflow/wiki/Getting-Started) ·
|
|
181
|
+
[Mental Model](https://github.com/coo1white/cool-workflow/wiki/Mental-Model) ·
|
|
182
|
+
[Glossary](https://github.com/coo1white/cool-workflow/wiki/Glossary) ·
|
|
183
|
+
[Trust & Audit](https://github.com/coo1white/cool-workflow/wiki/Trust-And-Audit)
|
|
423
184
|
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
```
|
|
185
|
+
Building on CW? See the [Getting Started doc](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/getting-started.md),
|
|
186
|
+
[Project Index](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/project-index.md), and
|
|
187
|
+
[CLI ↔ MCP Parity](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/cli-mcp-parity.7.md).
|
|
428
188
|
|
|
429
|
-
|
|
430
|
-
See [docs/index.md](docs/index.md) for a docs map.
|
|
431
|
-
See [docs/getting-started.md](docs/getting-started.md) for a clone-to-run path.
|
|
432
|
-
See [docs/release-and-migration.7.md](docs/release-and-migration.7.md) for
|
|
433
|
-
release and migration discipline.
|
|
434
|
-
See [docs/dogfood-one-real-repo.7.md](docs/dogfood-one-real-repo.7.md) for the
|
|
435
|
-
real-repository dogfood release proof.
|
|
436
|
-
See [docs/operator-ux.7.md](docs/operator-ux.7.md) for the operator command
|
|
437
|
-
surface.
|
|
438
|
-
See [docs/workflow-app-framework.7.md](docs/workflow-app-framework.7.md) for the app
|
|
439
|
-
contract.
|
|
440
|
-
See [docs/canonical-workflow-apps.7.md](docs/canonical-workflow-apps.7.md) for
|
|
441
|
-
the canonical app matrix.
|
|
442
|
-
See [docs/candidate-scoring.7.md](docs/candidate-scoring.7.md) for the
|
|
443
|
-
candidate scoring file contract.
|
|
444
|
-
See [docs/verifier-gated-commit.7.md](docs/verifier-gated-commit.7.md) for the
|
|
445
|
-
commit gate contract.
|
|
446
|
-
See [docs/sandbox-profiles.7.md](docs/sandbox-profiles.7.md) for the sandbox
|
|
447
|
-
profile contract.
|
|
448
|
-
See [docs/end-to-end-golden-path.7.md](docs/end-to-end-golden-path.7.md) for
|
|
449
|
-
the release golden path contract.
|
|
450
|
-
See [docs/run-registry-control-plane.7.md](docs/run-registry-control-plane.7.md)
|
|
451
|
-
for the cross-repo run registry / control plane contract.
|
|
189
|
+
CW dogfoods its own release process — every cut runs the `release-cut` workflow against this repo.
|
|
452
190
|
|
|
453
191
|
## License
|
|
454
192
|
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
## Scheduled Tasks
|
|
458
|
-
|
|
459
|
-
```bash
|
|
460
|
-
node scripts/cw.js loop --intervalMinutes 30 --prompt "Continue this workflow."
|
|
461
|
-
node scripts/cw.js schedule create --kind loop --intervalMinutes 30 --prompt "Continue this workflow."
|
|
462
|
-
node scripts/cw.js schedule due
|
|
463
|
-
node scripts/cw.js schedule pause <schedule-id>
|
|
464
|
-
node scripts/cw.js schedule resume <schedule-id>
|
|
465
|
-
node scripts/cw.js schedule run-now <schedule-id>
|
|
466
|
-
node scripts/cw.js schedule history <schedule-id>
|
|
467
|
-
node scripts/cw.js schedule daemon --once
|
|
468
|
-
```
|
|
469
|
-
|
|
470
|
-
See [docs/scheduled-tasks.md](docs/scheduled-tasks.md).
|
|
471
|
-
|
|
472
|
-
## Routine-Style Triggers
|
|
473
|
-
|
|
474
|
-
```bash
|
|
475
|
-
node scripts/cw.js routine create --kind api --prompt "Handle this API event."
|
|
476
|
-
node scripts/cw.js routine create --kind github --prompt "Handle this GitHub event."
|
|
477
|
-
node scripts/cw.js routine fire api payload.json
|
|
478
|
-
node scripts/cw.js routine events
|
|
479
|
-
```
|
|
480
|
-
|
|
481
|
-
## Result Envelope
|
|
482
|
-
|
|
483
|
-
Verification and synthesis tasks need a structured result block:
|
|
484
|
-
|
|
485
|
-
````text
|
|
486
|
-
```cw:result
|
|
487
|
-
{
|
|
488
|
-
"summary": "short summary",
|
|
489
|
-
"findings": [
|
|
490
|
-
{
|
|
491
|
-
"id": "risk-1",
|
|
492
|
-
"classification": "real",
|
|
493
|
-
"severity": "P1",
|
|
494
|
-
"evidence": ["/absolute/path/file.ts:42"]
|
|
495
|
-
}
|
|
496
|
-
],
|
|
497
|
-
"evidence": ["/absolute/path/file.ts:42"]
|
|
498
|
-
}
|
|
499
|
-
```
|
|
500
|
-
````
|
|
501
|
-
|
|
502
|
-
## 0.1.89 (v0.1.89)
|
|
503
|
-
|
|
504
|
-
Headline golden-path fixes: `cw -q "question"` asks the question (was read as an app id), auto-detects the cwd as the repo (run anywhere, no `--repo`/`cd`), and `cw help` renders a clean wrapped command list with a trailing newline; plus a vendor-agnostic UI/UX prevention gate (a headline-command smoke + a real `npm install -g` run-from-anywhere smoke) so a CLI-surface regression can't ship invisibly again.
|
|
505
|
-
|
|
506
|
-
## 0.1.88 (v0.1.88)
|
|
507
|
-
|
|
508
|
-
Orchestration-parity for the agent drive — inline `subWorkflow()` nesting, bounded dynamic `loop()` phases (a `predicate` or a `budget-target` token `until`), and `cw run --drive --incremental` step-level resume; the agent now signs its findings (result-bound ed25519) and `cw report verify-bundle --require-signatures` proves offline that every signed finding is in the report unaltered; CLI simplified to 6 commands with agent streaming on by default; path-traversal run ids refused on archive import.
|
|
509
|
-
|
|
510
|
-
## 0.1.87 (v0.1.87)
|
|
511
|
-
|
|
512
|
-
npm test parallel, 4-vendor wrappers (Claude/Codex/Gemini/OpenCode), Homebrew-style CLI UX (colors/did-you-mean/categorized help/error tips/cw info/cw search/cw man/doctor --fix), post-success summaries, agent execution timing
|
|
513
|
-
|
|
514
|
-
v0.1.90
|
|
515
|
-
|
|
516
|
-
v0.1.91
|
|
193
|
+
BSD-2-Clause. Built by COOLWHITE LLC.
|