cool-workflow 0.2.3 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (143) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/.gemini-plugin/mcp.json +10 -0
  4. package/.gemini-plugin/plugin.json +40 -0
  5. package/.opencode-plugin/mcp.json +10 -0
  6. package/.opencode-plugin/plugin.json +40 -0
  7. package/README.md +202 -48
  8. package/apps/architecture-review/app.json +1 -1
  9. package/apps/architecture-review-fast/app.json +1 -1
  10. package/apps/end-to-end-golden-path/app.json +1 -1
  11. package/apps/pr-review-fix-ci/app.json +1 -1
  12. package/apps/release-cut/app.json +1 -1
  13. package/apps/research-synthesis/app.json +1 -1
  14. package/dist/cli/dispatch.js +33 -4
  15. package/dist/cli/entry.js +11 -19
  16. package/dist/cli/global-flags.js +113 -0
  17. package/dist/cli/io.js +6 -20
  18. package/dist/cli/parseargv.js +7 -1
  19. package/dist/core/capability-data.js +339 -10
  20. package/dist/core/format/help.js +80 -4
  21. package/dist/core/format/recovery-hint.js +32 -0
  22. package/dist/core/multi-agent/collaboration.js +35 -6
  23. package/dist/core/multi-agent/runtime.js +7 -0
  24. package/dist/core/multi-agent/trust-policy.js +7 -1
  25. package/dist/core/pipeline/contract.js +7 -0
  26. package/dist/core/pipeline/error-feedback.js +2 -2
  27. package/dist/core/trust/evidence-grounding.js +13 -1
  28. package/dist/core/util/cli-args.js +55 -0
  29. package/dist/core/version.js +1 -1
  30. package/dist/mcp/dispatch.js +22 -2
  31. package/dist/mcp/server.js +124 -13
  32. package/dist/mcp-server.js +20 -0
  33. package/dist/shell/commit.js +8 -2
  34. package/dist/shell/coordinator-io.js +73 -1
  35. package/dist/shell/drive.js +129 -64
  36. package/dist/shell/error-feedback-io.js +6 -0
  37. package/dist/shell/execution-backend/agent.js +205 -24
  38. package/dist/shell/execution-backend/container.js +44 -10
  39. package/dist/shell/execution-backend/local.js +47 -10
  40. package/dist/shell/fs-atomic.js +93 -12
  41. package/dist/shell/ledger-cli.js +9 -2
  42. package/dist/shell/multi-agent-cli.js +5 -1
  43. package/dist/shell/onramp.js +48 -5
  44. package/dist/shell/pipeline-cli.js +20 -2
  45. package/dist/shell/pipeline.js +2 -1
  46. package/dist/shell/reclamation-io.js +76 -7
  47. package/dist/shell/registry-cli.js +4 -0
  48. package/dist/shell/run-export.js +52 -4
  49. package/dist/shell/run-registry-io.js +1 -0
  50. package/dist/shell/run-store.js +156 -0
  51. package/dist/shell/scheduler-io.js +101 -10
  52. package/dist/shell/telemetry-ledger-io.js +36 -24
  53. package/dist/shell/trust-audit.js +104 -10
  54. package/dist/shell/workbench-host.js +121 -10
  55. package/dist/shell/workbench.js +79 -5
  56. package/dist/shell/worker-isolation.js +1 -1
  57. package/dist/shell/workflow-app-loader.js +67 -1
  58. package/dist/wiring/capability-table/basics.js +7 -2
  59. package/dist/wiring/capability-table/exec-backend.js +42 -24
  60. package/dist/wiring/capability-table/multi-agent.js +69 -69
  61. package/dist/wiring/capability-table/pipeline.js +60 -28
  62. package/dist/wiring/capability-table/registry-core.js +29 -6
  63. package/dist/wiring/capability-table/reporting.js +45 -39
  64. package/dist/wiring/capability-table/scheduling-registry.js +66 -60
  65. package/dist/wiring/capability-table/state.js +34 -34
  66. package/dist/wiring/capability-table/trust-ledger.js +66 -24
  67. package/dist/wiring/capability-table/workflow-apps.js +15 -15
  68. package/docs/agent-delegation-drive.7.md +17 -0
  69. package/docs/cli-mcp-parity.7.md +43 -13
  70. package/docs/contract-migration-tooling.7.md +4 -0
  71. package/docs/control-plane-scheduling.7.md +38 -0
  72. package/docs/cross-agent-ledger.7.md +20 -8
  73. package/docs/durable-state-and-locking.7.md +4 -0
  74. package/docs/evidence-adoption-reasoning-chain.7.md +4 -0
  75. package/docs/execution-backends.7.md +4 -0
  76. package/docs/fix.7.md +4 -4
  77. package/docs/getting-started.md +40 -32
  78. package/docs/index.md +17 -0
  79. package/docs/launch/demo.tape +4 -3
  80. package/docs/mcp-app-surface.7.md +6 -0
  81. package/docs/multi-agent-cli-mcp-surface.7.md +4 -0
  82. package/docs/multi-agent-eval-replay-harness.7.md +4 -0
  83. package/docs/multi-agent-operator-ux.7.md +4 -0
  84. package/docs/node-snapshot-diff-replay.7.md +4 -0
  85. package/docs/observability-cost-accounting.7.md +4 -0
  86. package/docs/project-index.md +43 -9
  87. package/docs/real-execution-backends.7.md +4 -0
  88. package/docs/release-and-migration.7.md +4 -0
  89. package/docs/release-tooling.7.md +22 -0
  90. package/docs/routine.7.md +22 -0
  91. package/docs/run-registry-control-plane.7.md +4 -0
  92. package/docs/run-retention-reclamation.7.md +28 -3
  93. package/docs/state-explosion-management.7.md +4 -0
  94. package/docs/team-collaboration.7.md +4 -0
  95. package/docs/trust-audit-anchor.7.md +4 -0
  96. package/docs/web-desktop-workbench.7.md +26 -2
  97. package/docs/workflow-app-framework.7.md +31 -0
  98. package/manifest/plugin.manifest.json +1 -1
  99. package/manifest/source-context-profiles.json +4 -3
  100. package/package.json +5 -2
  101. package/scripts/agents/agent-adapter-core.js +26 -0
  102. package/scripts/agents/claude-p-agent.js +4 -1
  103. package/scripts/agents/codex-agent.js +4 -0
  104. package/scripts/agents/cw-attest-wrap.js +1 -1
  105. package/scripts/agents/gemini-agent.js +4 -0
  106. package/scripts/agents/opencode-agent.js +5 -0
  107. package/scripts/block-unapproved-tag.js +160 -0
  108. package/scripts/bump-version.js +27 -10
  109. package/scripts/canonical-apps.js +4 -4
  110. package/scripts/children/batch-delegate-child.js +72 -4
  111. package/scripts/children/http-batch-delegate-child.js +132 -0
  112. package/scripts/children/http-delegate-child.js +8 -0
  113. package/scripts/dogfood-release.js +2 -2
  114. package/scripts/fake-date-for-reproduction.js +1 -1
  115. package/scripts/golden-path.js +4 -4
  116. package/scripts/lang-policy-check.js +82 -0
  117. package/scripts/purity-baseline.json +0 -30
  118. package/scripts/purity-gate.js +16 -3
  119. package/scripts/release-check.js +2 -1
  120. package/scripts/release-flow.js +264 -41
  121. package/scripts/release-gate.js +184 -0
  122. package/scripts/release-oneclick.js +438 -0
  123. package/scripts/release-tags.js +47 -0
  124. package/scripts/verdict-keygen.js +2 -2
  125. package/scripts/verify-bump-reproduction.js +193 -0
  126. package/scripts/verify-verdict-signature.js +1 -1
  127. package/scripts/version-sync-check.js +39 -22
  128. package/ui/workbench/app.css +41 -9
  129. package/ui/workbench/app.js +160 -27
  130. package/ui/workbench/index.html +2 -2
  131. package/docs/agent-framework.md +0 -177
  132. package/docs/designs/handoff-ledger.md +0 -145
  133. package/docs/dogfood/resume-drive-real-agent-2026-06-14.md +0 -40
  134. package/docs/launch/launch-kit.md +0 -195
  135. package/docs/launch/pre-launch-checklist.md +0 -53
  136. package/docs/readme-v0.1.87-full.md +0 -301
  137. package/docs/routines.md +0 -101
  138. package/docs/scheduled-tasks.md +0 -80
  139. package/scripts/agents/claude-p-agent.sh +0 -9
  140. package/scripts/block-unapproved-tag.sh +0 -60
  141. package/scripts/release-gate.sh +0 -94
  142. package/scripts/verify-bump-reproduction.sh +0 -148
  143. package/scripts/verify-container-selfref.js +0 -64
@@ -1,195 +0,0 @@
1
- # Launch Kit — Cool Workflow
2
-
3
- Copy for announcing CW. The through-line is the one thing no other agent-pipeline
4
- tool ships: **you can prove the telemetry, offline, with only a public key.**
5
- Everything leads with the 30-second `npx cool-workflow demo tamper` proof.
6
-
7
- ---
8
-
9
- ## ✅ FINAL — Show HN (copy-paste ready)
10
-
11
- **Pre-flight (do these first):**
12
- 1. Record the demo GIF: `vhs plugins/cool-workflow/docs/launch/demo.tape` → add it to the README hero (insert the GIF near the badges/intro).
13
- 2. Confirm on a clean machine: `npx cool-workflow demo tamper` runs and prints `VERDICT: tamper-evidence holds ✓`.
14
- 3. Post during US morning (HN traffic peak); reply to the first comment with the npm + provenance link.
15
-
16
- **Title** (exactly — HN strips most formatting):
17
-
18
- ```
19
- Show HN: Cool Workflow – tamper-evident telemetry for agent pipelines (npx demo)
20
- ```
21
-
22
- **URL field:** `https://github.com/coo1white/cool-workflow`
23
-
24
- **First comment (paste right after posting):**
25
-
26
- ```
27
- I kept seeing agent-orchestration tools treat the model's self-reported token
28
- usage and results as ground truth. For anything auditable that's backwards — a
29
- control-plane that trusts unverified self-reports audits claims, not facts, and a
30
- forged "green" run looks identical to a real one.
31
-
32
- Cool Workflow takes the opposite stance. It DELEGATES model execution to whatever
33
- agent you configure (claude -p, codex exec, an HTTP endpoint) and never embeds a
34
- model SDK or holds an API key. What it owns is the audit trail: each agent hop's
35
- reported usage is signed (ed25519) and appended to a hash-chained ledger, so
36
- editing any record — or even recomputing its local hash to cover the edit — breaks
37
- the chain downstream. You re-verify a finished run offline — no telemetry service
38
- to trust or breach.
39
-
40
- 30-second proof, no install:
41
-
42
- npx cool-workflow demo tamper
43
-
44
- It builds a real signed ledger, forges it three ways (flip a verdict + re-seal its
45
- hash; inflate reported tokens + reuse the signature; edit a signed finding), and
46
- catches all three offline with only the public key. On a real run, `cw telemetry verify <run>` re-proves the
47
- recorded ledger on disk — recomputing the chain so any later edit to a verdict or
48
- usage digest is caught; add `--pubkey <public.pem>` to re-run each attested hop's
49
- signature check offline too. I keep an
50
- honest trust-model doc (what it does and does NOT prove, incl. the single-keyholder
51
- ceiling): https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/trust-model.md
52
-
53
- Also: concurrent parallel() phases with declared collapse semantics (collect-all +
54
- kill-on-timeout — 16 agents with a forced hang/crash/dirty-return finish without
55
- deadlock and replay who-passed-who-failed), per-task output-schema gates, token
56
- budgets enforced against the host's recorded usage (opt-in gate fails closed on
57
- unattested telemetry), and a one-way executor boundary welded
58
- into the type system (a callable that could reach a model API fails `npm run
59
- build`). Zero runtime deps, BSD-2, published to npm with provenance. Ships generated
60
- plugin manifests for 5 agent platforms (claude, codex, agents, gemini, opencode);
61
- `npm run manifest:load-check` boots all five from one source of truth.
62
-
63
- It's early (v0.1.81) — I'd genuinely like to hear where the "delegate, prove,
64
- replay" model breaks down for your workflows.
65
-
66
- npm: https://www.npmjs.com/package/cool-workflow
67
- ```
68
-
69
- ---
70
-
71
- ## One-liner
72
-
73
- > Cool Workflow is an auditable control-plane for multi-agent workflows. It
74
- > *delegates* model execution — never embeds it — and makes every recorded agent
75
- > telemetry verdict tamper-evident: anyone can re-verify a run's integrity offline,
76
- > and check the ed25519 attribution with the public key alone.
77
-
78
- ## Elevator (2 sentences)
79
-
80
- > Most agent-pipeline tools log what the model reported and trust it. CW signs and
81
- > hash-chains every telemetry verdict, so a forged or edited record fails
82
- > verification — provably, offline — which is what "auditable" has to mean before
83
- > you let agents touch production work.
84
-
85
- ---
86
-
87
- ## Show HN
88
-
89
- **Title:**
90
- `Show HN: Cool Workflow – tamper-evident telemetry for agent pipelines (npx demo)`
91
-
92
- **Body:**
93
-
94
- > I kept seeing agent-orchestration tools treat the model's self-reported token
95
- > usage and results as ground truth. For anything auditable that's backwards — a
96
- > control-plane that trusts unverified self-reports audits *claims*, not facts, and
97
- > a forged "green" run looks identical to a real one.
98
- >
99
- > Cool Workflow is a small, zero-dependency CLI + MCP runtime that takes the
100
- > opposite stance. It **delegates** model execution to whatever agent you configure
101
- > (`claude -p`, `codex exec`, an HTTP endpoint) and never embeds a model SDK or
102
- > holds an API key. What it *does* own is the audit trail: each agent hop's reported
103
- > usage is signed (ed25519) and appended to a hash-chained ledger, so editing any
104
- > record — or even recomputing its local hash to cover the edit — breaks the chain
105
- > downstream. You can re-verify a finished run offline — no network, no trusted
106
- > server.
107
- >
108
- > The 30-second proof, no install:
109
- >
110
- > ```
111
- > npx cool-workflow demo tamper
112
- > ```
113
- >
114
- > It builds a real signed ledger, forges it three ways (flip a verdict + re-seal its
115
- > hash; inflate reported tokens + reuse the signature; edit a signed finding), and
116
- > catches all three offline with only the public key. On a real run, `cw telemetry verify <run>` re-proves the
117
- > recorded ledger on disk — recomputing the chain so any later edit to a verdict or
118
- > usage digest is caught; add `--pubkey <public.pem>` to re-run each attested hop's
119
- > signature check offline too. I keep an
120
- > honest [trust model & limitations](https://github.com/coo1white/cool-workflow/blob/main/plugins/cool-workflow/docs/trust-model.md)
121
- > doc, including the single-keyholder ceiling.
122
- >
123
- > Other things it does: concurrent `parallel()` phases with declared collapse
124
- > semantics (collect-all + kill-on-timeout — 16 agents with a forced hang/crash/
125
- > dirty-return finish without deadlock and replay "who passed/who failed"), per-task
126
- > output-schema gates, token budgets enforced against the host's recorded usage
127
- > (an opt-in gate fails closed on unattested telemetry), and a one-way
128
- > executor boundary welded into the type system (a callable that could reach a model
129
- > API fails `npm run build`).
130
- >
131
- > Runs anywhere Node runs; `dist/` is committed; BSD-2. It's early (v0.1.81) and I'd
132
- > genuinely like to hear where the "delegate, prove, replay" model breaks down for
133
- > your workflows.
134
- >
135
- > Repo: https://github.com/coo1white/cool-workflow
136
- > npm: https://www.npmjs.com/package/cool-workflow
137
-
138
- ---
139
-
140
- ## Short post / tweet thread
141
-
142
- 1/ Your agent pipeline trusts what the model *says* it did. Cool Workflow proves
143
- it instead. `npx cool-workflow demo tamper` — 30s, no install:
144
-
145
- 2/ It builds a real ed25519-signed telemetry ledger, forges it three ways (incl.
146
- editing a signed finding), and catches all three offline with only the public key.
147
- A control-plane that delegates model execution but can still prove the bill is real.
148
-
149
- 3/ Also: concurrent batches that don't deadlock when an agent hangs, schema-gated
150
- outputs, token budgets vs the host's recorded usage (attested-telemetry gate is
151
- opt-in), and a red line (never call a model API) enforced at compile time. Zero
152
- deps, BSD-2.
153
- → https://github.com/coo1white/cool-workflow
154
-
155
- ---
156
-
157
- ## Why this matters (the wedge, for a longer post)
158
-
159
- - **Separation of duties.** CW never runs the model, yet can verify the executor's
160
- reported usage. The thing that *spends the money* is not the thing that *keeps
161
- the books* — the property auditors require everywhere except, so far, agent
162
- infra.
163
- - **Offline verification.** No telemetry service to trust or breach. The record
164
- proves its own integrity offline — re-proving the chain needs no key at all — and
165
- the ed25519 attribution checks against the public key alone.
166
- - **Replayable, not just logged.** CW breaks at dispatch and writes to disk, so a
167
- run replays deterministically — "who passed / who failed" is reconstructable, not
168
- a scrollback of a fused process. A finished run is portable and self-proving:
169
- `cw run inspect-archive <archive>` re-proves every file digest, the manifest, and
170
- the whole-archive hash without importing it; `cw run import` then
171
- `cw run verify-import <run-id>` restores it and re-proves the restored digests +
172
- telemetry chain — a tampered archive is caught before it is trusted.
173
- - **Fail-closed by default where it counts.** Schema mismatch parks the hop;
174
- unverifiable usage can be refused (opt-in); an empty-capture result can't be
175
- presented as a clean commit.
176
- - **Cross-vendor, and it actually boots.** One source manifest
177
- (`manifest/plugin.manifest.json`) generates Claude / Codex / Gemini / OpenCode /
178
- agents adapters, and `npm run manifest:load-check` boots all five (184 tools each)
179
- — the neutrality moat is executable, not aspirational.
180
-
181
- ## Assets to capture before posting
182
-
183
- - [ ] **Demo GIF** — reproducible, no manual screen-recording: `vhs
184
- plugins/cool-workflow/docs/launch/demo.tape` → `docs/launch/demo-tamper.gif`,
185
- then add it to the README hero (insert it near the badges/intro). The
186
- ✗ DETECTED lines are the hook.
187
- - [ ] Confirm `npx cool-workflow demo tamper` works from a clean machine (no clone).
188
- - [ ] Pin the npm version badge / release + provenance link in the first comment.
189
-
190
- ## Channels
191
-
192
- Hacker News (Show HN), the MCP / agent-tooling communities, r/LocalLLaMA &
193
- r/MachineLearning (the offline-verification angle), and the npm listing itself
194
- (keywords already set). Lead every one with the demo command, not the feature
195
- list.
@@ -1,53 +0,0 @@
1
- # Pre-Launch Checklist — Cool Workflow Show HN
2
-
3
- Tick top to bottom; when it's done, post. The one non-negotiable gate is ②.
4
- Copy for the post itself lives in [launch-kit.md](launch-kit.md) (the **✅ FINAL**
5
- block).
6
-
7
- ## ① Prepare assets (optional, recommended)
8
-
9
- - [ ] Install [vhs](https://github.com/charmbracelet/vhs) (`brew install vhs`).
10
- - [ ] Record the GIF: `vhs plugins/cool-workflow/docs/launch/demo.tape` →
11
- `docs/launch/demo-tamper.gif`.
12
- - [ ] Add it to the README hero (insert
13
- `![demo](plugins/cool-workflow/docs/launch/demo-tamper.gif)` near the badges/intro), commit + push.
14
- > Shippable without the GIF — the README's text `✗ DETECTED` hook already stands;
15
- > the GIF is upside, not a blocker.
16
-
17
- ## ② Verify — the make-or-break gate (do not skip)
18
-
19
- - [ ] On a **clean machine / fresh terminal**: `npx cool-workflow demo tamper`
20
- prints `VERDICT: tamper-evidence holds ✓`.
21
- > Every click from HN runs this. One crash wastes that traffic. This is the only
22
- > non-negotiable check.
23
- - [ ] Sanity: `npx cool-workflow quickstart architecture-review --repo . --question "risks?"`
24
- → `status: blocked` with no agent configured (fails closed, no crash).
25
- - [ ] Resumable sanity: `cw quickstart architecture-review --resume` advances one step
26
- then stops; `cw run resume <run-id> --drive` continues a stopped run — proving
27
- runs break at dispatch and replay from disk.
28
-
29
- ## ③ Post (US morning, ~9–11am ET is peak)
30
-
31
- - [ ] Open the **✅ FINAL** block in [launch-kit.md](launch-kit.md).
32
- - [ ] HN title: `Show HN: Cool Workflow – tamper-evident telemetry for agent pipelines (npx demo)`
33
- - [ ] URL field: `https://github.com/coo1white/cool-workflow`
34
- - [ ] Immediately after posting, paste the FINAL "first comment" as the first reply.
35
-
36
- ## ④ First hour (decides the outcome)
37
-
38
- - [ ] Watch and reply fast — early engagement weighs most on HN.
39
- - [ ] On the "single key holder / no second party" critique (the audit flagged it
40
- too): concede it honestly and frame it as exactly why you're looking for early
41
- integration partners. **Turn the critique into an invitation; don't argue.**
42
- > The canned, linkable answer is already written: [docs/trust-model.md](../trust-model.md)
43
- > states the ceiling plainly (integrity ≠ source honesty; one party holding both
44
- > roles; full local re-chain) and frames the partner ask. Link it; don't re-argue it.
45
- - [ ] No vote-rigging, no asking friends to upvote, no deleting critical comments —
46
- HN's anti-abuse will sink the post.
47
-
48
- ---
49
-
50
- ### Go / no-go
51
-
52
- > If **② — `npx cool-workflow demo tamper` prints `✓` on a clean machine** — passes,
53
- > you can post. Everything else is upside.
@@ -1,301 +0,0 @@
1
- <div align="center">
2
-
3
- # Cool Workflow
4
-
5
- **Point an AI coding agent at a repo, get a saved report with real citations — not a chat message you lose.**
6
-
7
- [![CI](https://img.shields.io/github/actions/workflow/status/coo1white/cool-workflow/ci.yml?branch=main&style=flat-square&label=CI)](https://github.com/coo1white/cool-workflow/actions/workflows/ci.yml)
8
- [![npm](https://img.shields.io/npm/v/cool-workflow?style=flat-square&label=npm&color=cb3837)](https://www.npmjs.com/package/cool-workflow)
9
- [![downloads](https://img.shields.io/npm/dm/cool-workflow?style=flat-square&label=downloads)](https://www.npmjs.com/package/cool-workflow)
10
- [![provenance](https://img.shields.io/badge/npm-provenance-3178C6?style=flat-square)](https://www.npmjs.com/package/cool-workflow)
11
- [![release](https://img.shields.io/github/v/tag/coo1white/cool-workflow?style=flat-square&label=release&color=brightgreen&sort=semver)](https://github.com/coo1white/cool-workflow/tags)
12
- [![license](https://img.shields.io/badge/license-BSD--2--Clause-blue?style=flat-square)](LICENSE)
13
-
14
- <img src="docs/assets/cool-workflow-readme-promo.png" alt="Cool Workflow turns AI agent repo questions into saved, cited, tamper-evident reports." width="100%">
15
-
16
- </div>
17
-
18
- ## What is this, really?
19
-
20
- You put a question to an AI coding agent, it gives an answer in the chat, and
21
- then the answer is gone. Next week you put the same question and have to start
22
- all over again.
23
-
24
- **Cool Workflow (CW) makes that lost question into a kept job.** You point it at
25
- a code store with a question like *"what are the security risks here?"* It runs
26
- your AI agent over all the code in ordered steps and puts a **report file** on
27
- disk — every point backed by an exact `file.js:42` pointer to the line. You are
28
- able to run it again, give it to others, and even give proof that the report was
29
- not changed by anyone.
30
-
31
- ```
32
- you ask once CW gives you
33
- "what are the risks in my repo?" → a saved report.md with
34
- cited findings, repeatable
35
- ```
36
-
37
- It does **not** run the AI model itself. You give your own agent (for one, the
38
- `claude` command line) and CW keeps it working, makes a record of what took
39
- place, and checks the answer. Take CW as the *project manager*, and your agent
40
- as the *worker*.
41
-
42
- > New to this? You're in the right place — this README is a step-by-step start.
43
- > Deeper/advanced docs live in the [wiki](https://github.com/coo1white/cool-workflow/wiki).
44
-
45
- ---
46
-
47
- ## Project rule
48
-
49
- CW should stay a small, trusted tool, not a platform.
50
-
51
- ```text
52
- ask simple -> run simple -> verify simple -> resume simple
53
- ```
54
-
55
- The engineering base is FreeBSD-like: POLA first, fail closed, no silent
56
- fallback, stdout as data, stderr as diagnostics, and documented stable
57
- surfaces. The user-facing spirit is close to Homebrew: a small command
58
- surface, a strong `doctor` check, and clear next steps when a run is
59
- blocked or a report does not verify.
60
-
61
- That means CW should hide orchestration detail behind clear commands,
62
- keep `.cw/` state open to check, make recovery boring, and prefer a
63
- small tool that can be trusted over a broad agent platform.
64
-
65
- ---
66
-
67
- ## What you need
68
-
69
- 1. **Node.js** (v18+). Make a check with `node --version`.
70
- 2. **An AI agent on the command line.** The most simple is **Claude Code** —
71
- after you put it in you will have a `claude` command. Make a check with
72
- `claude --version`. (CW also works with `codex`, or any command/HTTP agent —
73
- but make your start with `claude`.)
74
-
75
- > No agent yet? You are still able to **see CW work** (next part, step 1)
76
- > without one. The full report needs an agent, because CW never makes a call to
77
- > a model itself.
78
-
79
- ---
80
-
81
- ## Quick start (3 steps)
82
-
83
- ### 1. See it run — no install, no agent, no API key
84
-
85
- ```bash
86
- npx cool-workflow demo tamper
87
- ```
88
-
89
- This gives proof of CW's chief trick in 30 seconds (more on that
90
- [below](#can-i-trust-the-report)). If you see `VERDICT: tamper-evidence holds ✓`,
91
- all is working.
92
-
93
- Not sure what to run next?
94
-
95
- ```bash
96
- npx cool-workflow doctor --onramp
97
- ```
98
-
99
- This prints the short path for a first run, the fast checks for source work, and
100
- the full gate to use before a release.
101
-
102
- From a source checkout, use:
103
-
104
- ```bash
105
- cd plugins/cool-workflow
106
- node scripts/cw.js doctor --onramp --changed-from origin/main
107
- ```
108
-
109
- ### 2. Check, then run a real review on your own repo
110
-
111
- First make a zero-write check. It does not make a run, write `.cw/`, or call
112
- your agent:
113
-
114
- ```bash
115
- npx cool-workflow quickstart architecture-review --check \
116
- --repo /path/to/your/project \
117
- --question "What are the main risks in this codebase?" \
118
- --agent-command builtin:claude
119
- ```
120
-
121
- If the check is good, run the review:
122
-
123
- ```bash
124
- npx cool-workflow quickstart architecture-review \
125
- --repo /path/to/your/project \
126
- --question "What are the main risks in this codebase?" \
127
- --agent-command builtin:claude
128
- ```
129
-
130
- If the report has to go to someone else, make the checked bundle in the same
131
- run:
132
-
133
- ```bash
134
- npx cool-workflow quickstart architecture-review \
135
- --repo /path/to/your/project \
136
- --question "What are the main risks in this codebase?" \
137
- --agent-command builtin:claude \
138
- --bundle
139
- ```
140
-
141
- - `--repo` — the folder you have a wish to get looked at.
142
- - `--question` — what you have a wish to be certain of.
143
- - `--agent-command builtin:claude` — make use of the Claude wrapper that comes
144
- with it (read-only; it never makes changes to your code).
145
- - `--agent-command builtin:codex` — make use of the Codex wrapper that comes
146
- with it (read-only; it never makes changes to your code).
147
-
148
- CW makes a plan of the work, keeps your agent working over your repo in steps,
149
- and gives out where it kept the report. For a living view in the window while
150
- every worker is at work, take it up with `CW_AGENT_STREAM=1`; the view goes to
151
- stderr only and the kept answer is not changed.
152
-
153
- > **No agent put in place?** CW comes to a safe stop and says so
154
- > (`status: blocked`) — it never makes up an answer. Put in `claude` and run it
155
- > again.
156
-
157
- ### 3. Read the report
158
-
159
- ```bash
160
- cat /path/to/your/project/.cw/runs/<run-id>/report.md
161
- ```
162
-
163
- You get a short account, ordered points, and **clickable pointers** like
164
- `src/server.js:18` for every point made — so you are able to make a check of
165
- each one yourself.
166
-
167
- ---
168
-
169
- ## Install it (optional)
170
-
171
- `npx` is ever working with no need to put it in. To get the short `cw` command
172
- everywhere:
173
-
174
- ```bash
175
- npm install -g cool-workflow # then use: cw … instead of npx cool-workflow …
176
- ```
177
-
178
- ---
179
-
180
- ## What else can it do?
181
-
182
- CW comes with a number of ready-made "jobs" (run `cw list` to see them all):
183
-
184
- | Command | What it does |
185
- |---|---|
186
- | `architecture-review` | Make a map of a repo's structure and put its true risks in order, with facts. |
187
- | `pr-review-fix-ci` | Go over a pull request, put forward fixes, make a check of CI. |
188
- | `research-synthesis` | Get together and make into one a fact-backed answer to a question. |
189
- | `release-cut` | Keep a gated, gone-over release moving. |
190
-
191
- It also puts the same acts out over **MCP**, so editors like Claude Desktop /
192
- Cursor / VS Code are able to make a call to CW as a tool. See the
193
- [wiki](https://github.com/coo1white/cool-workflow/wiki) for that and for
194
- multi-agent runs.
195
-
196
- ---
197
-
198
- ## Can I trust the report?
199
-
200
- This is what makes CW not the same as the rest. Because CW only *gives the work
201
- over* to your agent, it keeps a record of every step that makes any false change
202
- come to light: every agent's given token use is signed by secret-key science and
203
- chained by hash, so **changing the record after the fact has the chain broken** —
204
- and anyone is able to make the check again offline with only a public key.
205
-
206
- See it for yourself — the `demo tamper` from step 1 makes a false record in two
207
- ways and gets both:
208
-
209
- ```text
210
- ▶ LEDGER tamper
211
- after: ✗ DETECTED — the hash chain caught it: chain-link[2]: telemetry-chain-broken
212
- ▶ SIGNATURE tamper
213
- after: ✗ DETECTED — signature does not match reported usage
214
- VERDICT: tamper-evidence holds ✓ — every forgery caught offline, with only the public key.
215
- ```
216
-
217
- On a true run, make a check of any run's record yourself:
218
-
219
- ```bash
220
- cw telemetry verify <run-id>
221
- ```
222
-
223
- CW makes use of this on its own code — see the kept living-run proof in
224
- [`plugins/cool-workflow/docs/dogfood/`](plugins/cool-workflow/docs/dogfood/).
225
-
226
- The plain point: *the thing that uses up the tokens is not the thing that keeps
227
- the books.* That keeping-apart is normal in account-keeping — CW gives it to AI
228
- agents.
229
-
230
- ---
231
-
232
- ## Hand the report to someone — they can check it on their own
233
-
234
- A report you keep on your own machine is one thing. A report you can **give to
235
- someone** who then makes the check themselves is what you are really after. Add
236
- `--bundle` to the one command and CW seals the finished run into a single,
237
- self-checking file:
238
-
239
- ```bash
240
- npx cool-workflow quickstart architecture-review \
241
- --repo /path/to/your/project --question "What are the main risks?" \
242
- --agent-command builtin:claude --bundle --with-trust-key ./trust-pub.pem
243
- ```
244
-
245
- This puts a `report.cwrun.json` file **where you are** (not in the looked-at
246
- repo). The one file holds the report, the `file.js:42` pointers, the signed and
247
- hash-chained record, **and the public key**.
248
-
249
- Give that file to anyone. With no need for your repo, your keys given over on the
250
- side, or a put-in past `npx`, they make the check on their own — offline, with
251
- only the file:
252
-
253
- ```bash
254
- npx cool-workflow report verify-bundle report.cwrun.json
255
- ```
256
-
257
- If the bundle was changed in any way after the fact — the record, a signature, or
258
- the bytes — the check says so and comes to a stop (it gives back `ok: false` and a
259
- non-zero code), so a bundle you send on can never be a quiet lie. CW still never
260
- runs the model itself; it only keeps the books and makes the check.
261
-
262
- Want to see the whole thing in 30 seconds, with no agent and no key of your own?
263
-
264
- ```bash
265
- npx cool-workflow demo bundle
266
- ```
267
-
268
- It makes a real sealed bundle, makes two false changes to it, and shows the check
269
- getting **both** — offline, with only the public key the bundle carries.
270
-
271
- ---
272
-
273
- ## Troubleshooting
274
-
275
- | Problem | Fix |
276
- |---|---|
277
- | `status: blocked`, `agentConfigured: false` | No agent is in place. Put in `claude` (or give `--agent-command`). |
278
- | `claude: command not found` | Put in Claude Code so the `claude` command is there, then run again. |
279
- | Want to see the plan without running the AI | Put in `--preview` — it gives the steps and starts nothing. |
280
- | Want a live agent trace | Put `CW_AGENT_STREAM=1`. It is stderr-only, TTY-gated, and `CW_NO_STREAM=1` puts it off. |
281
- | Where did my report go? | The command gives out `reportPath`; it is under `<your-repo>/.cw/runs/<id>/report.md`. |
282
-
283
- ---
284
-
285
- ## How it works (one paragraph)
286
-
287
- CW is a small TypeScript/Node run-time that needs no other parts. It makes a
288
- record of the agent loop out in the open — *plan → dispatch → record → verify →
289
- commit → report* — as long-lasting files on disk, so a run is open to looking-at
290
- and able to be played again in place of a chat you let go. It never puts a model
291
- SDK inside and keeps no API key; your put-in-place agent does the thinking, CW
292
- does the book-keeping and the checking. For the structure, multi-agent
293
- working-together, execution backends, and the full CLI/MCP face, see the
294
- **[wiki](https://github.com/coo1white/cool-workflow/wiki)** and
295
- [`plugins/cool-workflow/docs/`](plugins/cool-workflow/docs/).
296
-
297
- ---
298
-
299
- ## License
300
-
301
- BSD-2-Clause. See [LICENSE](LICENSE). Built by COOLWHITE LLC.
package/docs/routines.md DELETED
@@ -1,101 +0,0 @@
1
- # Routines
2
-
3
- A CW routine has a trigger, an event payload, match rules, and a prompt it makes
4
- for an agent host to run.
5
-
6
- CW keeps routine data in:
7
-
8
- ```text
9
- .cw/routines/triggers.json
10
- .cw/routines/payloads/
11
- ```
12
-
13
- ## Commands
14
-
15
- Create an API trigger:
16
-
17
- ```bash
18
- cw routine create \
19
- --kind api \
20
- --prompt "Handle this API event."
21
- ```
22
-
23
- Create a GitHub trigger:
24
-
25
- ```bash
26
- cw routine create \
27
- --kind github \
28
- --prompt "Review this GitHub event." \
29
- --match '{"action":"opened"}'
30
- ```
31
-
32
- Fire a trigger from a payload file:
33
-
34
- ```bash
35
- cw routine fire github payload.json
36
- ```
37
-
38
- Inspect events:
39
-
40
- ```bash
41
- cw routine events
42
- ```
43
-
44
- ## Long Architecture Reviews
45
-
46
- Use `architecture-review-fast` for the foreground user path. Then put the
47
- full `architecture-review` app in line as background work when a deep look-over
48
- should not get in the way of a back-and-forth session:
49
-
50
- ```bash
51
- node scripts/architecture-review-fast.js \
52
- --repo /path/to/repo \
53
- --question "Is this architecture sound?" \
54
- --metrics \
55
- --schedule-full
56
- ```
57
-
58
- The wrapper makes a one-shot reminder schedule whose `workflowId` is
59
- `architecture-review`. The schedule prompt is policy. CW keeps the schedule and
60
- notes down due events; the outside agent host says how to run the long review.
61
- The prompt has in it the foreground fast run id, fast report path, source-context
62
- digest/profile, and it asks the background agent to give back the full review
63
- report path and digest.
64
- The `--metrics` flag is not required and it gives back foreground time used plus
65
- agent-spawn and result-cache-hit counts for the fast run.
66
-
67
- ## PDCA Blackboard Development Lessons
68
-
69
- When a task asks for agents to work together, first try the parts CW already
70
- has:
71
-
72
- - workflow apps give the work shape
73
- - worker output gives checked facts
74
- - the blackboard gives shared state
75
- - MCP gives tool access to the same state
76
- - smoke tests prove the loop
77
-
78
- Do not make a new MCP server when the existing server can show the same run
79
- state. Add a workflow app first, then prove the app with one smoke that uses
80
- both CLI and MCP.
81
-
82
- For a three-agent loop, keep the order plain:
83
-
84
- ```text
85
- plan -> build -> audit -> next action
86
- ```
87
-
88
- Each agent should write one blackboard message and, when there is a result
89
- file, one artifact ref. Take a snapshot after the audit and after the next
90
- action. If audit evidence is missing, let the worker evidence gate refuse the
91
- result instead of adding a new policy layer.
92
-
93
- Before a PR, base the branch on `origin/main`, run the generated-doc checks,
94
- and sync generated docs when the gate says they are stale. This keeps unrelated
95
- local commits and generated README/index drift out of the work.
96
-
97
- ## Boundary
98
-
99
- CW v0.1.1 does not give managed cloud infrastructure. It gives a local
100
- routine bridge that may be joined to GitHub Actions, webhooks, cron, or a
101
- small HTTP adapter in a later release.