pluidr 0.6.1 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +20 -20
- package/README.md +365 -357
- package/bin/pluidr.js +3 -3
- package/package.json +45 -45
- package/src/cli/commands/doctor.js +101 -99
- package/src/cli/commands/init.js +43 -43
- package/src/cli/commands/launch.js +46 -0
- package/src/cli/commands/uninstall.js +63 -67
- package/src/cli/commands/update.js +6 -22
- package/src/cli/index.js +57 -53
- package/src/cli/wizard/selectModelTier.js +40 -39
- package/src/core/agentPromptWriter.js +32 -32
- package/src/core/agentPromptWriter.test.js +56 -56
- package/src/core/backup.js +40 -38
- package/src/core/configBuilder.js +32 -32
- package/src/core/configBuilder.test.js +93 -47
- package/src/core/configWriter.js +10 -10
- package/src/core/identityHeader.js +8 -8
- package/src/core/paths.js +9 -9
- package/src/core/paths.test.js +21 -21
- package/src/core/pluginWriter.js +29 -29
- package/src/core/squeezeInstaller.js +161 -161
- package/src/core/squeezeInstaller.test.js +75 -75
- package/src/core/version.js +8 -0
- package/src/core/versionCheck.js +44 -0
- package/src/core/versionCheck.test.js +34 -0
- package/src/plugins/README.md +68 -68
- package/src/plugins/pluidr-squeeze.js +77 -77
- package/src/templates/agent-prompts/auditor.txt +20 -20
- package/src/templates/agent-prompts/coder.txt +87 -87
- package/src/templates/agent-prompts/compose-reporter.txt +55 -55
- package/src/templates/agent-prompts/composer.txt +430 -430
- package/src/templates/agent-prompts/debug-reporter.txt +65 -65
- package/src/templates/agent-prompts/debugger.txt +151 -151
- package/src/templates/agent-prompts/fixer.txt +66 -66
- package/src/templates/agent-prompts/hierarchy.txt +96 -96
- package/src/templates/agent-prompts/inspector.txt +79 -79
- package/src/templates/agent-prompts/patcher.txt +20 -20
- package/src/templates/agent-prompts/plan-checker.txt +45 -45
- package/src/templates/agent-prompts/plan-writer.txt +57 -57
- package/src/templates/agent-prompts/probe-reporter.txt +62 -62
- package/src/templates/agent-prompts/prober.txt +90 -90
- package/src/templates/agent-prompts/researcher.txt +48 -48
- package/src/templates/agent-prompts/reviewer.txt +57 -57
- package/src/templates/agent-prompts/tester.txt +66 -66
- package/src/templates/agent-prompts/tracer.txt +33 -33
- package/src/templates/model-defaults.json +73 -55
- package/src/templates/opencode.config.json +481 -481
|
@@ -1,481 +1,481 @@
|
|
|
1
|
-
{
|
|
2
|
-
"$schema": "https://opencode.ai/config.json",
|
|
3
|
-
"instructions": ["{file:./prompts/hierarchy.txt}"],
|
|
4
|
-
"permission": {
|
|
5
|
-
"read": {
|
|
6
|
-
"*.env": "deny",
|
|
7
|
-
"*.env.*": "deny",
|
|
8
|
-
"secrets/**": "deny"
|
|
9
|
-
},
|
|
10
|
-
"edit": {
|
|
11
|
-
"*.env": "deny",
|
|
12
|
-
"*.env.*": "deny",
|
|
13
|
-
"secrets/**": "deny"
|
|
14
|
-
},
|
|
15
|
-
"write": {
|
|
16
|
-
"*.env": "deny",
|
|
17
|
-
"*.env.*": "deny",
|
|
18
|
-
"secrets/**": "deny"
|
|
19
|
-
}
|
|
20
|
-
},
|
|
21
|
-
"agent": {
|
|
22
|
-
"plan": { "hidden": true },
|
|
23
|
-
"build": { "hidden": true },
|
|
24
|
-
|
|
25
|
-
"composer": {
|
|
26
|
-
"mode": "primary",
|
|
27
|
-
"temperature": 0.7,
|
|
28
|
-
"description": "Full engineering workflow: Explore, Plan, Build — 3 phases, 7 subagents. Starts in Explore mode, transitions via guardrail gates.",
|
|
29
|
-
"prompt": "{file:./prompts/composer.txt}",
|
|
30
|
-
"permission": {
|
|
31
|
-
"read": "deny",
|
|
32
|
-
"glob": "deny",
|
|
33
|
-
"grep": "deny",
|
|
34
|
-
"edit": "deny",
|
|
35
|
-
"write": "deny",
|
|
36
|
-
"webfetch": "deny",
|
|
37
|
-
"websearch": "deny",
|
|
38
|
-
"bash": "deny",
|
|
39
|
-
"question": "allow",
|
|
40
|
-
"todowrite": "allow",
|
|
41
|
-
"task": {
|
|
42
|
-
"*": "deny",
|
|
43
|
-
"researcher": "allow",
|
|
44
|
-
"plan-writer": "allow",
|
|
45
|
-
"plan-checker": "allow",
|
|
46
|
-
"coder": "allow",
|
|
47
|
-
"tester": "allow",
|
|
48
|
-
"reviewer": "allow",
|
|
49
|
-
"compose-reporter": "allow"
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
|
-
},
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
"debugger": {
|
|
56
|
-
"mode": "primary",
|
|
57
|
-
"description": "Root-cause analysis via inspector/fixer/reporter. Standalone primary agent — does not depend on Composer. Pure orchestrator — all investigation, fixes, and reports delegated to subagents.",
|
|
58
|
-
"prompt": "{file:./prompts/debugger.txt}",
|
|
59
|
-
"permission": {
|
|
60
|
-
"read": "deny",
|
|
61
|
-
"glob": "deny",
|
|
62
|
-
"grep": "deny",
|
|
63
|
-
"edit": "deny",
|
|
64
|
-
"write": "deny",
|
|
65
|
-
"webfetch": "deny",
|
|
66
|
-
"websearch": "deny",
|
|
67
|
-
"bash": "deny",
|
|
68
|
-
"question": "allow",
|
|
69
|
-
"todowrite": "allow",
|
|
70
|
-
"task": {
|
|
71
|
-
"*": "deny",
|
|
72
|
-
"inspector": "allow",
|
|
73
|
-
"fixer": "allow",
|
|
74
|
-
"debug-reporter": "allow"
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
},
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
"coder": {
|
|
81
|
-
"mode": "subagent",
|
|
82
|
-
"description": "Implements tasks assigned by Composer, following the PRD exactly. Tracks own progress via todowrite.",
|
|
83
|
-
"prompt": "{file:./prompts/coder.txt}",
|
|
84
|
-
"permission": {
|
|
85
|
-
"read": "allow",
|
|
86
|
-
"glob": "allow",
|
|
87
|
-
"grep": "allow",
|
|
88
|
-
"edit": "allow",
|
|
89
|
-
"write": "allow",
|
|
90
|
-
"todowrite": "allow",
|
|
91
|
-
"bash": {
|
|
92
|
-
"*": "deny",
|
|
93
|
-
"npm *": "allow",
|
|
94
|
-
"npx *": "allow",
|
|
95
|
-
"node *": "allow",
|
|
96
|
-
"git *": "allow",
|
|
97
|
-
"mkdir *": "allow",
|
|
98
|
-
"cp *": "allow",
|
|
99
|
-
"rm *": "allow",
|
|
100
|
-
"mv *": "allow",
|
|
101
|
-
"cat *": "allow",
|
|
102
|
-
"ls *": "allow",
|
|
103
|
-
"rg *": "allow",
|
|
104
|
-
"grep *": "allow",
|
|
105
|
-
"find *": "allow",
|
|
106
|
-
"node --test": "allow"
|
|
107
|
-
},
|
|
108
|
-
"task": "deny"
|
|
109
|
-
}
|
|
110
|
-
},
|
|
111
|
-
|
|
112
|
-
"tester": {
|
|
113
|
-
"mode": "subagent",
|
|
114
|
-
"description": "Runs tests on implemented code and reports results (PASS/FAIL/BLOCKED) with coverage gaps. Cannot fix code, install deps, or decide next steps.",
|
|
115
|
-
"prompt": "{file:./prompts/tester.txt}",
|
|
116
|
-
"permission": {
|
|
117
|
-
"read": "allow",
|
|
118
|
-
"glob": "allow",
|
|
119
|
-
"grep": "allow",
|
|
120
|
-
"edit": "deny",
|
|
121
|
-
"write": "deny",
|
|
122
|
-
"todowrite": "deny",
|
|
123
|
-
"bash": {
|
|
124
|
-
"*": "deny",
|
|
125
|
-
"node --test": "allow",
|
|
126
|
-
"npm test": "allow",
|
|
127
|
-
"npx *": "allow",
|
|
128
|
-
"rg *": "allow",
|
|
129
|
-
"grep *": "allow",
|
|
130
|
-
"find *": "allow",
|
|
131
|
-
"cat *": "allow",
|
|
132
|
-
"ls *": "allow",
|
|
133
|
-
"git diff*": "allow",
|
|
134
|
-
"git log*": "allow"
|
|
135
|
-
},
|
|
136
|
-
"task": "deny"
|
|
137
|
-
}
|
|
138
|
-
},
|
|
139
|
-
|
|
140
|
-
"reviewer": {
|
|
141
|
-
"mode": "subagent",
|
|
142
|
-
"temperature": 0.1,
|
|
143
|
-
"description": "Boolean gate for Composer: compares implementation against PRD definition-of-done. PASS/FAIL + gap list only.",
|
|
144
|
-
"prompt": "{file:./prompts/reviewer.txt}",
|
|
145
|
-
"permission": {
|
|
146
|
-
"read": "allow",
|
|
147
|
-
"glob": "allow",
|
|
148
|
-
"grep": "allow",
|
|
149
|
-
"edit": "deny",
|
|
150
|
-
"write": "deny",
|
|
151
|
-
"bash": {
|
|
152
|
-
"*": "deny",
|
|
153
|
-
"git diff*": "allow",
|
|
154
|
-
"git log*": "allow",
|
|
155
|
-
"git show*": "allow",
|
|
156
|
-
"rg *": "allow",
|
|
157
|
-
"grep *": "allow"
|
|
158
|
-
},
|
|
159
|
-
"task": "deny"
|
|
160
|
-
}
|
|
161
|
-
},
|
|
162
|
-
|
|
163
|
-
"compose-reporter": {
|
|
164
|
-
"mode": "subagent",
|
|
165
|
-
"description": "Text-file executor for Composer. Writes and edits .md/.txt files under docs/ — stateless formatter for documents only. No bash.",
|
|
166
|
-
"prompt": "{file:./prompts/compose-reporter.txt}",
|
|
167
|
-
"permission": {
|
|
168
|
-
"read": {
|
|
169
|
-
"*": "deny",
|
|
170
|
-
"docs/**": "allow"
|
|
171
|
-
},
|
|
172
|
-
"glob": "deny",
|
|
173
|
-
"grep": "deny",
|
|
174
|
-
"edit": {
|
|
175
|
-
"*": "deny",
|
|
176
|
-
"docs/**": "allow"
|
|
177
|
-
},
|
|
178
|
-
"write": {
|
|
179
|
-
"*": "deny",
|
|
180
|
-
"docs/**": "allow"
|
|
181
|
-
},
|
|
182
|
-
"bash": "deny",
|
|
183
|
-
"todowrite": "deny",
|
|
184
|
-
"task": "deny"
|
|
185
|
-
}
|
|
186
|
-
},
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
"researcher": {
|
|
190
|
-
"mode": "subagent",
|
|
191
|
-
"description": "Researches technical and codebase context for Composer during EXPLORE phase. Outputs confirmed_facts / inferred_facts / unknowns / risks only.",
|
|
192
|
-
"prompt": "{file:./prompts/researcher.txt}",
|
|
193
|
-
"permission": {
|
|
194
|
-
"read": "allow",
|
|
195
|
-
"glob": "allow",
|
|
196
|
-
"grep": "allow",
|
|
197
|
-
"edit": "deny",
|
|
198
|
-
"write": "deny",
|
|
199
|
-
"bash": {
|
|
200
|
-
"*": "deny",
|
|
201
|
-
"rg *": "allow",
|
|
202
|
-
"grep *": "allow",
|
|
203
|
-
"find *": "allow",
|
|
204
|
-
"cat *": "allow",
|
|
205
|
-
"ls *": "allow",
|
|
206
|
-
"node --version": "allow",
|
|
207
|
-
"npm --version": "allow"
|
|
208
|
-
},
|
|
209
|
-
"webfetch": "allow",
|
|
210
|
-
"websearch": "allow",
|
|
211
|
-
"task": "deny"
|
|
212
|
-
}
|
|
213
|
-
},
|
|
214
|
-
|
|
215
|
-
"plan-writer": {
|
|
216
|
-
"mode": "subagent",
|
|
217
|
-
"description": "Stateless formatter for Composer. Produces PRD documents from structured input — no inference, no decisions. PRD mode only.",
|
|
218
|
-
"prompt": "{file:./prompts/plan-writer.txt}",
|
|
219
|
-
"permission": {
|
|
220
|
-
"read": {
|
|
221
|
-
"*": "deny",
|
|
222
|
-
"docs/plans/**": "allow"
|
|
223
|
-
},
|
|
224
|
-
"glob": "deny",
|
|
225
|
-
"grep": "deny",
|
|
226
|
-
"edit": {
|
|
227
|
-
"*": "deny",
|
|
228
|
-
"docs/plans/**": "allow"
|
|
229
|
-
},
|
|
230
|
-
"write": {
|
|
231
|
-
"*": "deny",
|
|
232
|
-
"docs/plans/**": "allow"
|
|
233
|
-
},
|
|
234
|
-
"bash": "deny",
|
|
235
|
-
"task": "deny"
|
|
236
|
-
}
|
|
237
|
-
},
|
|
238
|
-
|
|
239
|
-
"plan-checker": {
|
|
240
|
-
"mode": "subagent",
|
|
241
|
-
"temperature": 0.1,
|
|
242
|
-
"description": "Boolean gate for Composer: checks PRD completeness against original user request. PASS/FAIL + gap list only.",
|
|
243
|
-
"prompt": "{file:./prompts/plan-checker.txt}",
|
|
244
|
-
"permission": {
|
|
245
|
-
"read": "allow",
|
|
246
|
-
"glob": "allow",
|
|
247
|
-
"grep": "allow",
|
|
248
|
-
"edit": "deny",
|
|
249
|
-
"write": "deny",
|
|
250
|
-
"bash": {
|
|
251
|
-
"*": "deny",
|
|
252
|
-
"rg *": "allow",
|
|
253
|
-
"grep *": "allow"
|
|
254
|
-
},
|
|
255
|
-
"task": "deny"
|
|
256
|
-
}
|
|
257
|
-
},
|
|
258
|
-
|
|
259
|
-
"inspector": {
|
|
260
|
-
"mode": "subagent",
|
|
261
|
-
"description": "Root-cause analysis for Debugger. Investigates bugs via codebase and web research. Outputs confirmed_facts / inferred_facts / unknowns / risks only.",
|
|
262
|
-
"prompt": "{file:./prompts/inspector.txt}",
|
|
263
|
-
"permission": {
|
|
264
|
-
"read": "allow",
|
|
265
|
-
"glob": "allow",
|
|
266
|
-
"grep": "allow",
|
|
267
|
-
"edit": "deny",
|
|
268
|
-
"write": "deny",
|
|
269
|
-
"bash": {
|
|
270
|
-
"*": "deny",
|
|
271
|
-
"git diff*": "allow",
|
|
272
|
-
"git log*": "allow",
|
|
273
|
-
"git show*": "allow",
|
|
274
|
-
"git blame*": "allow",
|
|
275
|
-
"rg *": "allow",
|
|
276
|
-
"grep *": "allow",
|
|
277
|
-
"cat *": "allow",
|
|
278
|
-
"find *": "allow"
|
|
279
|
-
},
|
|
280
|
-
"webfetch": "allow",
|
|
281
|
-
"websearch": "allow",
|
|
282
|
-
"task": "deny"
|
|
283
|
-
}
|
|
284
|
-
},
|
|
285
|
-
|
|
286
|
-
"fixer": {
|
|
287
|
-
"mode": "subagent",
|
|
288
|
-
"description": "Implements bug fixes for Debugger. Follows root cause from inspector. Like coder but focused on fixes — minimal change, root-cause targeting.",
|
|
289
|
-
"prompt": "{file:./prompts/fixer.txt}",
|
|
290
|
-
"permission": {
|
|
291
|
-
"read": "allow",
|
|
292
|
-
"glob": "allow",
|
|
293
|
-
"grep": "allow",
|
|
294
|
-
"edit": "allow",
|
|
295
|
-
"write": "allow",
|
|
296
|
-
"todowrite": "allow",
|
|
297
|
-
"bash": {
|
|
298
|
-
"*": "deny",
|
|
299
|
-
"node --test": "allow",
|
|
300
|
-
"npm test": "allow",
|
|
301
|
-
"npm *": "allow",
|
|
302
|
-
"npx *": "allow",
|
|
303
|
-
"node *": "allow",
|
|
304
|
-
"git diff*": "allow",
|
|
305
|
-
"git log*": "allow",
|
|
306
|
-
"git show*": "allow",
|
|
307
|
-
"mkdir *": "allow",
|
|
308
|
-
"cp *": "allow",
|
|
309
|
-
"rm *": "allow",
|
|
310
|
-
"mv *": "allow",
|
|
311
|
-
"cat *": "allow",
|
|
312
|
-
"ls *": "allow",
|
|
313
|
-
"rg *": "allow",
|
|
314
|
-
"grep *": "allow",
|
|
315
|
-
"find *": "allow"
|
|
316
|
-
},
|
|
317
|
-
"task": "deny"
|
|
318
|
-
}
|
|
319
|
-
},
|
|
320
|
-
|
|
321
|
-
"debug-reporter": {
|
|
322
|
-
"mode": "subagent",
|
|
323
|
-
"description": "Stateless formatter for Debugger. Produces diagnosis + remedy reports from structured input — no inference, no decisions. Summary mode only.",
|
|
324
|
-
"prompt": "{file:./prompts/debug-reporter.txt}",
|
|
325
|
-
"permission": {
|
|
326
|
-
"read": {
|
|
327
|
-
"*": "deny",
|
|
328
|
-
"docs/reports/**": "allow"
|
|
329
|
-
},
|
|
330
|
-
"glob": "deny",
|
|
331
|
-
"grep": "deny",
|
|
332
|
-
"edit": {
|
|
333
|
-
"*": "deny",
|
|
334
|
-
"docs/reports/**": "allow"
|
|
335
|
-
},
|
|
336
|
-
"write": {
|
|
337
|
-
"*": "deny",
|
|
338
|
-
"docs/reports/**": "allow"
|
|
339
|
-
},
|
|
340
|
-
"bash": "deny",
|
|
341
|
-
"task": "deny"
|
|
342
|
-
}
|
|
343
|
-
},
|
|
344
|
-
|
|
345
|
-
"prober": {
|
|
346
|
-
"mode": "primary",
|
|
347
|
-
"temperature": 0.7,
|
|
348
|
-
"description": "Standalone security and quality auditing agent. Recon and vuln trace, minimal patch application, validation gate.",
|
|
349
|
-
"prompt": "{file:./prompts/prober.txt}",
|
|
350
|
-
"permission": {
|
|
351
|
-
"read": "deny",
|
|
352
|
-
"glob": "deny",
|
|
353
|
-
"grep": "deny",
|
|
354
|
-
"edit": "deny",
|
|
355
|
-
"write": "deny",
|
|
356
|
-
"webfetch": "deny",
|
|
357
|
-
"websearch": "deny",
|
|
358
|
-
"bash": "deny",
|
|
359
|
-
"question": "allow",
|
|
360
|
-
"todowrite": "allow",
|
|
361
|
-
"task": {
|
|
362
|
-
"*": "deny",
|
|
363
|
-
"tracer": "allow",
|
|
364
|
-
"patcher": "allow",
|
|
365
|
-
"auditor": "allow",
|
|
366
|
-
"probe-reporter": "allow"
|
|
367
|
-
}
|
|
368
|
-
}
|
|
369
|
-
},
|
|
370
|
-
|
|
371
|
-
"tracer": {
|
|
372
|
-
"mode": "subagent",
|
|
373
|
-
"description": "Recon attack surface and trace vulnerability paths for Prober. Guided by WSTG and secure code review practices.",
|
|
374
|
-
"prompt": "{file:./prompts/tracer.txt}",
|
|
375
|
-
"permission": {
|
|
376
|
-
"read": "allow",
|
|
377
|
-
"glob": "allow",
|
|
378
|
-
"grep": "allow",
|
|
379
|
-
"edit": "deny",
|
|
380
|
-
"write": "deny",
|
|
381
|
-
"bash": {
|
|
382
|
-
"*": "deny",
|
|
383
|
-
"rg *": "allow",
|
|
384
|
-
"grep *": "allow",
|
|
385
|
-
"find *": "allow",
|
|
386
|
-
"cat *": "allow",
|
|
387
|
-
"ls *": "allow",
|
|
388
|
-
"git log*": "allow",
|
|
389
|
-
"git diff*": "allow",
|
|
390
|
-
"git show*": "allow",
|
|
391
|
-
"git blame*": "allow",
|
|
392
|
-
"node --version": "allow",
|
|
393
|
-
"npm --version": "allow",
|
|
394
|
-
"which *": "allow",
|
|
395
|
-
"where *": "allow"
|
|
396
|
-
},
|
|
397
|
-
"task": "deny"
|
|
398
|
-
}
|
|
399
|
-
},
|
|
400
|
-
|
|
401
|
-
"patcher": {
|
|
402
|
-
"mode": "subagent",
|
|
403
|
-
"description": "Applies minimal, security-targeted patches for Prober using Ponytail mindset.",
|
|
404
|
-
"prompt": "{file:./prompts/patcher.txt}",
|
|
405
|
-
"permission": {
|
|
406
|
-
"read": "allow",
|
|
407
|
-
"glob": "allow",
|
|
408
|
-
"grep": "allow",
|
|
409
|
-
"edit": "allow",
|
|
410
|
-
"write": "allow",
|
|
411
|
-
"bash": {
|
|
412
|
-
"*": "deny",
|
|
413
|
-
"npm *": "allow",
|
|
414
|
-
"npx *": "allow",
|
|
415
|
-
"node *": "allow",
|
|
416
|
-
"git *": "allow",
|
|
417
|
-
"mkdir *": "allow",
|
|
418
|
-
"cp *": "allow",
|
|
419
|
-
"rm *": "allow",
|
|
420
|
-
"mv *": "allow",
|
|
421
|
-
"cat *": "allow",
|
|
422
|
-
"ls *": "allow",
|
|
423
|
-
"rg *": "allow",
|
|
424
|
-
"grep *": "allow",
|
|
425
|
-
"find *": "allow",
|
|
426
|
-
"node --test": "allow"
|
|
427
|
-
},
|
|
428
|
-
"task": "deny"
|
|
429
|
-
}
|
|
430
|
-
},
|
|
431
|
-
|
|
432
|
-
"auditor": {
|
|
433
|
-
"mode": "subagent",
|
|
434
|
-
"description": "Validation gate for Prober: checks patch effectiveness and over-engineering. PASS/FAIL + Gap/BLOAT lists only.",
|
|
435
|
-
"prompt": "{file:./prompts/auditor.txt}",
|
|
436
|
-
"permission": {
|
|
437
|
-
"read": "allow",
|
|
438
|
-
"glob": "allow",
|
|
439
|
-
"grep": "allow",
|
|
440
|
-
"edit": "deny",
|
|
441
|
-
"write": "deny",
|
|
442
|
-
"bash": {
|
|
443
|
-
"*": "deny",
|
|
444
|
-
"rg *": "allow",
|
|
445
|
-
"grep *": "allow",
|
|
446
|
-
"find *": "allow",
|
|
447
|
-
"cat *": "allow",
|
|
448
|
-
"git diff*": "allow",
|
|
449
|
-
"git log*": "allow",
|
|
450
|
-
"node --test": "allow",
|
|
451
|
-
"npm test": "allow"
|
|
452
|
-
},
|
|
453
|
-
"task": "deny"
|
|
454
|
-
}
|
|
455
|
-
},
|
|
456
|
-
|
|
457
|
-
"probe-reporter": {
|
|
458
|
-
"mode": "subagent",
|
|
459
|
-
"description": "Stateless formatter for Prober. Produces security audit reports under docs/reports/.",
|
|
460
|
-
"prompt": "{file:./prompts/probe-reporter.txt}",
|
|
461
|
-
"permission": {
|
|
462
|
-
"read": {
|
|
463
|
-
"*": "deny",
|
|
464
|
-
"docs/reports/**": "allow"
|
|
465
|
-
},
|
|
466
|
-
"glob": "deny",
|
|
467
|
-
"grep": "deny",
|
|
468
|
-
"edit": {
|
|
469
|
-
"*": "deny",
|
|
470
|
-
"docs/reports/**": "allow"
|
|
471
|
-
},
|
|
472
|
-
"write": {
|
|
473
|
-
"*": "deny",
|
|
474
|
-
"docs/reports/**": "allow"
|
|
475
|
-
},
|
|
476
|
-
"bash": "deny",
|
|
477
|
-
"task": "deny"
|
|
478
|
-
}
|
|
479
|
-
}
|
|
480
|
-
}
|
|
481
|
-
}
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://opencode.ai/config.json",
|
|
3
|
+
"instructions": ["{file:./prompts/hierarchy.txt}"],
|
|
4
|
+
"permission": {
|
|
5
|
+
"read": {
|
|
6
|
+
"*.env": "deny",
|
|
7
|
+
"*.env.*": "deny",
|
|
8
|
+
"secrets/**": "deny"
|
|
9
|
+
},
|
|
10
|
+
"edit": {
|
|
11
|
+
"*.env": "deny",
|
|
12
|
+
"*.env.*": "deny",
|
|
13
|
+
"secrets/**": "deny"
|
|
14
|
+
},
|
|
15
|
+
"write": {
|
|
16
|
+
"*.env": "deny",
|
|
17
|
+
"*.env.*": "deny",
|
|
18
|
+
"secrets/**": "deny"
|
|
19
|
+
}
|
|
20
|
+
},
|
|
21
|
+
"agent": {
|
|
22
|
+
"plan": { "hidden": true },
|
|
23
|
+
"build": { "hidden": true },
|
|
24
|
+
|
|
25
|
+
"composer": {
|
|
26
|
+
"mode": "primary",
|
|
27
|
+
"temperature": 0.7,
|
|
28
|
+
"description": "Full engineering workflow: Explore, Plan, Build — 3 phases, 7 subagents. Starts in Explore mode, transitions via guardrail gates.",
|
|
29
|
+
"prompt": "{file:./prompts/composer.txt}",
|
|
30
|
+
"permission": {
|
|
31
|
+
"read": "deny",
|
|
32
|
+
"glob": "deny",
|
|
33
|
+
"grep": "deny",
|
|
34
|
+
"edit": "deny",
|
|
35
|
+
"write": "deny",
|
|
36
|
+
"webfetch": "deny",
|
|
37
|
+
"websearch": "deny",
|
|
38
|
+
"bash": "deny",
|
|
39
|
+
"question": "allow",
|
|
40
|
+
"todowrite": "allow",
|
|
41
|
+
"task": {
|
|
42
|
+
"*": "deny",
|
|
43
|
+
"researcher": "allow",
|
|
44
|
+
"plan-writer": "allow",
|
|
45
|
+
"plan-checker": "allow",
|
|
46
|
+
"coder": "allow",
|
|
47
|
+
"tester": "allow",
|
|
48
|
+
"reviewer": "allow",
|
|
49
|
+
"compose-reporter": "allow"
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
},
|
|
53
|
+
|
|
54
|
+
|
|
55
|
+
"debugger": {
|
|
56
|
+
"mode": "primary",
|
|
57
|
+
"description": "Root-cause analysis via inspector/fixer/reporter. Standalone primary agent — does not depend on Composer. Pure orchestrator — all investigation, fixes, and reports delegated to subagents.",
|
|
58
|
+
"prompt": "{file:./prompts/debugger.txt}",
|
|
59
|
+
"permission": {
|
|
60
|
+
"read": "deny",
|
|
61
|
+
"glob": "deny",
|
|
62
|
+
"grep": "deny",
|
|
63
|
+
"edit": "deny",
|
|
64
|
+
"write": "deny",
|
|
65
|
+
"webfetch": "deny",
|
|
66
|
+
"websearch": "deny",
|
|
67
|
+
"bash": "deny",
|
|
68
|
+
"question": "allow",
|
|
69
|
+
"todowrite": "allow",
|
|
70
|
+
"task": {
|
|
71
|
+
"*": "deny",
|
|
72
|
+
"inspector": "allow",
|
|
73
|
+
"fixer": "allow",
|
|
74
|
+
"debug-reporter": "allow"
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
},
|
|
78
|
+
|
|
79
|
+
|
|
80
|
+
"coder": {
|
|
81
|
+
"mode": "subagent",
|
|
82
|
+
"description": "Implements tasks assigned by Composer, following the PRD exactly. Tracks own progress via todowrite.",
|
|
83
|
+
"prompt": "{file:./prompts/coder.txt}",
|
|
84
|
+
"permission": {
|
|
85
|
+
"read": "allow",
|
|
86
|
+
"glob": "allow",
|
|
87
|
+
"grep": "allow",
|
|
88
|
+
"edit": "allow",
|
|
89
|
+
"write": "allow",
|
|
90
|
+
"todowrite": "allow",
|
|
91
|
+
"bash": {
|
|
92
|
+
"*": "deny",
|
|
93
|
+
"npm *": "allow",
|
|
94
|
+
"npx *": "allow",
|
|
95
|
+
"node *": "allow",
|
|
96
|
+
"git *": "allow",
|
|
97
|
+
"mkdir *": "allow",
|
|
98
|
+
"cp *": "allow",
|
|
99
|
+
"rm *": "allow",
|
|
100
|
+
"mv *": "allow",
|
|
101
|
+
"cat *": "allow",
|
|
102
|
+
"ls *": "allow",
|
|
103
|
+
"rg *": "allow",
|
|
104
|
+
"grep *": "allow",
|
|
105
|
+
"find *": "allow",
|
|
106
|
+
"node --test": "allow"
|
|
107
|
+
},
|
|
108
|
+
"task": "deny"
|
|
109
|
+
}
|
|
110
|
+
},
|
|
111
|
+
|
|
112
|
+
"tester": {
|
|
113
|
+
"mode": "subagent",
|
|
114
|
+
"description": "Runs tests on implemented code and reports results (PASS/FAIL/BLOCKED) with coverage gaps. Cannot fix code, install deps, or decide next steps.",
|
|
115
|
+
"prompt": "{file:./prompts/tester.txt}",
|
|
116
|
+
"permission": {
|
|
117
|
+
"read": "allow",
|
|
118
|
+
"glob": "allow",
|
|
119
|
+
"grep": "allow",
|
|
120
|
+
"edit": "deny",
|
|
121
|
+
"write": "deny",
|
|
122
|
+
"todowrite": "deny",
|
|
123
|
+
"bash": {
|
|
124
|
+
"*": "deny",
|
|
125
|
+
"node --test": "allow",
|
|
126
|
+
"npm test": "allow",
|
|
127
|
+
"npx *": "allow",
|
|
128
|
+
"rg *": "allow",
|
|
129
|
+
"grep *": "allow",
|
|
130
|
+
"find *": "allow",
|
|
131
|
+
"cat *": "allow",
|
|
132
|
+
"ls *": "allow",
|
|
133
|
+
"git diff*": "allow",
|
|
134
|
+
"git log*": "allow"
|
|
135
|
+
},
|
|
136
|
+
"task": "deny"
|
|
137
|
+
}
|
|
138
|
+
},
|
|
139
|
+
|
|
140
|
+
"reviewer": {
|
|
141
|
+
"mode": "subagent",
|
|
142
|
+
"temperature": 0.1,
|
|
143
|
+
"description": "Boolean gate for Composer: compares implementation against PRD definition-of-done. PASS/FAIL + gap list only.",
|
|
144
|
+
"prompt": "{file:./prompts/reviewer.txt}",
|
|
145
|
+
"permission": {
|
|
146
|
+
"read": "allow",
|
|
147
|
+
"glob": "allow",
|
|
148
|
+
"grep": "allow",
|
|
149
|
+
"edit": "deny",
|
|
150
|
+
"write": "deny",
|
|
151
|
+
"bash": {
|
|
152
|
+
"*": "deny",
|
|
153
|
+
"git diff*": "allow",
|
|
154
|
+
"git log*": "allow",
|
|
155
|
+
"git show*": "allow",
|
|
156
|
+
"rg *": "allow",
|
|
157
|
+
"grep *": "allow"
|
|
158
|
+
},
|
|
159
|
+
"task": "deny"
|
|
160
|
+
}
|
|
161
|
+
},
|
|
162
|
+
|
|
163
|
+
"compose-reporter": {
|
|
164
|
+
"mode": "subagent",
|
|
165
|
+
"description": "Text-file executor for Composer. Writes and edits .md/.txt files under docs/ — stateless formatter for documents only. No bash.",
|
|
166
|
+
"prompt": "{file:./prompts/compose-reporter.txt}",
|
|
167
|
+
"permission": {
|
|
168
|
+
"read": {
|
|
169
|
+
"*": "deny",
|
|
170
|
+
"docs/**": "allow"
|
|
171
|
+
},
|
|
172
|
+
"glob": "deny",
|
|
173
|
+
"grep": "deny",
|
|
174
|
+
"edit": {
|
|
175
|
+
"*": "deny",
|
|
176
|
+
"docs/**": "allow"
|
|
177
|
+
},
|
|
178
|
+
"write": {
|
|
179
|
+
"*": "deny",
|
|
180
|
+
"docs/**": "allow"
|
|
181
|
+
},
|
|
182
|
+
"bash": "deny",
|
|
183
|
+
"todowrite": "deny",
|
|
184
|
+
"task": "deny"
|
|
185
|
+
}
|
|
186
|
+
},
|
|
187
|
+
|
|
188
|
+
|
|
189
|
+
"researcher": {
|
|
190
|
+
"mode": "subagent",
|
|
191
|
+
"description": "Researches technical and codebase context for Composer during EXPLORE phase. Outputs confirmed_facts / inferred_facts / unknowns / risks only.",
|
|
192
|
+
"prompt": "{file:./prompts/researcher.txt}",
|
|
193
|
+
"permission": {
|
|
194
|
+
"read": "allow",
|
|
195
|
+
"glob": "allow",
|
|
196
|
+
"grep": "allow",
|
|
197
|
+
"edit": "deny",
|
|
198
|
+
"write": "deny",
|
|
199
|
+
"bash": {
|
|
200
|
+
"*": "deny",
|
|
201
|
+
"rg *": "allow",
|
|
202
|
+
"grep *": "allow",
|
|
203
|
+
"find *": "allow",
|
|
204
|
+
"cat *": "allow",
|
|
205
|
+
"ls *": "allow",
|
|
206
|
+
"node --version": "allow",
|
|
207
|
+
"npm --version": "allow"
|
|
208
|
+
},
|
|
209
|
+
"webfetch": "allow",
|
|
210
|
+
"websearch": "allow",
|
|
211
|
+
"task": "deny"
|
|
212
|
+
}
|
|
213
|
+
},
|
|
214
|
+
|
|
215
|
+
"plan-writer": {
|
|
216
|
+
"mode": "subagent",
|
|
217
|
+
"description": "Stateless formatter for Composer. Produces PRD documents from structured input — no inference, no decisions. PRD mode only.",
|
|
218
|
+
"prompt": "{file:./prompts/plan-writer.txt}",
|
|
219
|
+
"permission": {
|
|
220
|
+
"read": {
|
|
221
|
+
"*": "deny",
|
|
222
|
+
"docs/plans/**": "allow"
|
|
223
|
+
},
|
|
224
|
+
"glob": "deny",
|
|
225
|
+
"grep": "deny",
|
|
226
|
+
"edit": {
|
|
227
|
+
"*": "deny",
|
|
228
|
+
"docs/plans/**": "allow"
|
|
229
|
+
},
|
|
230
|
+
"write": {
|
|
231
|
+
"*": "deny",
|
|
232
|
+
"docs/plans/**": "allow"
|
|
233
|
+
},
|
|
234
|
+
"bash": "deny",
|
|
235
|
+
"task": "deny"
|
|
236
|
+
}
|
|
237
|
+
},
|
|
238
|
+
|
|
239
|
+
"plan-checker": {
|
|
240
|
+
"mode": "subagent",
|
|
241
|
+
"temperature": 0.1,
|
|
242
|
+
"description": "Boolean gate for Composer: checks PRD completeness against original user request. PASS/FAIL + gap list only.",
|
|
243
|
+
"prompt": "{file:./prompts/plan-checker.txt}",
|
|
244
|
+
"permission": {
|
|
245
|
+
"read": "allow",
|
|
246
|
+
"glob": "allow",
|
|
247
|
+
"grep": "allow",
|
|
248
|
+
"edit": "deny",
|
|
249
|
+
"write": "deny",
|
|
250
|
+
"bash": {
|
|
251
|
+
"*": "deny",
|
|
252
|
+
"rg *": "allow",
|
|
253
|
+
"grep *": "allow"
|
|
254
|
+
},
|
|
255
|
+
"task": "deny"
|
|
256
|
+
}
|
|
257
|
+
},
|
|
258
|
+
|
|
259
|
+
"inspector": {
|
|
260
|
+
"mode": "subagent",
|
|
261
|
+
"description": "Root-cause analysis for Debugger. Investigates bugs via codebase and web research. Outputs confirmed_facts / inferred_facts / unknowns / risks only.",
|
|
262
|
+
"prompt": "{file:./prompts/inspector.txt}",
|
|
263
|
+
"permission": {
|
|
264
|
+
"read": "allow",
|
|
265
|
+
"glob": "allow",
|
|
266
|
+
"grep": "allow",
|
|
267
|
+
"edit": "deny",
|
|
268
|
+
"write": "deny",
|
|
269
|
+
"bash": {
|
|
270
|
+
"*": "deny",
|
|
271
|
+
"git diff*": "allow",
|
|
272
|
+
"git log*": "allow",
|
|
273
|
+
"git show*": "allow",
|
|
274
|
+
"git blame*": "allow",
|
|
275
|
+
"rg *": "allow",
|
|
276
|
+
"grep *": "allow",
|
|
277
|
+
"cat *": "allow",
|
|
278
|
+
"find *": "allow"
|
|
279
|
+
},
|
|
280
|
+
"webfetch": "allow",
|
|
281
|
+
"websearch": "allow",
|
|
282
|
+
"task": "deny"
|
|
283
|
+
}
|
|
284
|
+
},
|
|
285
|
+
|
|
286
|
+
"fixer": {
|
|
287
|
+
"mode": "subagent",
|
|
288
|
+
"description": "Implements bug fixes for Debugger. Follows root cause from inspector. Like coder but focused on fixes — minimal change, root-cause targeting.",
|
|
289
|
+
"prompt": "{file:./prompts/fixer.txt}",
|
|
290
|
+
"permission": {
|
|
291
|
+
"read": "allow",
|
|
292
|
+
"glob": "allow",
|
|
293
|
+
"grep": "allow",
|
|
294
|
+
"edit": "allow",
|
|
295
|
+
"write": "allow",
|
|
296
|
+
"todowrite": "allow",
|
|
297
|
+
"bash": {
|
|
298
|
+
"*": "deny",
|
|
299
|
+
"node --test": "allow",
|
|
300
|
+
"npm test": "allow",
|
|
301
|
+
"npm *": "allow",
|
|
302
|
+
"npx *": "allow",
|
|
303
|
+
"node *": "allow",
|
|
304
|
+
"git diff*": "allow",
|
|
305
|
+
"git log*": "allow",
|
|
306
|
+
"git show*": "allow",
|
|
307
|
+
"mkdir *": "allow",
|
|
308
|
+
"cp *": "allow",
|
|
309
|
+
"rm *": "allow",
|
|
310
|
+
"mv *": "allow",
|
|
311
|
+
"cat *": "allow",
|
|
312
|
+
"ls *": "allow",
|
|
313
|
+
"rg *": "allow",
|
|
314
|
+
"grep *": "allow",
|
|
315
|
+
"find *": "allow"
|
|
316
|
+
},
|
|
317
|
+
"task": "deny"
|
|
318
|
+
}
|
|
319
|
+
},
|
|
320
|
+
|
|
321
|
+
"debug-reporter": {
|
|
322
|
+
"mode": "subagent",
|
|
323
|
+
"description": "Stateless formatter for Debugger. Produces diagnosis + remedy reports from structured input — no inference, no decisions. Summary mode only.",
|
|
324
|
+
"prompt": "{file:./prompts/debug-reporter.txt}",
|
|
325
|
+
"permission": {
|
|
326
|
+
"read": {
|
|
327
|
+
"*": "deny",
|
|
328
|
+
"docs/reports/**": "allow"
|
|
329
|
+
},
|
|
330
|
+
"glob": "deny",
|
|
331
|
+
"grep": "deny",
|
|
332
|
+
"edit": {
|
|
333
|
+
"*": "deny",
|
|
334
|
+
"docs/reports/**": "allow"
|
|
335
|
+
},
|
|
336
|
+
"write": {
|
|
337
|
+
"*": "deny",
|
|
338
|
+
"docs/reports/**": "allow"
|
|
339
|
+
},
|
|
340
|
+
"bash": "deny",
|
|
341
|
+
"task": "deny"
|
|
342
|
+
}
|
|
343
|
+
},
|
|
344
|
+
|
|
345
|
+
"prober": {
|
|
346
|
+
"mode": "primary",
|
|
347
|
+
"temperature": 0.7,
|
|
348
|
+
"description": "Standalone security and quality auditing agent. Recon and vuln trace, minimal patch application, validation gate.",
|
|
349
|
+
"prompt": "{file:./prompts/prober.txt}",
|
|
350
|
+
"permission": {
|
|
351
|
+
"read": "deny",
|
|
352
|
+
"glob": "deny",
|
|
353
|
+
"grep": "deny",
|
|
354
|
+
"edit": "deny",
|
|
355
|
+
"write": "deny",
|
|
356
|
+
"webfetch": "deny",
|
|
357
|
+
"websearch": "deny",
|
|
358
|
+
"bash": "deny",
|
|
359
|
+
"question": "allow",
|
|
360
|
+
"todowrite": "allow",
|
|
361
|
+
"task": {
|
|
362
|
+
"*": "deny",
|
|
363
|
+
"tracer": "allow",
|
|
364
|
+
"patcher": "allow",
|
|
365
|
+
"auditor": "allow",
|
|
366
|
+
"probe-reporter": "allow"
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
},
|
|
370
|
+
|
|
371
|
+
"tracer": {
|
|
372
|
+
"mode": "subagent",
|
|
373
|
+
"description": "Recon attack surface and trace vulnerability paths for Prober. Guided by WSTG and secure code review practices.",
|
|
374
|
+
"prompt": "{file:./prompts/tracer.txt}",
|
|
375
|
+
"permission": {
|
|
376
|
+
"read": "allow",
|
|
377
|
+
"glob": "allow",
|
|
378
|
+
"grep": "allow",
|
|
379
|
+
"edit": "deny",
|
|
380
|
+
"write": "deny",
|
|
381
|
+
"bash": {
|
|
382
|
+
"*": "deny",
|
|
383
|
+
"rg *": "allow",
|
|
384
|
+
"grep *": "allow",
|
|
385
|
+
"find *": "allow",
|
|
386
|
+
"cat *": "allow",
|
|
387
|
+
"ls *": "allow",
|
|
388
|
+
"git log*": "allow",
|
|
389
|
+
"git diff*": "allow",
|
|
390
|
+
"git show*": "allow",
|
|
391
|
+
"git blame*": "allow",
|
|
392
|
+
"node --version": "allow",
|
|
393
|
+
"npm --version": "allow",
|
|
394
|
+
"which *": "allow",
|
|
395
|
+
"where *": "allow"
|
|
396
|
+
},
|
|
397
|
+
"task": "deny"
|
|
398
|
+
}
|
|
399
|
+
},
|
|
400
|
+
|
|
401
|
+
"patcher": {
|
|
402
|
+
"mode": "subagent",
|
|
403
|
+
"description": "Applies minimal, security-targeted patches for Prober using Ponytail mindset.",
|
|
404
|
+
"prompt": "{file:./prompts/patcher.txt}",
|
|
405
|
+
"permission": {
|
|
406
|
+
"read": "allow",
|
|
407
|
+
"glob": "allow",
|
|
408
|
+
"grep": "allow",
|
|
409
|
+
"edit": "allow",
|
|
410
|
+
"write": "allow",
|
|
411
|
+
"bash": {
|
|
412
|
+
"*": "deny",
|
|
413
|
+
"npm *": "allow",
|
|
414
|
+
"npx *": "allow",
|
|
415
|
+
"node *": "allow",
|
|
416
|
+
"git *": "allow",
|
|
417
|
+
"mkdir *": "allow",
|
|
418
|
+
"cp *": "allow",
|
|
419
|
+
"rm *": "allow",
|
|
420
|
+
"mv *": "allow",
|
|
421
|
+
"cat *": "allow",
|
|
422
|
+
"ls *": "allow",
|
|
423
|
+
"rg *": "allow",
|
|
424
|
+
"grep *": "allow",
|
|
425
|
+
"find *": "allow",
|
|
426
|
+
"node --test": "allow"
|
|
427
|
+
},
|
|
428
|
+
"task": "deny"
|
|
429
|
+
}
|
|
430
|
+
},
|
|
431
|
+
|
|
432
|
+
"auditor": {
|
|
433
|
+
"mode": "subagent",
|
|
434
|
+
"description": "Validation gate for Prober: checks patch effectiveness and over-engineering. PASS/FAIL + Gap/BLOAT lists only.",
|
|
435
|
+
"prompt": "{file:./prompts/auditor.txt}",
|
|
436
|
+
"permission": {
|
|
437
|
+
"read": "allow",
|
|
438
|
+
"glob": "allow",
|
|
439
|
+
"grep": "allow",
|
|
440
|
+
"edit": "deny",
|
|
441
|
+
"write": "deny",
|
|
442
|
+
"bash": {
|
|
443
|
+
"*": "deny",
|
|
444
|
+
"rg *": "allow",
|
|
445
|
+
"grep *": "allow",
|
|
446
|
+
"find *": "allow",
|
|
447
|
+
"cat *": "allow",
|
|
448
|
+
"git diff*": "allow",
|
|
449
|
+
"git log*": "allow",
|
|
450
|
+
"node --test": "allow",
|
|
451
|
+
"npm test": "allow"
|
|
452
|
+
},
|
|
453
|
+
"task": "deny"
|
|
454
|
+
}
|
|
455
|
+
},
|
|
456
|
+
|
|
457
|
+
"probe-reporter": {
|
|
458
|
+
"mode": "subagent",
|
|
459
|
+
"description": "Stateless formatter for Prober. Produces security audit reports under docs/reports/.",
|
|
460
|
+
"prompt": "{file:./prompts/probe-reporter.txt}",
|
|
461
|
+
"permission": {
|
|
462
|
+
"read": {
|
|
463
|
+
"*": "deny",
|
|
464
|
+
"docs/reports/**": "allow"
|
|
465
|
+
},
|
|
466
|
+
"glob": "deny",
|
|
467
|
+
"grep": "deny",
|
|
468
|
+
"edit": {
|
|
469
|
+
"*": "deny",
|
|
470
|
+
"docs/reports/**": "allow"
|
|
471
|
+
},
|
|
472
|
+
"write": {
|
|
473
|
+
"*": "deny",
|
|
474
|
+
"docs/reports/**": "allow"
|
|
475
|
+
},
|
|
476
|
+
"bash": "deny",
|
|
477
|
+
"task": "deny"
|
|
478
|
+
}
|
|
479
|
+
}
|
|
480
|
+
}
|
|
481
|
+
}
|