npm - thoth-agents - Versions diffs - 0.2.0 → 0.2.1 - Mend

thoth-agents 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/{chunk-WH3F3GWE.js → chunk-FRZZ25ND.js} +4 -15
package/dist/cli/index.js +1 -1
package/dist/cli/tui/index.js +1 -1
package/package.json +1 -1

package/dist/{chunk-WH3F3GWE.js → chunk-FRZZ25ND.js} RENAMED Viewed

@@ -2462,12 +2462,6 @@ var CLAUDE_CODE_SUBAGENT_DEFAULT_MODELS = {
   quick: "haiku",
   deep: "sonnet"
 };
-var READ_ONLY_ROLE_TOOLS = {
-  explorer: "Read, Grep, Glob",
-  librarian: "Read, Grep, Glob, WebSearch, WebFetch",
-  oracle: "Read, Grep, Glob"
-};
-var WRITE_CAPABLE_ROLE_TOOLS = "Read, Edit, Write, Bash, Grep, Glob";
 function isClaudeCodeSubagentName(name) {
   return name in CLAUDE_CODE_SUBAGENT_DEFAULT_MODELS;
 }
@@ -2477,10 +2471,6 @@ function getClaudeCodeAgentModel(role, config) {
   if (override && isClaudeCodeModel(override)) return override;
   return CLAUDE_CODE_SUBAGENT_DEFAULT_MODELS[role.name];
 }
-function toolsForRole(role) {
-  if (role.canMutateWorkspace) return WRITE_CAPABLE_ROLE_TOOLS;
-  return READ_ONLY_ROLE_TOOLS[role.name] ?? "Read, Grep, Glob";
-}
 function claudeCodePromptSections(roleName) {
   switch (roleName) {
     case "orchestrator":
@@ -2532,7 +2522,7 @@ function claudeCodeRoleInstructions(role) {
     `- Responsibility: ${role.responsibility}`,
     "- Use AskUserQuestion for local blocking decisions.",
     `- ${role.name} runs as an auto-discovered Claude Code plugin subagent invoked via Task(subagent_type: ${claudeCodeSubagentType(role.name)}); plugin subagents are namespaced with the plugin name. The orchestrator is the main Claude Code session.`,
-    "- Role permissions are enforced by this subagent's frontmatter `tools` allowlist; read-only roles cannot mutate the workspace.",
+    "- This subagent inherits ALL of the main thread's tools, including MCP servers (thoth-mem, context7, exa, grep_app); read-only roles (explorer, librarian, oracle) MUST NOT mutate the workspace per this operational contract (instruction-level, not tooling-enforced).",
     ...role.toolGovernance.map((rule) => `- ${rule}`),
     ...role.verification.map((rule) => `- ${rule}`),
     "</role-operational-contract>"
@@ -2566,7 +2556,7 @@ function renderClaudeCodeRootInstructions(config) {
     '- Before delegating after meaningful context changes, refresh the handoff body with root-owned mem_session(action="summary") or mem_save(kind="session_summary") when available.',
     "- Use AskUserQuestion for blocking user decisions; do not ask those questions in plain prose.",
     "- Track progress with TodoWrite; subagents do not own progress checkboxes or root-only memory.",
-    "- Role permissions are enforced at runtime by each subagent's frontmatter `tools` allowlist.",
+    "- Subagents inherit all of your tools (including MCP servers); role permissions are instruction-level, so read-only roles (explorer, librarian, oracle) must not mutate the workspace per their operational contract.",
     "</claude-code-runtime>"
   ].join("\n");
 }
@@ -2622,7 +2612,6 @@ function renderSubagentArtifacts(config) {
     const content = renderClaudeCodeSubagent({
       name: role.name,
       description: role.responsibility,
-      tools: toolsForRole(role),
       model: getClaudeCodeAgentModel(role, config),
       instructions: roleInstructions2(role, config)
     });
@@ -2835,7 +2824,7 @@ function buildClaudeCodeSetupPlan(config) {
     ],
     disclaimers: [
       "The orchestrator agent is the Claude Code main thread (plugin settings.json `agent` key); while enabled it replaces the default system prompt for every session in scope.",
-      "Role permissions are enforced by each specialist subagent frontmatter `tools` allowlist; the orchestrator inherits all tools.",
+      "Every subagent inherits all main-thread tools, including MCP servers; read-only roles must not mutate the workspace per their operational contract (instruction-level, not tooling-enforced).",
       "Subagent models accept only sonnet, opus, haiku, or inherit.",
       "User-scope skills-directory plugins load hooks and MCP servers without extra approval; project-scope requires accepting the workspace trust dialog."
     ]
@@ -3025,7 +3014,7 @@ function claudeCodeConfig(context = { cwd: process.cwd() }, dryRun) {
 function claudeCodeDisclaimers() {
   return [
     {
-      message: "Role permissions are enforced by subagent frontmatter tools; the orchestrator is the main session, injected via the SessionStart hook.",
+      message: "Subagents inherit all main-thread tools (including MCP servers); read-only roles must not mutate the workspace per their operational contract (instruction-level, not tooling-enforced). The orchestrator is the main session.",
       code: "claude-code-first-class"
     },
     {

package/dist/cli/index.js CHANGED Viewed

@@ -36,7 +36,7 @@ import {
   getOperationHarness,
   installRecommendedSkill,
   listOperationHarnesses
-} from "../chunk-WH3F3GWE.js";
+} from "../chunk-FRZZ25ND.js";
 import {
   ALL_AGENT_NAMES,
   CUSTOM_SKILLS,

package/dist/cli/tui/index.js CHANGED Viewed

@@ -25,7 +25,7 @@ import {
   listOperationHarnesses,
   parseRoleTomlModel,
   parseSubagentModel
-} from "../../chunk-WH3F3GWE.js";
+} from "../../chunk-FRZZ25ND.js";
 import {
   ALL_AGENT_NAMES,
   DEFAULT_MODELS,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "thoth-agents",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "Delegate-first OpenCode plugin with seven agents, thoth-mem persistence, and bundled SDD skills.",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",