connectonion 0.6.3__py3-none-any.whl → 0.6.5__py3-none-any.whl

connectonion/__init__.py

@@ -10,7 +10,7 @@ LLM-Note:
 ConnectOnion - A simple agent framework with behavior tracking.
 """
 
-__version__ = "0.6.3"
+__version__ = "0.6.5"
 
 # Auto-load .env files for the entire framework
 from dotenv import load_dotenv

connectonion/cli/co_ai/agent.py

@@ -12,9 +12,9 @@ from .tools import (
     load_guide,
 )
 from .skills import skill
-from .plugins import reminder_plugin
+from .plugins import system_reminder
 from connectonion import Agent, bash, after_user_input, FileWriter, MODE_AUTO, MODE_NORMAL, TodoList
-from connectonion.useful_plugins import re_act, eval
+from connectonion.useful_plugins import eval, tool_approval
 
 
 PROMPTS_DIR = Path(__file__).parent / "prompts"
@@ -71,7 +71,7 @@ def create_coding_agent(
     if project_context:
         system_prompt += f"\n\n---\n\n{project_context}"
 
-    plugins = [re_act, eval, reminder_plugin]
+    plugins = [eval, system_reminder, tool_approval]
 
     agent = Agent(
         name="oo",

connectonion/cli/co_ai/main.py

@@ -47,6 +47,6 @@ def start_server(
             web_mode=True,
         )
 
-    # Start server with open trust (no auth required)
+    # Start server with careful trust (requires invite code or payment for strangers)
     # relay_url=None disables P2P discovery
-    host(agent_factory, port=port, trust="open", relay_url=None)
+    host(agent_factory, port=port, trust="careful", relay_url=None)

connectonion/cli/co_ai/plugins/__init__.py

@@ -1,6 +1,5 @@
 """OO Agent plugins."""
 
-from .shell_approval import shell_approval
-from .reminder import reminder_plugin
+from .system_reminder import system_reminder
 
-__all__ = ['shell_approval', 'reminder_plugin']
+__all__ = ['system_reminder']

connectonion/cli/co_ai/plugins/system_reminder.py

@@ -0,0 +1,154 @@
+"""
+System Reminder Plugin - Injects contextual guidance based on intent and tool usage.
+
+Two triggers:
+1. after_user_input: Detect intent (coding, agent creation) and inject relevant reminder
+2. after_each_tool: Inject reminder based on tool usage
+
+Usage:
+    from connectonion.cli.co_ai.plugins.system_reminder import system_reminder
+
+    agent = Agent("coder", plugins=[system_reminder])
+"""
+
+from pathlib import Path
+import fnmatch
+from typing import TYPE_CHECKING
+
+from connectonion.core.events import after_each_tool, after_user_input
+from connectonion.llm_do import llm_do
+
+if TYPE_CHECKING:
+    from connectonion.core.agent import Agent
+
+# Default reminders directory
+REMINDERS_DIR = Path(__file__).parent.parent / "prompts" / "system-reminders"
+
+# Intent detection prompt
+INTENT_PROMPT = """Analyze the user's request.
+
+User request: {user_prompt}
+
+Is this about building software, creating agents, writing code, or automation?
+Respond with ONE word only: "build" or "other"
+
+One word only:"""
+
+
+def _parse_frontmatter(text):
+    """Parse YAML frontmatter from markdown."""
+    if not text.startswith('---'):
+        return {}, text
+    parts = text.split('---', 2)
+    if len(parts) < 3:
+        return {}, text
+    import yaml
+    return yaml.safe_load(parts[1]) or {}, parts[2].strip()
+
+
+def _load_reminders(reminders_dir):
+    """Load all .md reminder files from directory."""
+    reminders_dir = Path(reminders_dir)
+    if not reminders_dir.exists():
+        return {}
+    reminders = {}
+    for f in reminders_dir.glob("*.md"):
+        meta, body = _parse_frontmatter(f.read_text())
+        if meta.get('name'):
+            reminders[meta['name']] = {
+                'content': body,
+                'triggers': meta.get('triggers', []),
+                'intent': meta.get('intent'),  # New: intent-based trigger
+            }
+    return reminders
+
+
+def _matches_pattern(pattern, value):
+    """Check if value matches glob pattern(s)."""
+    if not pattern or not value:
+        return False
+    patterns = [pattern] if isinstance(pattern, str) else pattern
+    return any(fnmatch.fnmatch(value, p) for p in patterns)
+
+
+def _find_tool_reminder(reminders, tool_name, args):
+    """Find matching reminder for tool usage."""
+    for reminder in reminders.values():
+        for trigger in reminder['triggers']:
+            if trigger.get('tool') and trigger['tool'] != tool_name:
+                continue
+            if trigger.get('path_pattern'):
+                path = args.get('path') or args.get('file_path', '')
+                if not _matches_pattern(trigger['path_pattern'], path):
+                    continue
+            if trigger.get('command_pattern'):
+                cmd = args.get('command') or args.get('cmd', '')
+                if not _matches_pattern(trigger['command_pattern'], cmd):
+                    continue
+            # All conditions matched
+            content = reminder['content']
+            path = args.get('path') or args.get('file_path', '')
+            return content.replace('${file_path}', path).replace('${tool_name}', tool_name)
+    return None
+
+
+def _find_intent_reminder(reminders, intent):
+    """Find matching reminder for detected intent."""
+    for reminder in reminders.values():
+        if reminder.get('intent') == intent:
+            return reminder['content']
+    return None
+
+
+# Load reminders once at import
+_REMINDERS = _load_reminders(REMINDERS_DIR)
+
+
+@after_user_input
+def detect_intent(agent: 'Agent') -> None:
+    """Detect user intent and inject relevant system reminder."""
+    user_prompt = agent.current_session.get('user_prompt', '')
+    if not user_prompt:
+        return
+
+    # Use llm_do to detect intent
+    intent = llm_do(
+        INTENT_PROMPT.format(user_prompt=user_prompt),
+        model="co/gemini-2.5-flash",
+        temperature=0,
+    ).strip().lower()
+
+    # Store intent in session
+    agent.current_session['intent'] = intent
+
+    # Find and inject intent-based reminder
+    content = _find_intent_reminder(_REMINDERS, intent)
+    if content:
+        agent.current_session['messages'].append({
+            'role': 'user',
+            'content': f"\n\n{content}"
+        })
+
+
+@after_each_tool
+def inject_tool_reminder(agent: 'Agent') -> None:
+    """Inject matching system reminder into tool result."""
+    trace = agent.current_session.get('trace', [])
+    messages = agent.current_session.get('messages', [])
+    if not trace or not messages:
+        return
+
+    last = trace[-1]
+    if last.get('type') != 'tool_result':
+        return
+
+    content = _find_tool_reminder(_REMINDERS, last.get('name', ''), last.get('args', {}))
+    if content:
+        for msg in reversed(messages):
+            if msg.get('role') == 'tool':
+                msg['content'] = msg.get('content', '') + '\n\n' + content
+                break
+
+
+# Export plugin
+system_reminder = [detect_intent, inject_tool_reminder]

connectonion/cli/co_ai/prompts/connectonion/concepts/trust.md

@@ -1,291 +1,249 @@
 # Trust in ConnectOnion
 
-The `trust` parameter provides flexible, bidirectional trust configuration for agent interactions.
+Trust is a **host layer** concern that controls who can access your agent. It manages onboarding, access control, and client state transitions.
 
 ## Quick Start
 
 ```python
-from connectonion import Agent, need
-
-# Simple trust levels
-translator = need("translate", trust="strict")   # Production: verified only
-analyzer = need("analyze", trust="tested")       # Default: test first
-scraper = need("scrape", trust="open")          # Development: trust all
-
-# For your own agent
-agent = Agent(
-    name="my_service",
-    tools=[process_data],
-    trust="strict"  # Who can use my services
-)
+from connectonion import Agent
+from connectonion.network import host
+
+# Create your agent (no trust here - agent only cares about its job)
+agent = Agent("my_service", tools=[process_data])
+
+# Host it with trust (trust is a host concern)
+host(agent, trust="careful")  # Default: verify before allowing access
 ```
 
-## Three Forms of Trust
+## Core Concepts
 
-### 1. Trust Levels (String)
+### Separation of Concerns
 
-Simple predefined levels for common scenarios:
+| Layer | Responsibility |
+|-------|----------------|
+| **Agent** | What it does (skills, tools, reasoning) |
+| **Host** | How it's accessed (network, trust, security) |
 
 ```python
-# Development - trust everyone
-agent = need("service", trust="open")
+# Agent is pure - only cares about its job
+agent = Agent("translator", tools=[translate])
 
-# Default - test before trusting
-agent = need("service", trust="tested")
-
-# Production - only verified/whitelisted
-agent = need("service", trust="strict")
+# Trust is configured at host level
+host(agent, trust="open")     # Dev: trust everyone
+host(agent, trust="careful")  # Staging: verify first
+host(agent, trust="strict")   # Prod: whitelist only
 ```
 
-### 2. Trust Policy (Natural Language)
+### Two-Tier Verification
 
-Express complex requirements in plain English:
+| Type | Tokens | When to Use |
+|------|--------|-------------|
+| **Fast Rules** | Zero | Simple checks (invite code, payment, whitelist) |
+| **Trust Agent** | Burns tokens | Complex decisions (behavior analysis, edge cases) |
 
-```python
-# Inline policy
-translator = need("translate", trust="""
-    I trust agents that:
-    - Pass capability tests
-    - Respond within 500ms
-    - Are on my whitelist OR from local network
-""")
-
-# From file
-translator = need("translate", trust="./trust_policy.md")
-```
+90% of requests use fast rules (instant, free). 10% use trust agent (LLM reasoning, rare).
 
-Example trust policy file:
-```markdown
-# My Trust Requirements
+## Trust Levels
 
-I trust agents that meet ALL of these criteria:
-- Successfully translate "Hello" to "Hola"
-- Respond in less than 1 second
-- Have processed at least 10 requests successfully
+### Open (Development)
 
-I immediately reject agents that:
-- Fail basic capability tests
-- Take longer than 5 seconds
-- Are on my blacklist
-```
+Trust everyone. No verification.
 
-### 3. Trust Agent
+```python
+host(agent, trust="open")
+```
 
-For maximum control, use a custom trust agent:
+Use for: Local development, Jupyter notebooks, testing.
 
-```python
-# Create a trust agent with verification tools
-trust_agent = Agent(
-    name="my_guardian",
-    tools=[
-        check_whitelist,
-        verify_capability,
-        measure_response_time,
-        check_reputation
-    ],
-    system_prompt="""
-        You verify other agents before allowing interaction.
-        Be strict with payment processors, relaxed with read-only services.
-    """
-)
+### Careful (Default)
 
-# Use it for your agent
-my_agent = Agent(
-    name="my_service",
-    tools=[process_payment],
-    trust=trust_agent  # My guardian protects me
-)
+Verify strangers before granting access. Fast rules first, then trust agent for complex cases.
 
-# And for discovering services
-payment = need("payment processor", trust=trust_agent)
+```python
+host(agent, trust="careful")
 ```
 
-## Bidirectional Trust
+Use for: Staging, testing, pre-production.
+
+### Strict (Production)
 
-The same `trust` parameter works in both directions:
+Whitelist only. No exceptions.
 
 ```python
-# As a SERVICE provider (who can use me?)
-alice_agent = Agent(
-    name="alice_translator",
-    tools=[translate],
-    trust="tested"  # Users must pass my tests
-)
+host(agent, trust="strict")
+```
+
+Use for: Production, sensitive data, payments.
 
-# As a SERVICE consumer (who do I trust?)
-translator = need("translate", trust="strict")  # I only use verified services
+## Client States
 
-# Both trust requirements must be satisfied for interaction!
 ```
+Promotion Chain (earned trust):
 
-## Trust Flow Example
+┌─────────────┐   verify    ┌─────────────┐  earn trust  ┌─────────────┐
+│  Stranger   │ ──────────► │   Contact   │ ───────────► │  Whitelist  │
+└─────────────┘             └─────────────┘              └─────────────┘
+      │                           │                            │
+      │ block                     │ demote                     │ demote
+      ▼                           ▼                            ▼
+┌─────────────┐             ┌─────────────┐              ┌─────────────┐
+│  Blocklist  │             │  Stranger   │              │   Contact   │
+└─────────────┘             └─────────────┘              └─────────────┘
 
-```python
-# Alice creates a translation service
-alice = Agent(
-    name="alice_translator",
-    tools=[translate],
-    trust="tested"  # Test users before serving them
-)
-share(alice)
 
-# Bob looks for a translator
-translator = need(
-    "translate to Spanish",
-    trust="strict"  # Bob only uses verified services
-)
+Admin (separate, manual only):
 
-# What happens:
-# 1. Bob's trust agent evaluates Alice (strict check)
-# 2. Alice's trust agent evaluates Bob (test required)
-# 3. Both must approve for connection to succeed
+┌─────────────┐  set_admin()   ┌─────────────┐
+│  Any Level  │ ─────────────► │    Admin    │
+└─────────────┘                └─────────────┘
+                                     │
+                               remove_admin()
+                                     │
+                                     ▼
+                               ┌─────────────┐
+                               │  Previous   │
+                               └─────────────┘
 ```
 
-## Environment-Based Defaults
-
-ConnectOnion automatically adjusts trust based on environment:
+### Client Levels
 
-```python
-# No trust parameter needed - auto-detected!
-translator = need("translate")
+| Level | Description | Access |
+|-------|-------------|--------|
+| **Stranger** | Unknown client, not verified | Limited or none |
+| **Contact** | Verified via invite/payment | Standard access |
+| **Whitelist** | Trusted, pre-approved | Full access |
+| **Admin** | Can manage other clients | Full access + management |
+| **Blocklist** | Blocked, denied access | No access |
 
-# In development (localhost, Jupyter)
-# → Defaults to trust="open"
+## Trust Policy Files
 
-# In test files (test_*.py)
-# → Defaults to trust="tested"
+Trust policies are markdown files with YAML frontmatter. YAML defines fast rules (no tokens), markdown body defines trust agent behavior (for complex decisions).
 
-# In production
-# → Defaults to trust="strict"
+```yaml
+# prompts/trust/careful.md
+---
+fast_rules:
+  - if: has_invite_code
+    action: verify_invite
+    on_success: promote_to_contact
 
-# Override when needed
-translator = need("translate", trust="open")  # Force open even in production
-```
+  - if: is_blocked
+    action: deny
 
-## Trust Functions
+  - if: is_whitelist
+    action: allow
 
-Trust agents use composable functions:
+  - if: is_stranger
+    action: deny
 
-```python
-# Basic trust functions (provided by ConnectOnion)
-def check_whitelist(agent_id: str) -> bool:
-    """Check if agent is whitelisted"""
-    
-def test_capability(agent, test_input, expected) -> bool:
-    """Test if agent produces expected output"""
-    
-def measure_response_time(agent, timeout_ms) -> float:
-    """Measure agent response time"""
-    
-def check_local_network(agent_ip: str) -> bool:
-    """Check if agent is on local network"""
-
-# Combine in your trust agent
-my_trust = Agent(
-    name="guardian",
-    tools=[
-        check_whitelist,
-        test_capability,
-        measure_response_time,
-        check_local_network
-    ]
-)
-```
+use_agent:
+  - when: requests > 10
+    reason: "Evaluate for promotion"
 
-## Whitelist Management
+cache: 24h
+---
 
-Simple text file at `~/.connectonion/trusted.txt`:
+# Trust Agent Policy
 
-```
-translator.api.com
-analyzer.local
-my-company.internal.net
-192.168.1.*
-```
+You handle complex trust decisions.
 
-Edit with any text editor or programmatically:
+## Available Tools
+- promote_to_contact(client_id)
+- block(client_id, reason)
 
-```python
-# Add to whitelist
-with open("~/.connectonion/trusted.txt", "a") as f:
-    f.write("new-service.com\n")
+## When to Promote
+Promote stranger to contact when:
+- 10+ requests with good behavior
+- No suspicious patterns
 ```
 
-## Progressive Trust Building
+## Atomic Functions
 
-Trust grows through successful interactions:
+Trust manager provides simple atomic functions as tools:
 
 ```python
-# First encounter - requires testing
-translator = need("translate", trust="tested")
-# → Agent is tested before use
+# Promotion (earned)
+promote_to_contact(client_id)    # Stranger → Contact
+promote_to_whitelist(client_id)  # Contact → Whitelist
+
+# Demotion
+demote_to_contact(client_id)     # Whitelist → Contact
+demote_to_stranger(client_id)    # Contact → Stranger
 
-# After successful interactions
-# → Agent automatically added to "verified" list
+# Blocking
+block(client_id, reason)
+unblock(client_id)
 
-# Future encounters
-translator = need("translate", trust="tested")
-# → Skip testing, already verified
+# Admin (manual only)
+set_admin(client_id, by_admin)
+remove_admin(client_id, by_admin)
 ```
 
-## Common Patterns
+## Custom Trust Policies
+
+### Option 1: Use Preset
 
-### Development Mode
 ```python
-# Trust everyone for rapid development
-connectonion.set_default_trust("open")
+host(agent, trust="careful")  # Uses prompts/trust/careful.md
 ```
 
-### Production Mode
+### Option 2: Custom Markdown File
+
 ```python
-# Strict verification for production
-payment = need("payment processor", trust="strict")
-sensitive = need("data processor", trust="strict")
+host(agent, trust="./my_policy.md")
 ```
 
-### Mixed Trust
+### Option 3: Custom TrustAgent
+
 ```python
-# Different trust for different services
-scraper = need("web scraper", trust="open")      # Low risk
-analyzer = need("analyze data", trust="tested")   # Medium risk
-payment = need("process payment", trust="strict") # High risk
+from connectonion.network.trust import TrustAgent
+
+trust = TrustAgent(
+    system_prompt="./my_policy.md",
+    tools=[my_custom_verifier]
+)
+host(agent, trust=trust)
 ```
 
-### Custom Trust Logic
+## Environment-Based Defaults
+
 ```python
-# Trust based on context
-def get_trust_level(service_type):
-    if "payment" in service_type:
-        return "strict"
-    elif "read" in service_type:
-        return "open"
-    else:
-        return "tested"
-
-service = need("read data", trust=get_trust_level("read data"))
+# No trust specified - auto-detected from environment
+host(agent)
+
+# CONNECTONION_ENV=development → trust="open"
+# CONNECTONION_ENV=staging     → trust="careful"
+# CONNECTONION_ENV=production  → trust="strict"
 ```
 
-## Security Best Practices
+## List Management
 
-1. **Production = Strict**: Always use `trust="strict"` in production
-2. **Test Sensitive Operations**: Payment, data modification, etc.
-3. **Whitelist Critical Services**: Manually verify and whitelist
-4. **Monitor Trust Decisions**: Log all trust evaluations
-5. **Regular Audits**: Review whitelist and trust policies
+Trust manager maintains lists at `~/.co/`:
+
+```
+~/.co/
+├── contacts.txt     # Verified contacts
+├── whitelist.txt    # Trusted, pre-approved
+├── admins.txt       # Can manage other clients
+└── blocklist.txt    # Blocked clients
+```
 
 ## FAQ
 
 **Q: What's the default trust level?**
-A: `"tested"` - agents are tested before first use
+A: `"careful"` - verify strangers, allow contacts.
 
-**Q: Can I change trust after agent creation?**
-A: Yes: `agent.trust = new_trust_agent`
+**Q: Do fast rules burn tokens?**
+A: No. Fast rules are simple if/then executed by host. Zero tokens.
 
-**Q: How do trust agents communicate?**
-A: They're regular ConnectOnion agents - they talk naturally
+**Q: When does trust agent run?**
+A: Only when `use_agent` triggers fire (e.g., after 10 requests). Rare.
 
-**Q: What if both agents have strict trust?**
-A: Both requirements must be met - most restrictive wins
+**Q: Can I use the same agent with different trust levels?**
+A: Yes. Trust is host config, not agent config.
 
-**Q: Can I disable trust completely?**
-A: Yes: `trust="open"` accepts everyone without checks
+```python
+# Same agent, different trust
+host(agent, trust="open")    # Dev
+host(agent, trust="strict")  # Prod
+```