disinto/vault/AGENTS.md

<!-- last-reviewed: 80a64cd3e4d2836bfab3c46230a780e3e233125d -->
# Vault Agent

**Role**: Safety gate for dangerous or irreversible actions. Actions enter a
pending queue and are classified by Claude via `vault-agent.sh`, which can
auto-approve (call `vault-fire.sh` directly), auto-reject (call
`vault-reject.sh`), or escalate to a human via Matrix for APPROVE/REJECT.

**Trigger**: `vault-poll.sh` runs every 30 min via cron.

**Key files**:
- `vault/vault-poll.sh` — Processes pending actions: retry approved, auto-reject after 48h timeout, invoke vault-agent for new items
- `vault/vault-agent.sh` — Classifies and routes pending actions via `claude -p`: auto-approve, auto-reject, or escalate to human
- `vault/PROMPT.md` — System prompt for the vault agent's Claude invocation
- `vault/vault-fire.sh` — Executes an approved action
- `vault/vault-reject.sh` — Marks an action as rejected

**Environment variables consumed**:
- All from `lib/env.sh`
- `MATRIX_TOKEN`, `MATRIX_ROOM_ID`, `MATRIX_HOMESERVER` — Escalation channel
chore: gardener housekeeping 2026-03-21 2026-03-21 18:07:37 +00:00			`<!-- last-reviewed: 80a64cd3e4d2836bfab3c46230a780e3e233125d -->`
chore: gardener housekeeping 2026-03-21 Progressive disclosure split of AGENTS.md (487→152 lines): - Extracted per-directory AGENTS.md files for all 8 agents + lib/ - Root AGENTS.md now serves as a table of contents with summary table - All watermarks updated to 16e430e Grooming results: - Promoted #469 (WATCH flow missing curl) and #436 (idle_pane_count bug) to backlog - 12 dust items classified, no groups ripe for bundling yet - No blocked issues, no AD violations 2026-03-21 12:44:23 +00:00			`# Vault Agent`

			`Role: Safety gate for dangerous or irreversible actions. Actions enter a`
			pending queue and are classified by Claude via `vault-agent.sh`, which can
			auto-approve (call `vault-fire.sh` directly), auto-reject (call
			`vault-reject.sh`), or escalate to a human via Matrix for APPROVE/REJECT.

			Trigger: `vault-poll.sh` runs every 30 min via cron.

			`Key files:`
			- `vault/vault-poll.sh` — Processes pending actions: retry approved, auto-reject after 48h timeout, invoke vault-agent for new items
			- `vault/vault-agent.sh` — Classifies and routes pending actions via `claude -p`: auto-approve, auto-reject, or escalate to human
			- `vault/PROMPT.md` — System prompt for the vault agent's Claude invocation
			- `vault/vault-fire.sh` — Executes an approved action
			- `vault/vault-reject.sh` — Marks an action as rejected

			`Environment variables consumed:`
			- All from `lib/env.sh`
			- `MATRIX_TOKEN`, `MATRIX_ROOM_ID`, `MATRIX_HOMESERVER` — Escalation channel