fix: feat: vault as procurement gate + RESOURCES.md capability inventory (#504)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
openhands
parent
2674eebbd6
commit
05f787eb03
6 changed files with 282 additions and 53 deletions
|
|
@ -1,19 +1,35 @@
|
|||
<!-- last-reviewed: 80a64cd3e4d2836bfab3c46230a780e3e233125d -->
|
||||
# Vault Agent
|
||||
|
||||
**Role**: Safety gate for dangerous or irreversible actions. Actions enter a
|
||||
pending queue and are classified by Claude via `vault-agent.sh`, which can
|
||||
auto-approve (call `vault-fire.sh` directly), auto-reject (call
|
||||
`vault-reject.sh`), or escalate to a human via Matrix for APPROVE/REJECT.
|
||||
**Role**: Dual-purpose gate — action safety classification and resource procurement.
|
||||
|
||||
**Pipeline A — Action Gating (*.json)**: Actions enter a pending queue and are
|
||||
classified by Claude via `vault-agent.sh`, which can auto-approve (call
|
||||
`vault-fire.sh` directly), auto-reject (call `vault-reject.sh`), or escalate
|
||||
to a human via Matrix for APPROVE/REJECT.
|
||||
|
||||
**Pipeline B — Procurement (*.md)**: The planner files resource requests as
|
||||
markdown files in `vault/pending/`. `vault-poll.sh` notifies the human via
|
||||
Matrix. The human fulfills the request (creates accounts, provisions infra,
|
||||
adds secrets to `.env`) and moves the file to `vault/approved/`.
|
||||
`vault-fire.sh` then extracts the proposed entry and appends it to
|
||||
`RESOURCES.md`.
|
||||
|
||||
**Trigger**: `vault-poll.sh` runs every 30 min via cron.
|
||||
|
||||
**Key files**:
|
||||
- `vault/vault-poll.sh` — Processes pending actions: retry approved, auto-reject after 48h timeout, invoke vault-agent for new items
|
||||
- `vault/vault-agent.sh` — Classifies and routes pending actions via `claude -p`: auto-approve, auto-reject, or escalate to human
|
||||
- `vault/vault-poll.sh` — Processes pending items: retry approved, auto-reject after 48h timeout, invoke vault-agent for JSON actions, notify human for procurement requests
|
||||
- `vault/vault-agent.sh` — Classifies and routes pending JSON actions via `claude -p`: auto-approve, auto-reject, or escalate to human
|
||||
- `vault/PROMPT.md` — System prompt for the vault agent's Claude invocation
|
||||
- `vault/vault-fire.sh` — Executes an approved action
|
||||
- `vault/vault-reject.sh` — Marks an action as rejected
|
||||
- `vault/vault-fire.sh` — Executes an approved action (JSON) or writes RESOURCES.md entry (procurement MD)
|
||||
- `vault/vault-reject.sh` — Marks a JSON action as rejected
|
||||
|
||||
**Procurement flow**:
|
||||
1. Planner drops `vault/pending/<name>.md` with what/why/proposed RESOURCES.md entry
|
||||
2. `vault-poll.sh` notifies human via Matrix
|
||||
3. Human fulfills: creates account, adds secrets to `.env`, moves file to `vault/approved/`
|
||||
4. `vault-fire.sh` extracts proposed entry, appends to RESOURCES.md, moves to `vault/fired/`
|
||||
5. Next planner run reads RESOURCES.md → new capability available → unblocks prerequisite tree
|
||||
|
||||
**Environment variables consumed**:
|
||||
- All from `lib/env.sh`
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue