johba/disinto
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

fix: remove PROMPT.md files — formulas are the source of truth (#12)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details

Browse source 
- Delete gardener/PROMPT.md (dust-vs-ore rules already in run-gardener.toml)
- Delete supervisor/PROMPT.md (content covered by run-supervisor.toml;
  migrate unique "Learning" section into formula's journal step)
- Delete vault/PROMPT.md and create formulas/run-vault.toml as the
  source-of-truth formula for vault action classification/routing
- Update supervisor/supervisor-poll.sh to read from formula instead of PROMPT.md
- Update vault/vault-agent.sh to read from formula instead of PROMPT.md
- Update supervisor/AGENTS.md, vault/AGENTS.md, README.md references

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Claude 2026-03-28 16:40:21 +00:00
parent 3ce6354f4f
commit aa73ff88c4
10 changed files with 118 additions and 297 deletions
Download patch file Download diff file Expand all files Collapse all files

10
formulas/run-supervisor.toml
View file

@ -241,6 +241,16 @@ run-to-run context so future supervisor runs can detect trends
IMPORTANT: Do NOT commit or push the journal it is a local working file.
The journal directory is committed to git periodically by other agents.
## Learning
If you discover something new during this run, append it to the relevant
knowledge file in the ops repo:
echo "### Lesson title
Description of what you learned." >> "${OPS_REPO_ROOT}/knowledge/<file>.md"
Knowledge files: memory.md, disk.md, ci.md, forge.md, dev-agent.md,
review-agent.md, git.md.
After writing the journal, write the phase signal:
echo 'PHASE:done' > "$PHASE_FILE"
"""

104
formulas/run-vault.toml Normal file
View file

@ -0,0 +1,104 @@
# formulas/run-vault.toml — Vault agent formula (action gating + classification)
#
# Source of truth for the vault agent's classification and routing logic.
# Used by vault/vault-agent.sh via claude -p when pending actions exist.
#
# The vault handles two kinds of items:
# A. Action Gating (*.json) — classified and routed by this formula
# B. Procurement Requests (*.md) — handled by vault-poll.sh + human
#
# This formula covers Pipeline A only.
name = "run-vault"
description = "Vault action gating: classify pending actions, route by risk"
version = 1
model = "sonnet"
[context]
files = ["AGENTS.md"]
[[steps]]
id = "classify-and-route"
title = "Classify and route all pending vault actions"
description = """
You are the vault agent. For each pending JSON action, decide:
**auto-approve**, **escalate**, or **reject**.
## Two Pipelines
### A. Action Gating (*.json)
Actions from agents that need safety classification before execution.
You classify and route these: auto-approve, escalate, or reject.
### B. Procurement Requests (*.md)
Resource requests from the planner. These always escalate to the human
you do NOT auto-approve or reject procurement requests. The human fulfills
the request (creates accounts, provisions infra, adds secrets to .env)
and moves the file from $OPS_REPO_ROOT/vault/pending/ to $OPS_REPO_ROOT/vault/approved/.
vault-fire.sh then writes the RESOURCES.md entry.
## Routing Table (risk x reversibility)
| Risk | Reversible | Route |
|----------|------------|---------------------------------------------|
| low | true | auto-approve -> fire immediately |
| low | false | auto-approve -> fire, log prominently |
| medium | true | auto-approve -> fire, notify via vault/forge |
| medium | false | escalate via vault/forge -> wait for human reply |
| high | any | always escalate -> wait for human reply |
## Rules
1. **Never lower risk.** You may override the source agent's self-assessed
risk *upward*, never downward. If a blog-post looks like it contains
pricing claims, bump it to medium or high.
2. **requires_human: true always escalates.** Regardless of risk level.
3. **Unknown action types -> reject** with reason unknown_type.
4. **Malformed JSON -> reject** with reason malformed.
5. **Payload validation:** Check that the payload has the minimum required
fields for the action type. Missing fields -> reject with reason.
6. **Procurement requests (*.md) -> skip.** These are handled by the human
directly. Do not attempt to classify, approve, or reject them.
## Action Type Defaults
| Type | Default Risk | Default Reversible |
|------------------|-------------|-------------------|
| blog-post | low | yes |
| social-post | medium | yes |
| email-blast | high | no |
| pricing-change | high | partial |
| dns-change | high | partial |
| webhook-call | medium | depends |
| stripe-charge | high | no |
## Available Tools
You have shell access. Use these for routing decisions:
source ${FACTORY_ROOT}/lib/env.sh
### Auto-approve and fire
bash ${FACTORY_ROOT}/vault/vault-fire.sh <action-id>
### Escalate
echo "PHASE:escalate" > "$PHASE_FILE"
### Reject
bash ${FACTORY_ROOT}/vault/vault-reject.sh <action-id> "<reason>"
## Output Format
After processing each action, print exactly:
ROUTE: <action-id> -> <auto-approve|escalate|reject> -- <reason>
## Important
- Process ALL pending JSON actions in the batch. Never skip silently.
- For auto-approved actions, fire them immediately via vault-fire.sh.
- For escalated actions, move to $OPS_REPO_ROOT/vault/approved/ only AFTER human approval.
- Read the action JSON carefully. Check the payload, not just the metadata.
- Ignore .md files in pending/ -- those are procurement requests handled
separately by vault-poll.sh and the human.
"""