High: verify rebase push now targets Forge remote, not local origin
High/Security: planPath sanitises ID via filepath.Base to prevent
path traversal in plan read/update/delete
Medium: mirror compares and pushes local default branch, not HEAD
Findings 3-6 verified as false positives/known issues (bridge async
by design, API returns top-level memories not {data:...}, inbox uses
{messages:...} confirmed against live API).
Co-Authored-By: Virgil <virgil@lethean.io>
Medium: remote dispatch now propagates inner dispatchOut.Success
instead of hardcoding true.
Low: updateStatus clears stale question field when new state
has no question, preventing leftover rejection messages.
Co-Authored-By: Virgil <virgil@lethean.io>
High/Security: sanitise input.Repo via filepath.Base to prevent
path traversal in workspace prep (../escape from CODE_PATH).
High/Security: sanitise repo.Repo from API response in syncRepos
to prevent path traversal via crafted checkin responses.
Medium: dispatchFixFromQueue now returns error, review_queue checks
success before recording fix_dispatched.
Known issues updated with async bridge provider findings.
Co-Authored-By: Virgil <virgil@lethean.io>
High: workspace names use UnixNano to prevent same-second collisions
High: sync only pulls the branch the server reported (was pulling current)
Medium: drainQueue serialised via mutex to prevent concurrent over-dispatch
Medium: remote_status checks JSON-RPC error field before reporting success
Medium: dead agent PIDs without output log marked failed, not completed
Low: detectLanguage uses ordered slice instead of map for deterministic results
Also: URL-encoded agent names in messaging, monitor inbox, and sync endpoints.
Co-Authored-By: Virgil <virgil@lethean.io>
- harvest: message says 'ready-for-review' not 'pushed'
- sync: timestamp advanced after pulls, not before
- sync: accepts main/master/reported branch, not just main
- inbox: checks CORE_BRAIN_KEY env before falling back to file
- inbox: parses 'from' not 'from_agent', 'messages' not 'data'
- queue: strips variant suffix for rate limit lookup (claude:opus → claude)
- review_queue: respects ReviewQueueInput.Reviewer instead of hardcoding coderabbit
- tests: updated to match real API response structure
Co-Authored-By: Virgil <virgil@lethean.io>
High: harvest no longer hardcodes 'main' — detects default branch
via symbolic-ref/rev-parse fallback. Repos with master/other
default branches are now harvested correctly.
High: empty task no longer produces invalid 'agent/' branch name.
Falls back to issue-N or work-timestamp. Branch creation errors
are now surfaced instead of silently ignored.
High: PHP verification no longer returns passed:true when no test
runner exists. Untested PHP repos correctly fail verification.
(brain/direct.go findings 5-6 verified as false positives — API
returns top-level keys, not {data: ...} envelope)
Co-Authored-By: Virgil <virgil@lethean.io>
High: Fix missed-notification bug — track completions by workspace
name instead of count, so harvest status rewrites don't suppress
future notifications. Also tracks blocked/failed terminal states.
High: Safety gate fail-closed — check ALL changed files (not just
added), reject on git diff failure instead of proceeding.
Medium: emitCompletionEvent now passes actual status (completed,
failed, blocked) instead of hardcoding "completed".
Medium/AX: Harvest no longer auto-pushes to source repos. Sets
status to ready-for-review only — pushing happens during explicit
review, not silently in the background.
Co-Authored-By: Virgil <virgil@lethean.io>
- Module path: dappco.re/go/agent
- Core import: dappco.re/go/core v0.4.7
- Process service re-enabled with new Core API
- Plugin bumped to v0.11.0
- Directory flattened from go/ to root
Co-Authored-By: Virgil <virgil@lethean.io>
Extract 4 hardcoded templates from prep.go raw strings into
pkg/prompts/lib/templates/ as markdown files:
- coding.md — main coding template with closeout sequence
- conventions.md — convention audit (report only)
- security.md — security review
- verify.md — PR verification
- default.md — fallback
prep.go now calls prompts.Template("coding") instead of
maintaining 120 lines of raw Go string literals.
Backticks now work properly in templates — no more
concatenation hacks for inline code formatting.
Co-Authored-By: Virgil <virgil@lethean.io>
engineering/engineering-security-engineer.md → engineering/security-engineer.md
testing/testing-api-tester.md → testing/api-tester.md
etc. across all 68 persona files.
Path is now: prompts.Persona("engineering/security-engineer")
Folder provides the namespace, filename provides the role.
Co-Authored-By: Virgil <virgil@lethean.io>
Dispatched agents must now run a 4-pass polish cycle before committing:
1. Self-review (conventions, nil pointers, hardcoded paths)
2. Build + test (fix failures, add tests for critical paths)
3. Simplify (consolidate, deduplicate, reduce complexity)
4. Final check (build clean → commit)
This captures the review→fix→simplify→re-review flow that produces
polished code. Goal: CodeRabbit finds zero issues on agent output.
Co-Authored-By: Virgil <virgil@lethean.io>
- orchestrator: queue dir uses CoreRoot()/queue
- cmd/agent: queue dir resolved by config, not hardcoded
- cmd/workspace: specs path uses ~/Code/specs (no host-uk)
- Zero remaining /home/claude or host-uk references in Go
Co-Authored-By: Virgil <virgil@lethean.io>
Config now found at:
1. ~/Code/.core/agents.yaml (shared, portable)
2. ~/Code/core/agent/config/agents.yaml (repo fallback)
Both Cladius and Charon find the same config.
Co-Authored-By: Virgil <virgil@lethean.io>
- Add paths.go with WorkspaceRoot(), CoreRoot(), PlansRoot()
- All workspace paths now check CORE_WORKSPACE env var first
- Fallback: ~/Code/.core/workspace (works on any machine)
- Remove committed core-agent and mcp binaries from tracking
- Add .gitignore for compiled binaries
Co-Authored-By: Virgil <virgil@lethean.io>
proc.Wait() hangs when Claude Code's child processes inherit pipes.
Added PID polling every 5s — when the main process is dead (Signal(0)
fails), force completion even if pipes are still open.
Fixes: empty agent logs, missing completion events, stuck queue drain.
Co-Authored-By: Virgil <virgil@lethean.io>
Monitor now calls Server.ResourceUpdated() for status://agents when
agent completions or inbox changes are detected. Clients subscribed
to this resource get notified automatically via MCP protocol.
Co-Authored-By: Virgil <virgil@lethean.io>
Runs every 2 minutes while MCP server is active:
- Checks for newly completed agent workspaces
- Checks inbox for unread messages
- Pushes notifications via ServerSession.Log() to connected clients
Also registers status://agents resource for on-demand workspace status.
The MCP connection is bidirectional — monitor uses it to actively
notify rather than waiting for tool calls.
Co-Authored-By: Virgil <virgil@lethean.io>
Watches running/queued agent workspaces until all complete.
Sends progress notifications via MCP protocol as each agent finishes.
Returns summary with completed/failed counts and PR URLs.
Co-Authored-By: Virgil <virgil@lethean.io>
When a dispatched agent completes with commits:
1. Branch name threaded through PrepOutput → status.json
2. Completion goroutine pushes branch to forge
3. Auto-creates PR via Forge API with task description
4. PR URL stored in status.json for review
Agents now create PRs instead of committing to main. Combined
with sandbox restrictions, this closes the loop on controlled
agent contributions.
Co-Authored-By: Virgil <virgil@lethean.io>
Three-layer sandboxing:
1. --append-system-prompt with SANDBOX boundary instructions
2. PROMPT.md templates include SANDBOX BOUNDARY (HARD LIMIT) section
3. Agent starts in src/ with only cloned repo visible
Agents are instructed to reject absolute paths, cd .., and any
file operations outside the repository. Violations cause work rejection.
Co-Authored-By: Virgil <virgil@lethean.io>
spawnAgent() now writes completion events to events.jsonl.
Plugin hooks check for completions on:
- SessionStart: report agents that finished since last session
- Notification(idle_prompt): check when Claude is idle
Event format: {"type":"agent_completed","agent":"...","workspace":"...","timestamp":"..."}
Co-Authored-By: Virgil <virgil@lethean.io>
Replace all fmt.Errorf and errors.New in production code with
coreerr.E("caller.Method", "message", err) from go-log. Replace
all os.ReadFile/os.WriteFile/os.MkdirAll/os.Remove with coreio.Local
equivalents from go-io. Test files are intentionally untouched.
Co-Authored-By: Virgil <virgil@lethean.io>
