Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
91 commits
Select commit Hold shift + click to select a range
267dc54
re-sync and add notes about server refactor
lunelson May 15, 2026
c073f80
ln-sync updates
lunelson May 15, 2026
a01249b
resolve threads and thread_context concepts
lunelson May 15, 2026
36d465f
update spec skill to use username based id suffixes on items
lunelson May 15, 2026
b3cc39f
design and contract additions around intent graph semantics
lunelson May 15, 2026
7bbca25
align and update convo runtime doc with cross-references
lunelson May 15, 2026
29cea29
FE-700: scaffold relation policy registry
lunelson May 15, 2026
234d386
skill dirs cleanup
lunelson May 15, 2026
e332bc5
start a docs/next/ folder
lunelson May 18, 2026
fde06bb
remove tool results from transcript
lunelson May 18, 2026
28c857f
Add Brunch POC architecture PRD
lunelson May 18, 2026
f8121bd
Refine next-line Brunch POC PRD
lunelson May 18, 2026
e947f9c
Synthesize next-line Brunch architecture PRD
lunelson May 18, 2026
cad1c70
Make next-line PRD JSONL-first for sessions
lunelson May 18, 2026
307174e
add design doc for extended workspace graphs: intent, design, oracle
lunelson May 18, 2026
1c491d8
add new docs and speculations re potential "next" version
lunelson May 18, 2026
8ba6b80
Add pi JSONL session viability note
lunelson May 18, 2026
3e6027a
FE-700: add intent context snapshots
lunelson May 18, 2026
90f74e0
FE-700: drive cascade impact from relation policy
lunelson May 18, 2026
8096d95
FE-700: share relation-policy edit impact
lunelson May 18, 2026
e7c2935
FE-700: sync relation-policy foundation status
lunelson May 18, 2026
1b21c0f
add further notes on next poc
lunelson May 19, 2026
5583c45
docs: finalize POC architecture, seam-extensions, and fixture strategy
lunelson May 20, 2026
6488da4
chore: archive pre-POC docs and planning memory under archive/
lunelson May 20, 2026
e598666
chore: remove pre-POC implementation and build infra
lunelson May 20, 2026
aaa0ec9
docs(memory): reseed SPEC.md and PLAN.md from POC architecture docs
lunelson May 20, 2026
b104fc4
chore: bootstrap Phase 3 POC infra (walking-skeleton scaffold)
lunelson May 20, 2026
470128a
chore: remove stale .tours/ and config/ from pre-POC trunk
lunelson May 20, 2026
58e32c4
docs: flatten docs/next/ to docs/, drop brunch-poc- prefix
lunelson May 20, 2026
3c95be7
Harden planning skills and reconcile memory
lunelson May 20, 2026
abef60c
Sharpen spec event and state framing
lunelson May 20, 2026
a0a03af
design ideations re persistence and multi-spec data model
lunelson May 20, 2026
c40199b
docs(plan): annotate walking-skeleton frontier with FE-729 and branch
lunelson May 20, 2026
3441d29
FE-702: Walking skeleton — brunch binary + TUI over pi (M0) (#142)
lunelson Jun 2, 2026
38d2c2a
FE-735: Mode shell and fixture driver (M1) (#144)
lunelson Jun 2, 2026
55d9122
FE-736: JSONL session viability proof (M2) (#146)
lunelson Jun 2, 2026
b28b964
FE-737: Web shell over the same host (M3) (#147)
lunelson Jun 2, 2026
e3cae32
FE-744: Document Pi command containment evidence (#150)
lunelson Jun 2, 2026
227874c
FE-776: Graph Layer preps (#162)
lunelson Jun 2, 2026
b0abf26
FE-785: M5 agent-graph-integration (#163)
lunelson Jun 3, 2026
6246368
FE-795: Live selected-spec graph observer over web RPC (#166)
lunelson Jun 5, 2026
512ab75
FE-806: Agent prompt-resource composition, runtime manifests, and sna…
lunelson Jun 5, 2026
6f1397b
FE-808: Broaden direct graph-tool proof beyond the A14 happy path (#171)
lunelson Jun 5, 2026
e844247
FE-807: Structured response capture into selected-spec graph truth (#…
lunelson Jun 8, 2026
46469ce
FE-809: Project-graph review-set proposal and atomic acceptance (#175)
lunelson Jun 8, 2026
e577d0a
FE-811: Elicitor cross-cut groundwork and read/project/render cleanup…
lunelson Jun 8, 2026
dd20a6a
FE-823: Elicitation backlog substrate and agenda read-back (#178)
lunelson Jun 9, 2026
2474d99
FE-811: Ship-gate rename residue and live mention autocomplete (#179)
lunelson Jun 9, 2026
088b783
FE-825: Plan first-class developer feedback loops over the pi harness…
lunelson Jun 9, 2026
a4c97b6
FE-824: Role-safe graph mutations and completion of full stack graph …
lunelson Jun 9, 2026
0b07478
FE-830: Align with design params of main branch (#187)
lunelson Jun 9, 2026
d3d1ae3
FE-825: DX introspection tier 1 (#189)
lunelson Jun 11, 2026
e37b905
FE-846: Web revamp pass II (#195)
lunelson Jun 11, 2026
2114616
FE-845: TUI chrome resolutions pass I (#196)
lunelson Jun 11, 2026
4d9790a
FE-844: Elicitation gaps architecture (#197)
lunelson Jun 11, 2026
39b50c2
Wire affordance legality to capability readiness (#201)
lunelson Jun 11, 2026
0f69577
spec/plan: lock Tier-2 turn-boundary choreography (D76-D78, I45-I47) …
lunelson Jun 11, 2026
577f0d1
FE-845: Wire runtime posture slash commands (#203)
lunelson Jun 11, 2026
5685074
spec and plan updates re fixture protocols (#204)
lunelson Jun 11, 2026
30fa4df
FE-847: DX introspection tier 2 (#205)
lunelson Jun 11, 2026
ea4e6eb
orientation and scoping (#206)
lunelson Jun 11, 2026
3851ea0
FE-852: Prompt composition golden coverage and elicitation driver (#207)
lunelson Jun 11, 2026
e70595b
FE-852: Prompt composition golden coverage and elicitation driver (#208)
lunelson Jun 15, 2026
23868dd
FE-858: Client-side POC prep (#209)
lunelson Jun 15, 2026
8ffbf0c
FE-868: Pi runtime rehabilitation and dependency alignment (#215)
lunelson Jun 16, 2026
c4e2b0b
FE-869: Runtime topology and prompt-resource ownership cleanup (#216)
lunelson Jun 16, 2026
e4a63fd
FE-870: Renderer golden coverage and agent-context tools (#217)
lunelson Jun 16, 2026
2c5fabc
FE-870: Renderer golden coverage and agent-context tools (#228)
lunelson Jun 17, 2026
8c3748f
FE-873: Web-as-driver streaming chat transport (topology A) (#225)
lunelson Jun 17, 2026
9d38ea2
FE-873: Web-as-driver streaming chat transport (topology A) (#233)
lunelson Jun 19, 2026
dea0fbb
FE-895: Pi component test harness (#234)
lunelson Jun 19, 2026
3fe4448
FE-893: Prompt-resource axis-model and core skill-set consolidation (…
lunelson Jun 19, 2026
473fcd6
FE-861: Generalized capture: high-confidence extractive capture with …
lunelson Jun 22, 2026
6f49ef8
FE-897: Alpha hardening residues (#237)
lunelson Jun 22, 2026
1f0392b
FE-861: Generalized capture: high-confidence extractive capture with …
lunelson Jun 22, 2026
cf0e513
bung in first version of brunch subagents (#239)
lunelson Jun 22, 2026
e52fed8
FE-898: Realign prompt-resource skills to the Agent Skills standard (…
lunelson Jun 22, 2026
aeac2ec
FE-1051: Distill ln-* skill system and canonicalize SPEC/POSTURE docs…
lunelson Jun 24, 2026
e330230
FE-811: POC live ship gate and runbook oracle (#248)
lunelson Jun 24, 2026
f772edf
FE-1053: Collapse structured-exchange companion contracts (#250)
lunelson Jun 24, 2026
44139de
FE-1052: Ontology revisions (#251)
lunelson Jun 24, 2026
14d5b13
FE-1054: Reconcile subagents with the foreground agent model (#252)
lunelson Jun 24, 2026
d2b85a5
FE-1058: Readiness-bands interrogation — four-band derived model (D94…
lunelson Jun 24, 2026
acf17d5
FE-1054: unify agent bodies under src/.pi/agents/<id>/ + renames (D90…
lunelson Jun 24, 2026
d00c65d
FE-1059: Elicitor generate capability: plane-parameterized generative…
lunelson Jun 25, 2026
86fa0cf
FE-1090: Data-model legibility reference substrate (#266)
lunelson Jun 29, 2026
40b02a7
FE-1091: Renderer golden coverage and prompt assembly lock, Part 1 (#…
lunelson Jun 29, 2026
cebc423
FE-1092: Dev scripting and fixture curation cleanup (#268)
lunelson Jun 29, 2026
c87707a
FE-1091: Renderer golden coverage and prompt assembly lock, Part 2 (#…
lunelson Jun 30, 2026
32d94bd
FE-1085: Elicitor project capability design (#271)
lunelson Jul 1, 2026
4e2f1bf
FE-1108: Harden structured exchange affordances (#273)
lunelson Jul 1, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
81 changes: 81 additions & 0 deletions .agents/skills/cli-agent-browser/SKILL.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
---
name: cli-agent-browser
description: 'Browser automation via the agent-browser CLI — a daemon-backed Chrome controller with persistent state across shell calls. Primary choice for browser tasks inside the agent-safehouse sandbox. Use when interacting with web pages — navigating, snapshotting, clicking, filling forms, taking screenshots. Triggers on: browse a page, automate browser, take a screenshot, fill a form, click a button, scrape a page, test a web app.'
---

# agent-browser

The most reliable browser CLI for agents running inside the **`agent-safehouse`**
sandbox. A persistent daemon (sockets, pid, state in `~/.agent-browser/`)
spawns Chrome with the right flags and survives across one-shot Bash calls —
the daemon model that `chrome-devtools-axi` and `cdp-cli launch` cannot achieve
under sandboxing.

## Prerequisites

This skill's pinned launch invocation depends on two Safehouse features being
enabled in `~/.config/zsh/agents.zsh` `safe`: `agent-browser` (allows Chrome
to dlopen its framework and reach Mach ports) and `process-control` (allows
daemon liveness checks). If they're missing, `agent-browser open` fails with
`Auto-launch failed: CDP response channel closed`.

## First Launch: Pin the Args

Chrome inside `agent-safehouse` **must** be launched with `--no-sandbox`
(Safehouse's outer Seatbelt blocks Chrome's inner sandbox from re-initializing)
and `--ignore-certificate-errors` (the Cloudflare Zero Trust CA is plumbed to
Node but not Chrome). Pass both via `--args` on the first call after a fresh
shell or after `agent-browser close`:

```bash
agent-browser --args "--no-sandbox,--ignore-certificate-errors" open https://example.com
```

**Args stick to the running daemon.** Subsequent calls do not need `--args`
and will warn "daemon already running" if you pass them anyway. To change
launch args, run `agent-browser close` first, then re-open with new args.

## Core Workflow

After `open`, every command targets the live page:

```bash
agent-browser snapshot # AX tree with @ref handles
agent-browser click @e2 # click ref from snapshot
agent-browser fill @e5 "user@example.com"
agent-browser type "search query"
agent-browser press Enter
agent-browser screenshot /tmp/out.png
agent-browser open <new-url> # navigate same daemon
agent-browser close # tear down
```

Refs (`@e1`, `@e2`, …) come from the most recent `snapshot` and are stable
within the page; re-snapshot after navigation or DOM mutations.

## Upstream Skills (Authoritative Reference)

The CLI ships its own version-matched documentation. Load the upstream skill
for the full command reference and patterns:

```bash
agent-browser skills get core --full # full command reference + templates
agent-browser skills list # specialized skills (Electron, Slack, …)
```

Prefer the upstream skill over guessing from `agent-browser --help`. This
file's job is just to pin the sandbox-correct launch invocation and explain
the daemon-args lifecycle.

## When Not to Use This Skill

- **Need to drive an existing user Chrome session** (cookies, logged-in
state, extensions) — agent-browser uses its own clean profile. Use
[cli-cdp](../cli-cdp/SKILL.md) in attach mode against a Chrome the user
launched manually.
- **One-shot screenshot or PDF with no follow-up interaction, in a context
without MCP browser tools** — [cli-playwright](../cli-playwright/SKILL.md)'s
stateless `screenshot`/`pdf` commands are lighter than spinning up the
daemon.
- **MCP browser tools are available** (e.g. Amp's `mcp__chrome_devtools__*`)
— those run outside the sandbox and have richer DevTools coverage.
49 changes: 45 additions & 4 deletions .agents/skills/cli-cdp/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,55 @@ debugging.

## Prerequisites

Chrome must be running with `--remote-debugging-port`:
Chrome must be running with `--remote-debugging-port`. **First check whether
you can launch it yourself or must ask the user to launch it externally.**

### Step 1: Detect the sandbox

```bash
echo "${APP_SANDBOX_CONTAINER_ID:-none}"
```

- **`none` (unsandboxed)** — you can run `cdp-cli launch` yourself; it spawns
Chrome on port 9223 with a clean profile under `$TMPDIR`.
- **`agent-safehouse` (or any other sandbox)** — `cdp-cli launch` reports
`{"success":true}` but the Chrome it spawns crashes silently with SIGABRT
because its launch args lack `--no-sandbox` and there is no flag to add
one. **You must use attach mode** (Step 2).

### Step 2a: Unsandboxed — self-launch

```bash
cdp-cli launch
cdp-cli tabs # confirm a page is listed
```

### Step 2b: Sandboxed — ask the user to launch Chrome externally

Stop and ask the user to run this in a **non-sandboxed Terminal window**
(Terminal.app or iTerm, not cmux):

```bash
"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" \
--remote-debugging-port=9223 \
--user-data-dir="$HOME/.chrome-debug-profile" \
about:blank
```

The separate `--user-data-dir` keeps it isolated from the user's main Chrome
profile so both can run at the same time. Tell the user to leave that
terminal window open — closing it kills Chrome.

After they confirm Chrome is open, verify connectivity from your shell:

```bash
cdp-cli launch # macOS: launches Chrome with debugging on :9223
curl -s http://localhost:9223/json/version | head -3 # should return JSON
cdp-cli tabs # should list the page
```

Or start Chrome manually with `--remote-debugging-port=9222` and pass
`--cdp-url http://localhost:9222`.
From here every other `cdp-cli` command works normally — TCP to localhost
is allowed through the sandbox; only Chrome's own dlopen and process spawn
are blocked.

## Page Identification

Expand Down
11 changes: 11 additions & 0 deletions .agents/skills/cli-chrome-axi/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,17 @@ description: 'Uses the chrome-devtools-axi CLI for browser automation, accessibi

# chrome-devtools-axi

## Sandbox Compatibility — Check First

Run `echo "${APP_SANDBOX_CONTAINER_ID:-none}"` before using this skill.

- **`agent-safehouse`**: **DO NOT use this skill.** The CLI's persistent
bridge daemon cannot detach from the Bash subprocess under Seatbelt and
times out at startup (`Bridge failed to start within 30s`). Use
[cli-agent-browser](../cli-agent-browser/SKILL.md) for daemon-style
browser work or [cli-playwright](../cli-playwright/SKILL.md) for one-shots.
- **`none` (unsandboxed)**: this skill works as documented below.

Use `chrome-devtools-axi` when you want Chrome DevTools automation from the shell with agent-friendly output and stable accessibility refs.

## Why This CLI
Expand Down
15 changes: 15 additions & 0 deletions .agents/skills/cli-cmux/SKILL.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,21 @@ description: 'Deep expertise in cmux — the terminal multiplexer with native br

# cmux — Terminal Multiplexer with Native Browser

## Sandbox Compatibility — Check First

Run `echo "${APP_SANDBOX_CONTAINER_ID:-none}"` and `echo "${CMUX_SURFACE_ID:-none}"`
before using this skill.

- **`agent-safehouse` and/or `CMUX_SURFACE_ID=none`**: **DO NOT use this skill.**
The `cmux` CLI is not reachable from inside the `agent-safehouse` sandbox
(its install path is denied), and the `CMUX_WORKSPACE_ID` / `CMUX_SURFACE_ID`
env vars assumed below are not injected. For browser tasks, use
[cli-agent-browser](../cli-agent-browser/SKILL.md). For terminal/pane
interactions you actually need from inside the sandbox, ask the user to
run the cmux commands directly.
- **Unsandboxed cmux pane (both env vars present)**: this skill works as
documented below.

cmux manages terminal panes and browser views through a Unix socket CLI.
You are already running inside cmux — your current pane has env vars
`CMUX_WORKSPACE_ID` and `CMUX_SURFACE_ID` set automatically.
Expand Down
78 changes: 78 additions & 0 deletions .agents/skills/cli-playwright/SKILL.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
---
name: cli-playwright
description: 'One-shot browser captures via the Playwright CLI — screenshots and PDFs of arbitrary URLs with no daemon. Best stateless option for agents that need to capture a page but lack MCP browser tools. Use when you need a single screenshot or PDF of a URL without follow-up interaction. Triggers on: screenshot a page, save page as pdf, capture web page, snapshot a url.'
---

# Playwright CLI (one-shot)

For agents without MCP browser tools that need a **single page capture** with
no interaction loop. Each invocation launches Chromium, performs one action,
and exits — no daemon to manage. Inside `agent-safehouse`, the `playwright-chrome`
Safehouse feature has already injected `PLAYWRIGHT_MCP_SANDBOX=false` into
the environment, so Chromium starts cleanly without you setting anything.

For multi-step interaction loops use [cli-agent-browser](../cli-agent-browser/SKILL.md)
instead — its daemon persists state across calls; Playwright one-shots do not.

## Two Binaries on PATH

This skill is about the **test-runner `playwright`** (from `@playwright/test`),
which exposes one-shot commands like `screenshot` and `pdf`. The other
binary, `playwright-cli` (from a separate package), is a daemon wrapper
around Playwright-MCP — its `--ignore-https-errors` plumbing through config
files is finicky in this environment, so prefer `agent-browser` for
daemon-style work.

## Prerequisites

- Safehouse `playwright-chrome` feature must be enabled (auto-injects
`PLAYWRIGHT_MCP_SANDBOX=false`). Confirm with `echo $PLAYWRIGHT_MCP_SANDBOX`
— should print `false`.
- Chromium browser must be installed in `~/Library/Caches/ms-playwright/`.
If `playwright screenshot` errors with "Executable doesn't exist", run:
```bash
playwright install chromium
```
This downloads to a cached location Safehouse already permits, no `sudo`.

## Core Commands

```bash
# Screenshot — always pass --ignore-https-errors for Cloudflare-gated sites
playwright screenshot --ignore-https-errors https://example.com /tmp/out.png

# Full-page screenshot
playwright screenshot --ignore-https-errors --full-page <url> <file>

# PDF (uses Chromium printing pipeline)
playwright pdf --ignore-https-errors <url> /tmp/out.pdf

# Wait for content before capturing
playwright screenshot --ignore-https-errors \
--wait-for-selector ".loaded" \
--wait-for-timeout 5000 \
<url> <file>

# Emulate device / color scheme
playwright screenshot --ignore-https-errors \
--device "iPhone 11" --color-scheme dark \
<url> <file>
```

## Always Pass `--ignore-https-errors`

The `safe` function forwards the Cloudflare Zero Trust root CA to Node
(`NODE_EXTRA_CA_CERTS`), but **Chromium does not honor that env var** — it
uses its own cert store, which doesn't include the Cloudflare gateway CA.
Without `--ignore-https-errors`, any HTTPS URL routed through the gateway
fails with `net::ERR_CERT_AUTHORITY_INVALID`.

## Common Pitfalls

- **`playwright open <url>` is interactive** and will hang the Bash tool —
use `screenshot` or `pdf` for one-shot capture, or `cli-agent-browser`
for interactive flows.
- **`playwright codegen`** records user actions — useless from an
agent shell.
- **`playwright test`** runs a `playwright.config.ts` test suite — not a
general-purpose browser CLI.
Loading
Loading