153 Commits

Author SHA1 Message Date
github-actions[bot] 0c24694ff5 chore: bump Cargo.toml to 0.7.0 2026-06-18 22:01:38 +00:00
github-actions[bot] 1e006256f1 bump: version 0.6.0 → 0.7.0 [skip ci] 2026-06-18 22:01:35 +00:00
Dark-Alex-17 3ff27a7935 feat: added a memory option to .set tab completions
CI / All (ubuntu-latest) (push) Failing after 24s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-18 15:50:23 -06:00
Dark-Alex-17 373d80121a lint: Fixed linter complaints in paths module
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-18 14:32:07 -06:00
Dark-Alex-17 3299a4699e refactor: Migrated the .skills command completion to use StateFlags and updated the help messages 2026-06-18 14:30:55 -06:00
Dark-Alex-17 d4dbda1e89 fix: rebuild the tool scope after dynamically updating the skills_enabled value in the REPL 2026-06-18 13:01:38 -06:00
Dark-Alex-17 e77fa6ef42 feat: Added a diagnostic .info tools subcommand to make it easier to see what tools are enabled in all contexts 2026-06-18 13:01:11 -06:00
Dark-Alex-17 241dda24f0 feat: Added additional info outputs for enabled skills and sbx directories 2026-06-18 11:58:29 -06:00
Dark-Alex-17 e5668e4495 docs: Added sandboxes to the README 2026-06-18 11:57:58 -06:00
Dark-Alex-17 4a01e9a66c fmt: applied formatting 2026-06-18 11:29:03 -06:00
Dark-Alex-17 530000bc2f fix: properly resolve Windows-based local vault password file locations and bootstrap them into the sandbox when possible 2026-06-18 11:28:54 -06:00
Dark-Alex-17 f2e8f3ab59 fix: auto-translation of user-prefixed Mac and Linux paths for the vault password file when running inside a sandbox 2026-06-18 10:53:38 -06:00
Dark-Alex-17 2f33b6631e feat: directly execute shell commands from within the REPL 2026-06-18 08:19:01 -06:00
Dark-Alex-17 8c288195a0 feat: created mixin kit for built-in functions and MCP servers 2026-06-17 15:10:40 -06:00
Dark-Alex-17 e6a5e67a8e feat: Added sbx mixins for the secrets providers so users can also bootstrap those as well. 2026-06-17 14:57:35 -06:00
Dark-Alex-17 6ae474c79e feat: added support for loading sbx mixins that are dynamically discovered in the users workspace and config directory 2026-06-17 14:39:32 -06:00
Dark-Alex-17 8e0b07c9fb docs: Updated the --fresh command help message 2026-06-17 14:20:38 -06:00
Dark-Alex-17 69589bd5e5 feat: Added a --fresh flag to let users create a truly bare bones sandbox without bootstrapping their config 2026-06-17 14:20:17 -06:00
Dark-Alex-17 587df087ed feat: initial built-in sandboxing support powered by Docker sbx 2026-06-17 14:11:04 -06:00
Dark-Alex-17 ee100eef96 fix: don't attempt to auto complete .vault list in the REPL; that's the end of the command 2026-06-17 12:50:04 -06:00
Dark-Alex-17 14969e35fa fix: buffer tool stdout as well as stderr so that any tools that error to stdout are captured and included in the response to the model, enabling the model to see what went wrong and to reason about how to fix it.
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-16 15:07:55 -06:00
Dark-Alex-17 b927e2a200 fix: auto-bootstrapped memory was accidentally putting the MEMORY.md directly in the repo root rather than .coyote/memory/MEMORY.md
CI / All (ubuntu-latest) (push) Failing after 23s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-15 15:05:51 -06:00
Dark-Alex-17 6ce69ee989 fix: improved the fs_patch script description and added improved error handling to it. 2026-06-15 15:05:18 -06:00
Dark-Alex-17 dc6d736df3 build: pinned aws-smithy-types and time to fix yesterday's release of aws-smithy-types issues 2026-06-12 17:33:49 -06:00
Dark-Alex-17 2a79616f8b feat: Added the ability to auto-bootstrap workspace memory when in git repos 2026-06-11 16:03:00 -06:00
Dark-Alex-17 eb6a02f947 test: fixed broken memory test after updating index format 2026-06-11 20:28:33 -06:00
Dark-Alex-17 00939e4634 feat: Added explicit guardrail handling for pending agents 2026-06-11 20:20:14 -06:00
Dark-Alex-17 6ebd32d47c fix: added in forgotten require_max_tokens to the fable model 2026-06-11 16:11:22 -06:00
Dark-Alex-17 73c4449e7f feat: auto-append memory to memory index and don't necessarily require the LLM to remember to do it after a write 2026-06-10 21:31:37 -06:00
Dark-Alex-17 7143b50d98 fix: append memory functions to non-graph based agents on init 2026-06-10 21:07:56 -06:00
Dark-Alex-17 de38e663a0 docs: Added some docs for the memory system and the --init-memory flag 2026-06-10 20:26:31 -06:00
Dark-Alex-17 10de6025b5 feat: Added an --init-memory [global|workspace] flag to easily and quickly enable memory 2026-06-10 20:26:17 -06:00
Dark-Alex-17 0d2292bff6 feat: added memory global configuration settings to the output of --info and .info 2026-06-10 20:10:45 -06:00
Dark-Alex-17 eb38ca0bbb docs: updated example configurations to include settings for the new memory system 2026-06-10 20:06:17 -06:00
Dark-Alex-17 1931331163 fix: when auto_continue is disabled via the .set auto_continue false command, it should strip the todo functions from the list of functions 2026-06-10 19:31:19 -06:00
Dark-Alex-17 218750cc1e feat: added .set memory REPL commands to control memory injection and applied formatting 2026-06-10 19:24:08 -06:00
Dark-Alex-17 a10b23dbc1 test: added more unit tests for the memory system 2026-06-10 18:44:32 -06:00
Dark-Alex-17 19d2340489 feat: Create the built-in memory management tools 2026-06-10 18:35:59 -06:00
Dark-Alex-17 4ece3d3df1 feat: Append the memory system prompts (readonly or r/w) to the system prompt when applicable 2026-06-10 18:19:37 -06:00
Dark-Alex-17 6d5cbfa56d feat: Created the --no-memory CLI flag to disable memory for this invocation 2026-06-10 17:53:40 -06:00
Dark-Alex-17 7e097e0465 feat: Added the memory configuration properties and storage to the main app config, roles, sessions, and agents. 2026-06-10 17:50:28 -06:00
Dark-Alex-17 b2d70a3fd3 feat: initial scaffolding of a memory system 2026-06-10 17:24:45 -06:00
Dark-Alex-17 3183fedca9 chore: updated models.yaml to include claude Fable 5 2026-06-10 17:18:58 -06:00
Dark-Alex-17 33c6f2c4e3 fix: use rawPredict for non-streaming Claude requests
CI / All (ubuntu-latest) (push) Failing after 24s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-09 23:05:31 -06:00
Dark-Alex-17 bca25404ab docs: migrated location of skill_instructions examples in example configs
CI / All (ubuntu-latest) (push) Failing after 24s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-05 15:34:25 -06:00
github-actions[bot] 161fa2d983 chore: bump Cargo.toml to 0.6.0 2026-06-05 21:30:01 +00:00
github-actions[bot] 0e93775491 bump: version 0.5.0 → 0.6.0 [skip ci] 2026-06-05 21:29:49 +00:00
Dark-Alex-17 c00c4ff84a test: added a few additional tests to the request_context surrounding the skills system 2026-06-05 15:24:51 -06:00
Dark-Alex-17 46685cb641 fix: disable skills for specific built-in roles 2026-06-05 15:11:22 -06:00
Dark-Alex-17 165d0d113d feat: added skill hint prompt injection and configuration 2026-06-05 14:48:54 -06:00
Dark-Alex-17 70dc7c9680 fix: redirect stderr into user's /dev/tty for guards 2026-06-05 12:46:52 -06:00
Dark-Alex-17 4eac536327 docs: updated the graph.example.yaml 2026-06-05 11:53:19 -06:00
Alex Clarke 8e0fa79ff3 Merge pull request #13 from Dark-Alex-17/skills
Implement support for skills and refactored secrets providers
2026-06-05 11:43:15 -06:00
Dark-Alex-17 68a912ec38 fix: azure doesn't support underscores in key vault 2026-06-05 11:29:14 -06:00
Dark-Alex-17 f405ec5e16 chore: updated models.yaml 2026-06-05 11:28:55 -06:00
Dark-Alex-17 b997e9493c fix: accidental regression on enabled_skills being empty = all 2026-06-04 16:12:32 -06:00
Dark-Alex-17 8d6e9bef32 fix: greedy secrets regex caused multiple secrets on one line to fail 2026-06-04 15:41:56 -06:00
Dark-Alex-17 e54a2e42c9 test: improve vault password file errors by propagating up 2026-06-04 15:32:31 -06:00
Dark-Alex-17 b1696c3425 refactor: removed redundant skill name validation from has_skill function 2026-06-04 14:58:33 -06:00
Dark-Alex-17 feef3f67b5 style: miscellaneous cleanup 2026-06-04 14:30:56 -06:00
Dark-Alex-17 dc066bee0d fmt: applied formatting 2026-06-04 14:21:06 -06:00
Dark-Alex-17 6c4e042dad fix: add agent context check to skill visibility validation 2026-06-04 14:19:38 -06:00
Dark-Alex-17 30f3b01358 feat: Fallthrough on missing secrets during mcp.json merging 2026-06-04 14:19:24 -06:00
Dark-Alex-17 ebf3b5f776 test: improved skill validation test in graph validator 2026-06-04 14:02:34 -06:00
Dark-Alex-17 84dcb3078b feat: validate visible_skills field at config load time 2026-06-04 13:43:40 -06:00
Dark-Alex-17 7b320e08c4 fix: enforced global visible_skills in llm node validation and improved skill loading error handling across the project 2026-06-04 13:09:43 -06:00
Dark-Alex-17 7078280b3d fix: restore agent skill policy on error during effective policy calculation 2026-06-04 12:16:42 -06:00
Dark-Alex-17 43607dbe8d fix: apply the same validation for skill filenames on list_skills as happens everywhere else 2026-06-04 12:10:00 -06:00
Dark-Alex-17 8f7a57f8e6 fix: the vault's init_bare should try to load the provisioned secret_provider from the config file without also interpolating any of the rest of the configuration file. It should only fail if the user has not yet created a configuration file; i.e. done a first-time run. 2026-06-04 12:02:43 -06:00
Dark-Alex-17 40fdf3aaa7 fix: the vault roundtrip test used characters that are unsupported by some major secrets providers 2026-06-04 11:20:46 -06:00
Dark-Alex-17 46d4b78ccc fix: fixed tool filtering logic for skills and user functions in agents 2026-06-04 11:03:44 -06:00
Dark-Alex-17 b0a3b0a9a5 feat: implemented reflexion (sorta) in sisyphus for significant code changes to delegate to the code-reviewer agent 2026-06-04 10:40:14 -06:00
Dark-Alex-17 53b3ce9ab1 feat: improved explore agent 2026-06-04 10:39:46 -06:00
Dark-Alex-17 44f533018e fix: privilege leak when unloading skills and leaving tool scope untouched 2026-06-04 10:17:01 -06:00
Dark-Alex-17 bbb23f4884 fix: When bootstrapping an app config to interpolate secrets, clone the secrets provider configuration as well so config secrets stored in remote vaults can be used properly 2026-06-04 10:07:46 -06:00
Dark-Alex-17 8de0eef4f9 fix: forgot to move back up the vault probe value error to be before the delete 2026-06-04 09:32:25 -06:00
Dark-Alex-17 73a4499c68 fix: don't silently fail on skill role composition extraction in llm nodes 2026-06-04 09:09:55 -06:00
Dark-Alex-17 97100bee29 fix: set -euo pipefail for the temp script in execute_command.sh tool 2026-06-03 15:26:23 -06:00
Dark-Alex-17 9a25438643 fix: added forgotten skill name validation to has_skill to prevent side-channel attacks 2026-06-03 15:21:16 -06:00
Dark-Alex-17 f6da937c5d fmt: applied formatting 2026-06-03 15:05:58 -06:00
Dark-Alex-17 eeaeb42c9a fix: use unique values for the secrets round trip verification 2026-06-03 15:04:50 -06:00
Dark-Alex-17 1dde7f4442 fix: stop interpolating a line if any errors occur 2026-06-03 15:02:22 -06:00
Dark-Alex-17 9879980304 fix: added path validation for skill names 2026-06-03 14:59:57 -06:00
Dark-Alex-17 7ec81ae607 fix: effective_policy unconditionally overwrote skill values for role-like structs 2026-06-03 14:54:42 -06:00
Dark-Alex-17 dac2a16677 feat: removed conditional fallback of LLM_*_RAW_JSON from built-ins 2026-06-03 14:40:42 -06:00
Dark-Alex-17 260bf4e5bc fmt: applied formatting to refactored mcp_servers and tools lists 2026-06-03 14:02:06 -06:00
Dark-Alex-17 ece66448e0 refactor: support both CSV and list formats for enabled_tools 2026-06-03 13:58:24 -06:00
Dark-Alex-17 a254d60876 refactor: Support both CSV and list formats for enabled_mcp_servers 2026-06-03 13:23:13 -06:00
Dark-Alex-17 c36c4f4699 feat: updated enabled_skills handling to support both list and comma-separated strings 2026-06-03 12:24:10 -06:00
Dark-Alex-17 4a14d80d97 feat: added new REPL set commands for toggling skills and changing what skills are enabled 2026-06-03 12:23:53 -06:00
Dark-Alex-17 c6a9268856 docs: improved fs_patch and fs_write descriptions and examples 2026-06-03 12:06:39 -06:00
Dark-Alex-17 2914a1070b feat: upgraded to the latest version of mcp-remote 2026-06-03 11:46:52 -06:00
Dark-Alex-17 5ebf8649a6 fmt: applied uniform formatting across refactored vault code 2026-06-03 11:15:11 -06:00
Dark-Alex-17 0272412334 feat: fs_grep now works with both files and directories 2026-06-03 10:48:18 -06:00
Dark-Alex-17 7a7824be6a feat: improved code reviewer agents with skills 2026-06-03 10:40:34 -06:00
Dark-Alex-17 aa2d4f3265 fix: updated execute_command to not mangle heredocs and also added explicit instructions to the coder and sisyphus agents to use fs_write and fs_patch over execute_command when writing files 2026-06-03 10:20:39 -06:00
Dark-Alex-17 28a283283f docs: Updated configuration example to include new secret provider support 2026-06-03 08:36:03 -06:00
Dark-Alex-17 652ab0b180 feat: added round trip validation for vault providers to ensure permissions and authentication 2026-06-03 08:30:47 -06:00
Dark-Alex-17 8ad764527d feat: created new first-time run wizard for secrets provider 2026-06-03 08:08:06 -06:00
Dark-Alex-17 bba094086d feat: vault_password_file or nothing at all is shorthand for just using the local gman provider for secret management 2026-06-02 14:52:36 -06:00
Dark-Alex-17 658ca7fec3 feat: refactored gman usage to be generic and work with various vault providers and use the SupportedProvider enum directly for configurations 2026-06-02 14:16:45 -06:00
Dark-Alex-17 156de15a33 feat: created initial parity gman generalization for vault provider 2026-06-02 13:59:32 -06:00
Dark-Alex-17 695a684b8d build: upgraded to gman 0.5.0 2026-06-02 13:59:10 -06:00
Dark-Alex-17 307e2cfc50 docs: documented the llm node skills policy in the graph.example.yaml 2026-06-02 13:58:59 -06:00
Dark-Alex-17 ed59f793fc docs: documented the llm node skills policy in the graph.example.yaml 2026-06-02 13:14:41 -06:00
Dark-Alex-17 c17db05f39 feat: Refactored the sisyhpus agent system to utilize the new skills system to improve performance and reliability 2026-06-02 13:14:25 -06:00
Dark-Alex-17 b1782b614f fix: llm nodes accidentally skipped skill_registry::effective_role because I was passing an inline role instead 2026-06-02 12:58:14 -06:00
Dark-Alex-17 2acff31213 feat: llm graph nodes support skills 2026-06-02 12:39:43 -06:00
Dark-Alex-17 a564085449 feat: updated sisyphus and coder tools 2026-06-02 11:13:30 -06:00
Dark-Alex-17 2d5cdb96d2 fix: updated temperature values for all agents and roles 2026-06-02 10:41:20 -06:00
Dark-Alex-17 5a47a6637f fix: added back in require_max_tokens for new Claude models 2026-06-02 10:30:40 -06:00
Dark-Alex-17 625a251931 docs: Updated skill docs to mention that function calling support must be enabled for skills to work at all 2026-06-02 09:55:08 -06:00
Dark-Alex-17 d0ebe7408f fix: skill support also requires function calling to be enabled 2026-06-02 09:42:36 -06:00
Dark-Alex-17 976ba7066d fix: non_tty tests break on some TTY terminals 2026-06-01 16:51:04 -06:00
Dark-Alex-17 ff3789f869 style: removed now deprecated SkillRegistry::new and skillRegistry::load methods 2026-06-01 16:45:34 -06:00
Dark-Alex-17 744dd213f5 fix: skill loading on agents 2026-06-01 16:37:17 -06:00
Dark-Alex-17 f6b4bf05b6 fix: forgot to bootstrap skills on REPL startup 2026-06-01 16:11:23 -06:00
Dark-Alex-17 94e3c3535c feat: removed potentially confusing tab completions for .skill 2026-06-01 16:04:22 -06:00
Dark-Alex-17 31b44fbeb7 fix: remove now deprecated .skill edit command 2026-06-01 15:58:06 -06:00
Dark-Alex-17 07f4b134b6 docs: Added example skills configurations 2026-06-01 15:50:20 -06:00
Dark-Alex-17 5c374bb5bf feat: .edit skill <name> support from within the REPL 2026-06-01 15:48:19 -06:00
Dark-Alex-17 0f90dd5f53 feat: Added skills_dir to the info output of Coyote 2026-06-01 15:30:22 -06:00
Dark-Alex-17 d07caf2a4b fmt: Applied uniform formatting to skills implementation 2026-06-01 15:21:00 -06:00
Dark-Alex-17 81a2bd1d00 feat: Created a few auto built-in skills 2026-06-01 15:20:12 -06:00
Dark-Alex-17 5fa6ffb81d feat: Added support for auto_unload skills during chat 2026-06-01 15:19:59 -06:00
Dark-Alex-17 1faab15377 feat: cleaned up skill implementation 2026-06-01 15:13:50 -06:00
Dark-Alex-17 a4ddc3d65d feat: support multiple skill flags to load multiple skills at CLI startup 2026-06-01 14:27:40 -06:00
Dark-Alex-17 588c69ea6c feat: Modified --skill CLI to allow users to specify skills to start the REPL or CLI with. 2026-06-01 14:20:45 -06:00
Dark-Alex-17 bf8dad2a4f feat: added CLI --skill flag for modifying skills easily 2026-06-01 14:05:16 -06:00
Dark-Alex-17 2e06c0e7d2 feat: REPL integration with skills 2026-06-01 13:43:43 -06:00
Dark-Alex-17 de42cae87f feat: dynamic loading/unloading of skill tools and MCP servers whenever load_skill/unload_skill are invoked 2026-06-01 13:22:44 -06:00
Dark-Alex-17 cdc4bd154a feat: created built-in functions for listing, loading, and unloading skills 2026-06-01 12:58:42 -06:00
Dark-Alex-17 aa2e627a5f feat: implemented the skills policy to track available skills per context 2026-06-01 12:26:30 -06:00
Dark-Alex-17 3359c62429 feat: added remote install and install support for skills 2026-06-01 11:58:35 -06:00
Dark-Alex-17 75a6a5e145 feat: created the skill registry 2026-06-01 11:41:04 -06:00
Dark-Alex-17 a9cad501ff tests: update skill tests 2026-06-01 11:19:02 -06:00
Dark-Alex-17 26584c7500 feat: decided to make skills persist to disk like agents and not in-memory like built-in roles 2026-06-01 11:17:55 -06:00
Dark-Alex-17 62fdf4a2b5 feat: scaffold skill module 2026-06-01 10:22:46 -06:00
Dark-Alex-17 296aa6f50f docs: fix typo in config.example.yaml 2026-05-29 10:47:15 -06:00
Dark-Alex-17 93cc498731 chore: updated models.yaml 2026-05-28 16:23:08 -06:00
github-actions[bot] b1cd8351fa chore: bump Cargo.toml to 0.5.0 2026-05-27 21:27:54 +00:00
github-actions[bot] ccf5e73341 bump: version 0.4.0 → 0.5.0 [skip ci] 2026-05-27 21:27:49 +00:00
Dark-Alex-17 be5d280c32 fix: bash-based user interactions in agents accidentally regressed in graph implementation 2026-05-27 15:20:19 -06:00
Dark-Alex-17 6633a8c0bf fix: Claude function calling in agent contexts 2026-05-27 14:47:27 -06:00
Dark-Alex-17 097d8936e3 fix: Claude code rate limit error per new Claude changes 2026-05-27 14:06:17 -06:00
Dark-Alex-17 8a53b7934b fmt: apply uniform formatting with name change 2026-05-27 12:57:05 -06:00
Dark-Alex-17 0facb15e32 feat: rename Loki to Coyote 2026-05-27 12:47:32 -06:00
Dark-Alex-17 c172736362 docs: clarified OAuth more 2026-05-22 19:56:00 -06:00
github-actions[bot] 4a2b9fa42a bump: version 0.3.0 → 0.4.0 [skip ci] 2026-05-23 01:53:47 +00:00
Dark-Alex-17 98db37866c docs: Fixed a typo in the README 2026-05-22 19:49:40 -06:00
Dark-Alex-17 ad31fbd169 test: fixed broken cross tests that required home directory access 2026-05-22 19:49:01 -06:00
Dark-Alex-17 d69e28fd39 docs: fixed broken sharing configurations link 2026-05-22 19:48:44 -06:00
Alex Clarke 279eaa5300 Merge pull request #12 from Dark-Alex-17/develop
Release v0.4.0: Graph-based agents, remote asset installation, self-update and god-config refactor
2026-05-22 19:18:13 -06:00
135 changed files with 12317 additions and 4320 deletions
+13 -13
View File
@@ -21,25 +21,25 @@ body:
value: |
I tried this:
1. `loki`
1. `coyote`
I expected this to happen:
Instead, this happened:
- type: textarea
id: loki-log
id: coyote-log
attributes:
label: Loki log
description: Include the Loki log file to help diagnose the issue. (`loki --info` to see the log_path)
label: Coyote log
description: Include the Coyote log file to help diagnose the issue. (`coyote --info` to see the log_path)
value: |
| OS | Log file location |
| ------- | ----------------------------------------------------- |
| Linux | `~/.cache/loki/loki.log` |
| Mac | `~/Library/Logs/loki/loki.log` |
| Windows | `C:\Users\<User>\AppData\Local\loki\loki.log` |
| Linux | `~/.cache/coyote/coyote.log` |
| Mac | `~/Library/Logs/coyote/coyote.log` |
| Windows | `C:\Users\<User>\AppData\Local\coyote\coyote.log` |
```
please provide a copy of your loki log file here if possible; you may need to redact some of the lines
please provide a copy of your coyote log file here if possible; you may need to redact some of the lines
```
- type: input
@@ -57,13 +57,13 @@ body:
validations:
required: true
- type: input
id: loki-version
id: coyote-version
attributes:
label: Loki Version
label: Coyote Version
description: >
Loki version (`loki --version` if using a release, `git describe` if building
Coyote version (`coyote --version` if using a release, `git describe` if building
from main).
**Make sure that you are using the [latest loki release](https://github.com/Dark-Alex-17/loki/releases) or a newer main build**
placeholder: "loki 0.1.0"
**Make sure that you are using the [latest coyote release](https://github.com/Dark-Alex-17/coyote/releases) or a newer main build**
placeholder: "coyote 0.1.0"
validations:
required: true
+14 -14
View File
@@ -98,9 +98,9 @@ jobs:
# Ignore Act's local artifact dir noise
echo artifacts/ >> .git/info/exclude || true
# Edit the version line right after name="loki"
# Edit the version line right after name="coyote"
sed -E -i '
/^[[:space:]]*name[[:space:]]*=[[:space:]]*"loki"[[:space:]]*$/ {
/^[[:space:]]*name[[:space:]]*=[[:space:]]*"coyote"[[:space:]]*$/ {
n
s|^[[:space:]]*version[[:space:]]*=[[:space:]]*"[^"]*"|version = "'"$VERSION"'"|
}
@@ -278,7 +278,7 @@ jobs:
- name: Verify file
shell: bash
run: |
file target/${{ matrix.target }}/release/loki
file target/${{ matrix.target }}/release/coyote
- name: Test
if: matrix.target != 'aarch64-apple-darwin' && matrix.target != 'aarch64-pc-windows-msvc'
@@ -382,11 +382,11 @@ jobs:
shell: bash
run: |
# Set environment variables
macos_sha="$(cat ./artifacts/loki-x86_64-apple-darwin.sha256 | awk '{print $1}')"
macos_sha="$(cat ./artifacts/coyote-x86_64-apple-darwin.sha256 | awk '{print $1}')"
echo "MACOS_SHA=$macos_sha" >> $GITHUB_ENV
macos_sha_arm="$(cat ./artifacts/loki-aarch64-apple-darwin.sha256 | awk '{print $1}')"
macos_sha_arm="$(cat ./artifacts/coyote-aarch64-apple-darwin.sha256 | awk '{print $1}')"
echo "MACOS_SHA_ARM=$macos_sha_arm" >> $GITHUB_ENV
linux_sha="$(cat ./artifacts/loki-x86_64-unknown-linux-musl.sha256 | awk '{print $1}')"
linux_sha="$(cat ./artifacts/coyote-x86_64-unknown-linux-musl.sha256 | awk '{print $1}')"
echo "LINUX_SHA=$linux_sha" >> $GITHUB_ENV
release_version="$(cat ./artifacts/release-version)"
echo "RELEASE_VERSION=$release_version" >> $GITHUB_ENV
@@ -402,23 +402,23 @@ jobs:
if: env.ACT != 'true'
run: |
# run packaging script
python "./deployment/homebrew/packager.py" ${{ env.RELEASE_VERSION }} "./deployment/homebrew/loki.rb.template" "./loki.rb" ${{ env.MACOS_SHA }} ${{ env.MACOS_SHA_ARM }} ${{ env.LINUX_SHA }}
python "./deployment/homebrew/packager.py" ${{ env.RELEASE_VERSION }} "./deployment/homebrew/coyote.rb.template" "./coyote.rb" ${{ env.MACOS_SHA }} ${{ env.MACOS_SHA_ARM }} ${{ env.LINUX_SHA }}
- name: Push changes to Homebrew tap
if: env.ACT != 'true'
env:
TOKEN: ${{ secrets.LOKI_GITHUB_TOKEN }}
TOKEN: ${{ secrets.COYOTE_GITHUB_TOKEN }}
run: |
# push to Git
git config --global user.name "Dark-Alex-17"
git config --global user.email "alex.j.tusa@gmail.com"
git clone https://Dark-Alex-17:${{ secrets.LOKI_GITHUB_TOKEN }}@github.com/Dark-Alex-17/homebrew-loki.git
rm homebrew-loki/Formula/loki.rb
cp loki.rb homebrew-loki/Formula
cd homebrew-loki
git clone https://Dark-Alex-17:${{ secrets.COYOTE_GITHUB_TOKEN }}@github.com/Dark-Alex-17/homebrew-coyote.git
rm homebrew-coyote/Formula/coyote.rb
cp coyote.rb homebrew-coyote/Formula
cd homebrew-coyote
git add .
git diff-index --quiet HEAD || git commit -am "Update formula for Loki release ${{ env.RELEASE_VERSION }}"
git push https://$TOKEN@github.com/Dark-Alex-17/homebrew-loki.git
git diff-index --quiet HEAD || git commit -am "Update formula for Coyote release ${{ env.RELEASE_VERSION }}"
git push https://$TOKEN@github.com/Dark-Alex-17/homebrew-coyote.git
publish-crate:
needs: publish-github-release
+1 -1
View File
@@ -3,5 +3,5 @@
/.env
!cli/**
.idea/
/loki.iml
/coyote.iml
/.idea/
-1
View File
@@ -1 +0,0 @@
{"type":"rust","build":"cargo build","test":"cargo test","check":"cargo check","_detected_by":"heuristic","_cached_at":"2026-04-13T13:36:33-06:00"}
+239 -4
View File
@@ -1,3 +1,238 @@
## v0.7.0 (2026-06-18)
### Feat
- added a memory option to .set tab completions
- Added a diagnostic .info tools subcommand to make it easier to see what tools are enabled in all contexts
- Added additional info outputs for enabled skills and sbx directories
- directly execute shell commands from within the REPL
- created mixin kit for built-in functions and MCP servers
- Added sbx mixins for the secrets providers so users can also bootstrap those as well.
- added support for loading sbx mixins that are dynamically discovered in the users workspace and config directory
- Added a --fresh flag to let users create a truly bare bones sandbox without bootstrapping their config
- initial built-in sandboxing support powered by Docker sbx
- Added the ability to auto-bootstrap workspace memory when in git repos
- Added explicit guardrail handling for pending agents
- auto-append memory to memory index and don't necessarily require the LLM to remember to do it after a write
- Added an --init-memory [global|workspace] flag to easily and quickly enable memory
- added memory global configuration settings to the output of --info and .info
- added .set memory REPL commands to control memory injection and applied formatting
- Create the built-in memory management tools
- Append the memory system prompts (readonly or r/w) to the system prompt when applicable
- Created the --no-memory CLI flag to disable memory for this invocation
- Added the memory configuration properties and storage to the main app config, roles, sessions, and agents.
- initial scaffolding of a memory system
### Fix
- rebuild the tool scope after dynamically updating the skills_enabled value in the REPL
- properly resolve Windows-based local vault password file locations and bootstrap them into the sandbox when possible
- auto-translation of user-prefixed Mac and Linux paths for the vault password file when running inside a sandbox
- don't attempt to auto complete .vault list in the REPL; that's the end of the command
- buffer tool stdout as well as stderr so that any tools that error to stdout are captured and included in the response to the model, enabling the model to see what went wrong and to reason about how to fix it.
- auto-bootstrapped memory was accidentally putting the MEMORY.md directly in the repo root rather than .coyote/memory/MEMORY.md
- improved the fs_patch script description and added improved error handling to it.
- added in forgotten require_max_tokens to the fable model
- append memory functions to non-graph based agents on init
- when auto_continue is disabled via the .set auto_continue false command, it should strip the todo functions from the list of functions
- use rawPredict for non-streaming Claude requests
### Refactor
- Migrated the .skills command completion to use StateFlags and updated the help messages
## v0.6.0 (2026-06-05)
### Feat
- added skill hint prompt injection and configuration
- Fallthrough on missing secrets during mcp.json merging
- validate visible_skills field at config load time
- implemented reflexion (sorta) in sisyphus for significant code changes to delegate to the code-reviewer agent
- improved explore agent
- removed conditional fallback of LLM_*_RAW_JSON from built-ins
- updated enabled_skills handling to support both list and comma-separated strings
- added new REPL set commands for toggling skills and changing what skills are enabled
- upgraded to the latest version of mcp-remote
- fs_grep now works with both files and directories
- improved code reviewer agents with skills
- added round trip validation for vault providers to ensure permissions and authentication
- created new first-time run wizard for secrets provider
- vault_password_file or nothing at all is shorthand for just using the local gman provider for secret management
- refactored gman usage to be generic and work with various vault providers and use the SupportedProvider enum directly for configurations
- created initial parity gman generalization for vault provider
- Refactored the sisyhpus agent system to utilize the new skills system to improve performance and reliability
- llm graph nodes support skills
- updated sisyphus and coder tools
- removed potentially confusing tab completions for .skill
- .edit skill <name> support from within the REPL
- Added skills_dir to the info output of Coyote
- Created a few auto built-in skills
- Added support for auto_unload skills during chat
- cleaned up skill implementation
- support multiple skill flags to load multiple skills at CLI startup
- Modified --skill CLI to allow users to specify skills to start the REPL or CLI with.
- added CLI --skill flag for modifying skills easily
- REPL integration with skills
- dynamic loading/unloading of skill tools and MCP servers whenever load_skill/unload_skill are invoked
- created built-in functions for listing, loading, and unloading skills
- implemented the skills policy to track available skills per context
- added remote install and install support for skills
- created the skill registry
- decided to make skills persist to disk like agents and not in-memory like built-in roles
- scaffold skill module
### Fix
- disable skills for specific built-in roles
- redirect stderr into user's /dev/tty for guards
- azure doesn't support underscores in key vault
- accidental regression on enabled_skills being empty = all
- greedy secrets regex caused multiple secrets on one line to fail
- add agent context check to skill visibility validation
- enforced global visible_skills in llm node validation and improved skill loading error handling across the project
- restore agent skill policy on error during effective policy calculation
- apply the same validation for skill filenames on list_skills as happens everywhere else
- the vault's init_bare should try to load the provisioned secret_provider from the config file without also interpolating any of the rest of the configuration file. It should only fail if the user has not yet created a configuration file; i.e. done a first-time run.
- the vault roundtrip test used characters that are unsupported by some major secrets providers
- fixed tool filtering logic for skills and user functions in agents
- privilege leak when unloading skills and leaving tool scope untouched
- When bootstrapping an app config to interpolate secrets, clone the secrets provider configuration as well so config secrets stored in remote vaults can be used properly
- forgot to move back up the vault probe value error to be before the delete
- don't silently fail on skill role composition extraction in llm nodes
- set -euo pipefail for the temp script in execute_command.sh tool
- added forgotten skill name validation to has_skill to prevent side-channel attacks
- use unique values for the secrets round trip verification
- stop interpolating a line if any errors occur
- added path validation for skill names
- effective_policy unconditionally overwrote skill values for role-like structs
- updated execute_command to not mangle heredocs and also added explicit instructions to the coder and sisyphus agents to use fs_write and fs_patch over execute_command when writing files
- llm nodes accidentally skipped skill_registry::effective_role because I was passing an inline role instead
- updated temperature values for all agents and roles
- added back in require_max_tokens for new Claude models
- skill support also requires function calling to be enabled
- non_tty tests break on some TTY terminals
- skill loading on agents
- forgot to bootstrap skills on REPL startup
- remove now deprecated .skill edit command
### Refactor
- removed redundant skill name validation from has_skill function
- support both CSV and list formats for enabled_tools
- Support both CSV and list formats for enabled_mcp_servers
## v0.5.0 (2026-05-27)
### Feat
- rename Loki to Coyote
### Fix
- bash-based user interactions in agents accidentally regressed in graph implementation
- Claude function calling in agent contexts
- Claude code rate limit error per new Claude changes
## v0.4.0 (2026-05-23)
### Feat
- LLM node failures propgate up
- Added .install remote tab completions to the REPL
- feature complete install remote with category selection
- Support to interactively add secrets to Coyote that are missing from MCP configs when merging
- Added MCP config merging support for remote asset installations
- install remote now writes files to disk
- Created basic install_remote functions
- Created a more comprehensive and immediately useful default config for first runs
- Created an example graph-based agent called deep-research
- Improved coder agent that is now a graph-based agent
- Removed indicatif spinners. The UX just won't stop clobbering for parallel graph nodes
- Added agent variables support for graph agents and improved script executor to use the same environment variables as normal agent tool calling for further flexibility
- Improved UX with colored spinners for parallel graph agents and no clobbering outputs for sub-agents
- created new graph-based deep-research agent
- improved UX for parallel graph execution
- added branch progress tracker for better visualization of parallel graph super-steps
- Removed the jira-helper agent and replaced it with the atlassian role
- created the RenderMode enum to suppress stdout streaming during parallel graph super-steps
- Full support for map node types
- implemented the frontier-based scheduling for the graph executor with simplified state management (gotta love .clone)
- validation support for parallel graph execution; restricted map nodes to only run for nodes without next targets and not supporting chained map nodes
- created the staging area for state merges per super-step and created the built-in reducers (and their application) for the state merge phase of a super step
- scaffolding work for fan-out nodes for parallel branch execution support and stubbed out Map node types
- Coyote can now update itself via .update and --update commands
- added a .edit command for editing the MCP configuration file
- Created a new .install command to install bundled assets on-demand
- migrated llm node validation to graph loading time instead of graph runtime
- ripped out user input timeout scaffolding for approval and input node types; implementation can't be done cleanly
- added additional support for all RAG-configuration fields in RAG nodes
- initial support for RAG nodes in the graph execution system
- implemented structured logging for graph execution
- merged normal agent config and graph agent configs into one file (either/or)
- added structured-output extraction for llm and agent nodes
- created full llm node runtime implementation
- scaffolded together the initial llm node type and its executor
- wired together graph execution and agent graph dispatch
- implemented support for the graph executor
- created the approval node executor and the input node executor for user interaction
- Added initial support for native Coyote agent nodes in the graph-based agent system
- Added direct script invocation support for graph-based agents
- Added graph validation
- Implemented state management for agent graphs
- initial agent graph scaffolding
- add auto-continue support to all contexts
- dynamic tab completions now show the sessions for a given agent instead of only listing global sessions
- legacy SSE support for MCP server configurations
- support http/sse transport types for MCP server configurations so it fully supports claude desktop-style MCP configs
- 99% complete migration to new state structs to get away from God-Config struct; i.e. AppConfig, AppState, and RequestContext
- Automatic runtime customization using shebangs
- Created a demo TypeScript tool and a get_current_weather function in TypeScript
- Updated the Python demo tool to show all possible parameter types and variations
- Added TypeScript tool support using the refactored common ScriptedLanguage trait
### Fix
- Generified the functions usage of script detection for an executable bit on unix systems
- merge required claude code system prompt into instructions
- updated argc argument passing in run-tool and run-agent scripts
- Added additional graph validation for parallel reads and writes with dependencies between nodes states
- bug in next_single method and improved outcome handling for LLM node execution
- inline RAG bug when globbing files by extension without subdirectory globbing
- update the estimate_token_length function to use the standard word count method
- removed unnecessary regenerate logic for sessions and use the same logic for all contexts; prevents a panic on empty message list
- error when users try to start a session on a graph agent
- added on_other field for approval nodes so users can specify an alternative free-text target when none of the options match what they want
- accidentally added back in full agent tools on LLM nodes
- Improve the coder agent's usage of tools
- make the agent__collect escalation-aware so it doesn't freeze on sub-agent escalations
- check for an existing session before starting up MCP servers when switching to a role
- do not switch to agent if a session is active.
- Do not append todo instructions when function calling is disabled
- a bug in the dynamic completions because the crate name is coyote-ai but the binary is named coyote
- bug found by copilot that would create a lock on the PollSender for sse-based MCP servers
- Accidental shadow of temp_file function for Windows function calling
- upgraded to newer rmcp version to get native-tls support
- RagCache was not being used for agent and sub-agent instantiation
- TypeScript function args were being passed as objects rather than direct parameters
- Added in forgotten wrapper scripts for TypeScript tools
- don't shadow variables in binary path handling for Windows
- Tool call improvements for Windows systems
### Refactor
- migrated llm nodes to use Roles to simplify instructions handling and to function like inline roles
- migrated the next_node and apply_state_updates logic for LLM nodes into the LlmExecutor
- fully complete state re-architecting
- Fully ripped out the god Config struct
- Deprecated old Config struct initialization logic
- migrate functions and MCP servers to AppConfig
- Migrate the vault/bare_init logic
- created a single install_builtins free function to remove from Config::init
- partial migration to init in AppConfig
- Extracted common Python parser logic into a common.rs module
- python tools now use tree-sitter queries instead of AST
## v0.3.0 (2026-04-02)
### Feat
@@ -21,7 +256,7 @@
- Created a CodeRabbit-style code-reviewer agent
- Added configuration option in agents to indicate the timeout for user input before proceeding (defaults to 5 minutes)
- Added support for sub-agents to escalate user interaction requests from any depth to the parent agents for user interactions
- built-in user interaction tools to remove the need for the list/confirm/etc prompts in prompt tools and to enhance user interactions in Loki
- built-in user interaction tools to remove the need for the list/confirm/etc prompts in prompt tools and to enhance user interactions in Coyote
- Experimental update to sisyphus to use the new parallel agent spawning system
- Added an agent configuration property that allows auto-injecting sub-agent spawning instructions (when using the built-in sub-agent spawning system)
- Auto-dispatch support of sub-agents and support for the teammate pattern between subagents
@@ -75,7 +310,7 @@
- Simplified sisyphus prompt to improve functionality
- Supported the injection of RAG sources into the prompt, not just via the `.sources rag` command in the REPL so models can directly reference the documents that supported their responses
- Created the Sisyphus agent to make Loki function like Claude Code, Gemini, Codex, etc.
- Created the Sisyphus agent to make Coyote function like Claude Code, Gemini, Codex, etc.
- Created the Oracle agent to handle high-level architectural decisions and design questions about a given codebase
- Updated the coder agent to be much more task-focused and to be delegated to by Sisyphus
- Created the explore agent for exploring codebases to help answer questions
@@ -135,8 +370,8 @@
- Support for secret injection into the global config file (API keys, for example)
- Improved MCP handling toggle handling
- Secret injection into the MCP configuration
- added REPL support for interacting with the Loki vault
- Integrated gman with Loki to create a vault and added flags to configure the Loki vault
- added REPL support for interacting with the Coyote vault
- Integrated gman with Coyote to create a vault and added flags to configure the Coyote vault
- Added a default session to the jira helper to make interaction more natural
- Created the repo-analyzer role
- Created the coder and sql agents
+2 -2
View File
@@ -2,7 +2,7 @@
Contributors are very welcome! **No contribution is too small and all contributions are valued.**
## Rust
You'll need to have the stable Rust toolchain installed in order to develop Loki.
You'll need to have the stable Rust toolchain installed in order to develop Coyote.
The Rust toolchain (stable) can be installed via rustup using the following command:
@@ -84,5 +84,5 @@ Claude, etc.) is not permitted unless explicitly disclosed and approved.
Submissions must certify that the contributor understands and can maintain the code they submit.
## Questions? Reach out to me!
If you encounter any questions while developing Loki, please don't hesitate to reach out to me at
If you encounter any questions while developing Coyote, please don't hesitate to reach out to me at
alex.j.tusa@gmail.com. I'm happy to help contributors in any way I can, regardless of if they're new or experienced!
+6 -6
View File
@@ -1,19 +1,19 @@
# Credits
## AIChat
Loki originally started as a fork of the fantastic
Coyote originally started as a fork of the fantastic
[AIChat CLI](https://github.com/sigoden/aichat). The initial goal was simply
to fix a bug in how MCP servers worked with AIChat, allowing different MCP
servers to be specified per agent. Since then, Loki has evolved far beyond
servers to be specified per agent. Since then, Coyote has evolved far beyond
its original scope and grown into a passion project with a life of its own.
Today, Loki includes first-class MCP server support (for both local and remote
Today, Coyote includes first-class MCP server support (for both local and remote
servers), a built-in vault for interpolating secrets in configuration files,
built-in agents and macros, dynamic tab completions, integrated custom
functions (no external `argc` dependency), improved documentation, and much
more with many more ideas planned for the future.
Loki is now developed and maintained as an independent project. Full credit
Coyote is now developed and maintained as an independent project. Full credit
for the original foundation goes to the developers of the wonderful
AIChat project.
@@ -21,10 +21,10 @@ This project is not affiliated with or endorsed by the AIChat maintainers.
## AIChat
Loki originally began as a fork of [AIChat CLI](https://github.com/sigoden/aichat),
Coyote originally began as a fork of [AIChat CLI](https://github.com/sigoden/aichat),
created and maintained by the AIChat contributors.
While Loki has since diverged significantly and is now developed as an
While Coyote has since diverged significantly and is now developed as an
independent project, its early foundation and inspiration came from the
AIChat project.
Generated
+283 -432
View File
File diff suppressed because it is too large Load Diff
+8 -6
View File
@@ -1,12 +1,12 @@
[package]
name = "loki-ai"
version = "0.3.0"
name = "coyote-ai"
version = "0.7.0"
edition = "2024"
authors = ["Alex Clarke <alex.j.tusa@gmail.com>"]
description = "An all-in-one, batteries included LLM CLI Tool"
keywords = ["chatgpt", "llm", "cli", "ai", "repl"]
homepage = "https://github.com/Dark-Alex-17/loki"
repository = "https://github.com/Dark-Alex-17/loki"
homepage = "https://github.com/Dark-Alex-17/coyote"
repository = "https://github.com/Dark-Alex-17/coyote"
categories = ["command-line-utilities"]
readme = "README.md"
license = "MIT"
@@ -58,6 +58,8 @@ http = "1.1.0"
indexmap = { version = "2.2.6", features = ["serde"] }
hmac = "0.12.1"
aws-smithy-eventstream = "0.60.4"
aws-smithy-types = "=1.4.9"
time = "=0.3.47"
urlencoding = "2.1.3"
json-patch = { version = "4.0.0", default-features = false }
bitflags = "2.5.0"
@@ -91,7 +93,7 @@ tree-sitter-python = "0.25.0"
tree-sitter-typescript = "0.23"
colored = "3.0.0"
clap_complete = { version = "4.5.58", features = ["unstable-dynamic"] }
gman = "0.4.1"
gman = "0.5.0"
clap_complete_nushell = "4.5.9"
open = "5"
rand = { version = "0.10.0", features = ["default"] }
@@ -138,7 +140,7 @@ pretty_assertions = "1.4.0"
serial_test = "3"
[[bin]]
name = "loki"
name = "coyote"
path = "src/main.rs"
[profile.release]
+98 -94
View File
@@ -1,54 +1,57 @@
# Loki: All-in-one, batteries-included LLM CLI Tool
# Coyote: All-in-one, batteries-included LLM CLI Tool
![Test](https://github.com/Dark-Alex-17/loki/actions/workflows/ci.yaml/badge.svg)
[![crates.io link](https://img.shields.io/crates/v/loki-ai.svg)](https://crates.io/crates/loki-ai)
![Release](https://img.shields.io/github/v/release/Dark-Alex-17/loki?color=%23c694ff)
![Crate.io downloads](https://img.shields.io/crates/d/loki-ai?label=Crate%20downloads)
[![GitHub Downloads](https://img.shields.io/github/downloads/Dark-Alex-17/loki/total.svg?label=GitHub%20downloads)](https://github.com/Dark-Alex-17/loki/releases)
![Test](https://github.com/Dark-Alex-17/coyote/actions/workflows/ci.yaml/badge.svg)
[![crates.io link](https://img.shields.io/crates/v/coyote-ai.svg)](https://crates.io/crates/coyote-ai)
![Release](https://img.shields.io/github/v/release/Dark-Alex-17/coyote?color=%23c694ff)
![Crate.io downloads](https://img.shields.io/crates/d/coyote-ai?label=Crate%20downloads)
[![GitHub Downloads](https://img.shields.io/github/downloads/Dark-Alex-17/coyote/total.svg?label=GitHub%20downloads)](https://github.com/Dark-Alex-17/coyote/releases)
Loki is an all-in-one, batteries-included, LLM CLI tool featuring Shell Assistant, CLI & REPL Mode, RAG, AI Tools &
Coyote is an all-in-one, batteries-included, LLM CLI tool featuring Shell Assistant, CLI & REPL Mode, RAG, AI Tools &
Agents, and More.
It is designed to include a number of useful agents, roles, macros, and more so users can get up and running with Loki
It is designed to include a number of useful agents, roles, macros, and more so users can get up and running with Coyote
in as little time as possible. You can also install entire bundles of agents, roles, macros, tools, and MCP servers from
any git repository — see [Sharing Configurations](#sharing-configurations).
any git repository. See [Sharing Configurations](https://github.com/Dark-Alex-17/coyote/wiki/Sharing-Configurations) for more information.
![Agent example](https://raw.githubusercontent.com/wiki/Dark-Alex-17/loki/images/agents/sql.gif)
![Agent example](https://raw.githubusercontent.com/wiki/Dark-Alex-17/coyote/images/agents/sql.gif)
Coming from [AIChat](https://github.com/sigoden/aichat)? Follow the [migration guide](https://github.com/Dark-Alex-17/loki/wiki/AIChat-Migration) to get started.
Coming from [AIChat](https://github.com/sigoden/aichat)? Follow the [migration guide](https://github.com/Dark-Alex-17/coyote/wiki/AIChat-Migration) to get started.
## Quick Links
* [AIChat Migration Guide](https://github.com/Dark-Alex-17/loki/wiki/AIChat-Migration): Coming from AIChat? Follow the migration guide to get started.
* [Installation](#install): Install Loki
* [Getting Started](#getting-started): Get started with Loki by doing first-run setup steps.
* [Sharing Configurations](https://github.com/Dark-Alex-17/loki/wiki/Sharing-Configurations): Install bundles of agents, roles, macros, tools, and MCP servers from any git repo, and share your own.
* [REPL](https://github.com/Dark-Alex-17/loki/wiki/REPL): Interactive Read-Eval-Print Loop for conversational interactions with LLMs and Loki.
* [Custom REPL Prompt](https://github.com/Dark-Alex-17/loki/wiki/REPL-Prompt): Customize the REPL prompt to provide useful contextual information.
* [Vault](https://github.com/Dark-Alex-17/loki/wiki/Vault): Securely store and manage sensitive information such as API keys and credentials.
* [Shell Integrations](https://github.com/Dark-Alex-17/loki/wiki/Shell-Integrations): Seamlessly integrate Loki with your shell environment for enhanced command-line assistance.
* [Function Calling](https://github.com/Dark-Alex-17/loki/wiki/Tools): Leverage function calling capabilities to extend Loki's functionality with custom tools
* [Creating Custom Tools](https://github.com/Dark-Alex-17/loki/wiki/Custom-Tools): You can create your own custom tools to enhance Loki's capabilities.
* [Create Custom Python Tools](https://github.com/Dark-Alex-17/loki/wiki/Custom-Tools#custom-python-based-tools)
* [Create Custom TypeScript Tools](https://github.com/Dark-Alex-17/loki/wiki/Custom-Tools#custom-typescript-based-tools)
* [Create Custom Bash Tools](https://github.com/Dark-Alex-17/loki/wiki/Custom-Bash-Tools)
* [Bash Prompt Utilities](https://github.com/Dark-Alex-17/loki/wiki/Bash-Prompt-Helpers)
* [First-Class MCP Server Support](https://github.com/Dark-Alex-17/loki/wiki/MCP-Servers): Easily connect and interact with MCP servers for advanced functionality.
* [Macros](https://github.com/Dark-Alex-17/loki/wiki/Macros): Automate repetitive tasks and workflows with Loki "scripts" (macros).
* [RAG](https://github.com/Dark-Alex-17/loki/wiki/RAG): Retrieval-Augmented Generation for enhanced information retrieval and generation.
* [Sessions](https://github.com/Dark-Alex-17/loki/wiki/Sessions): Manage and persist conversational contexts and settings across multiple interactions.
* [Roles](https://github.com/Dark-Alex-17/loki/wiki/Roles): Customize model behavior for specific tasks or domains.
* [Agents](https://github.com/Dark-Alex-17/loki/wiki/Agents): Leverage AI agents to perform complex tasks and workflows, including sub-agent spawning, teammate messaging, and user interaction tools.
* [Graph Agents](https://github.com/Dark-Alex-17/loki/wiki/Graph-Agents): Define an agent as a declarative, YAML-driven workflow. A directed graph of typed nodes (LLM calls, scripts, approvals, user input, RAG retrieval, sub-agent spawns).
* [Todo System](https://github.com/Dark-Alex-17/loki/wiki/TODO-System): Built-in task tracking for improved LLM reliability with smaller models.
* [Environment Variables](https://github.com/Dark-Alex-17/loki/wiki/Environment-Variables): Override and customize your Loki configuration at runtime with environment variables.
* [Client Configurations](https://github.com/Dark-Alex-17/loki/wiki/Clients): Configuration instructions for various LLM providers.
* [Authentication (API Key & OAuth)](https://github.com/Dark-Alex-17/loki/wiki/Clients#authentication): Authenticate with API keys or OAuth for subscription-based access.
* [Patching API Requests](https://github.com/Dark-Alex-17/loki/wiki/Patches): Learn how to patch API requests for advanced customization.
* [Custom Themes](https://github.com/Dark-Alex-17/loki/wiki/Themes): Change the look and feel of Loki to your preferences with custom themes.
* [History](#history): A history of how Loki came to be.
* [AIChat Migration Guide](https://github.com/Dark-Alex-17/coyote/wiki/AIChat-Migration): Coming from AIChat? Follow the migration guide to get started.
* [Installation](#install): Install Coyote
* [Getting Started](#getting-started): Get started with Coyote by doing first-run setup steps.
* [Sharing Configurations](https://github.com/Dark-Alex-17/coyote/wiki/Sharing-Configurations): Install bundles of agents, roles, macros, tools, and MCP servers from any git repo, and share your own.
* [REPL](https://github.com/Dark-Alex-17/coyote/wiki/REPL): Interactive Read-Eval-Print Loop for conversational interactions with LLMs and Coyote.
* [Custom REPL Prompt](https://github.com/Dark-Alex-17/coyote/wiki/REPL-Prompt): Customize the REPL prompt to provide useful contextual information.
* [Vault](https://github.com/Dark-Alex-17/coyote/wiki/Vault): Securely store and manage sensitive information such as API keys and credentials.
* [Sandboxes](https://github.com/Dark-Alex-17/coyote/wiki/Sandboxes): Launch Coyote inside an isolated [Docker Sandbox](https://docs.docker.com/ai/sandboxes/) with one command. Host config and vault credentials are projected in automatically; everything else is delegated to the `sbx` CLI.
* [Shell Integrations](https://github.com/Dark-Alex-17/coyote/wiki/Shell-Integrations): Seamlessly integrate Coyote with your shell environment for enhanced command-line assistance.
* [Function Calling](https://github.com/Dark-Alex-17/coyote/wiki/Tools): Leverage function calling capabilities to extend Coyote's functionality with custom tools
* [Creating Custom Tools](https://github.com/Dark-Alex-17/coyote/wiki/Custom-Tools): You can create your own custom tools to enhance Coyote's capabilities.
* [Create Custom Python Tools](https://github.com/Dark-Alex-17/coyote/wiki/Custom-Tools#custom-python-based-tools)
* [Create Custom TypeScript Tools](https://github.com/Dark-Alex-17/coyote/wiki/Custom-Tools#custom-typescript-based-tools)
* [Create Custom Bash Tools](https://github.com/Dark-Alex-17/coyote/wiki/Custom-Bash-Tools)
* [Bash Prompt Utilities](https://github.com/Dark-Alex-17/coyote/wiki/Bash-Prompt-Helpers)
* [First-Class MCP Server Support](https://github.com/Dark-Alex-17/coyote/wiki/MCP-Servers): Easily connect and interact with MCP servers for advanced functionality.
* [Macros](https://github.com/Dark-Alex-17/coyote/wiki/Macros): Automate repetitive tasks and workflows with Coyote "scripts" (macros).
* [RAG](https://github.com/Dark-Alex-17/coyote/wiki/RAG): Retrieval-Augmented Generation for enhanced information retrieval and generation.
* [Sessions](https://github.com/Dark-Alex-17/coyote/wiki/Sessions): Manage and persist conversational contexts and settings across multiple interactions.
* [Memory](https://github.com/Dark-Alex-17/coyote/wiki/Memory): Persistent file-based memory that survives across sessions. Bootstrap with `coyote --init-memory [global|workspace]`.
* [Roles](https://github.com/Dark-Alex-17/coyote/wiki/Roles): Customize model behavior for specific tasks or domains.
* [Skills](https://github.com/Dark-Alex-17/coyote/wiki/Skills): Modular knowledge or capability packs the LLM can load and unload mid-conversation. Multiple skills compose; instructions stack, tools and MCPs union.
* [Agents](https://github.com/Dark-Alex-17/coyote/wiki/Agents): Leverage AI agents to perform complex tasks and workflows, including sub-agent spawning, teammate messaging, and user interaction tools.
* [Graph Agents](https://github.com/Dark-Alex-17/coyote/wiki/Graph-Agents): Define an agent as a declarative, YAML-driven workflow. A directed graph of typed nodes (LLM calls, scripts, approvals, user input, RAG retrieval, sub-agent spawns).
* [Todo System](https://github.com/Dark-Alex-17/coyote/wiki/TODO-System): Built-in task tracking for improved LLM reliability with smaller models.
* [Environment Variables](https://github.com/Dark-Alex-17/coyote/wiki/Environment-Variables): Override and customize your Coyote configuration at runtime with environment variables.
* [Client Configurations](https://github.com/Dark-Alex-17/coyote/wiki/Clients): Configuration instructions for various LLM providers.
* [Authentication (API Key & OAuth)](https://github.com/Dark-Alex-17/coyote/wiki/Clients#authentication): Authenticate with API keys or OAuth for subscription-based access.
* [Patching API Requests](https://github.com/Dark-Alex-17/coyote/wiki/Patches): Learn how to patch API requests for advanced customization.
* [Custom Themes](https://github.com/Dark-Alex-17/coyote/wiki/Themes): Change the look and feel of Coyote to your preferences with custom themes.
* [History](#history): A history of how Coyote came to be.
## Prerequisites
Loki requires the following tools to be installed on your system:
Coyote requires the following tools to be installed on your system:
* [jq](https://github.com/jqlang/jq)
* `brew install jq`
* [usql](https://github.com/xo/usql) (For the `sql` agent)
@@ -57,57 +60,57 @@ Loki requires the following tools to be installed on your system:
* [uv](https://docs.astral.sh/uv/getting-started/installation/)
* `curl -LsSf https://astral.sh/uv/install.sh | sh`
These tools are used to provide various functionalities within Loki, such as document processing, JSON manipulation,
These tools are used to provide various functionalities within Coyote, such as document processing, JSON manipulation,
etc., and they are used within agents and tools.
## Install
### Cargo
If you have Cargo installed, then you can install `loki` from Crates.io:
If you have Cargo installed, then you can install `coyote` from Crates.io:
```shell
cargo install loki-ai # Binary name is `loki`
cargo install coyote-ai # Binary name is `coyote`
# If you encounter issues installing, try installing with '--locked'
cargo install --locked loki-ai
cargo install --locked coyote-ai
```
### Homebrew (Mac/Linux)
To install Loki from Homebrew, install the `loki` tap. Then you'll be able to install `loki`:
To install Coyote from Homebrew, install the `coyote` tap. Then you'll be able to install `coyote`:
```shell
brew tap Dark-Alex-17/loki
brew install loki
brew tap Dark-Alex-17/coyote
brew install coyote
# If you need to be more specific, use:
brew install Dark-Alex-17/loki/loki
brew install Dark-Alex-17/coyote/coyote
```
To upgrade `loki` using Homebrew:
To upgrade `coyote` using Homebrew:
```shell
brew upgrade loki
brew upgrade coyote
```
### Scripts
#### Linux/MacOS (`bash`)
You can use the following command to run a bash script that downloads and installs the latest version of `loki` for your
You can use the following command to run a bash script that downloads and installs the latest version of `coyote` for your
OS (Linux/MacOS) and architecture (x86_64/arm64):
```shell
curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/loki/main/install_loki.sh | bash
curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/install_coyote.sh | bash
```
#### Windows/Linux/MacOS (`PowerShell`)
You can use the following command to run a PowerShell script that downloads and installs the latest version of `loki`
You can use the following command to run a PowerShell script that downloads and installs the latest version of `coyote`
for your OS (Windows/Linux/MacOS) and architecture (x86_64/arm64):
```powershell
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/loki/main/scripts/install_loki.ps1 | iex"
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.ps1 | iex"
```
### Manual
Binaries are available on the [releases](https://github.com/Dark-Alex-17/loki/releases) page for the following platforms:
Binaries are available on the [releases](https://github.com/Dark-Alex-17/coyote/releases) page for the following platforms:
| Platform | Architecture(s) |
|----------------|-----------------|
@@ -118,102 +121,103 @@ Binaries are available on the [releases](https://github.com/Dark-Alex-17/loki/re
#### Windows Instructions
To use a binary from the releases page on Windows, do the following:
1. Download the latest [binary](https://github.com/Dark-Alex-17/loki/releases) for your OS.
1. Download the latest [binary](https://github.com/Dark-Alex-17/coyote/releases) for your OS.
2. Use 7-Zip or TarTool to unpack the Tar file.
3. Run the executable `loki.exe`!
3. Run the executable `coyote.exe`!
#### Linux/MacOS Instructions
To use a binary from the releases page on Linux/MacOS, do the following:
1. Download the latest [binary](https://github.com/Dark-Alex-17/loki/releases) for your OS.
1. Download the latest [binary](https://github.com/Dark-Alex-17/coyote/releases) for your OS.
2. `cd` to the directory where you downloaded the binary.
3. Extract the binary with `tar -C /usr/local/bin -xzf loki-<arch>.tar.gz` (Note: This may require `sudo`)
4. Now you can run `loki`!
3. Extract the binary with `tar -C /usr/local/bin -xzf coyote-<arch>.tar.gz` (Note: This may require `sudo`)
4. Now you can run `coyote`!
## Updating
Loki can update itself in place to the latest GitHub release. Run `loki --update`
for the newest release, or `loki --update v0.4.0` for a specific version:
Coyote can update itself in place to the latest GitHub release. Run `coyote --update`
for the newest release, or `coyote --update v0.4.0` for a specific version:
```shell
loki --update
loki --update v0.4.0
coyote --update
coyote --update v0.4.0
```
The same is available from within the REPL via `.update` and `.update v0.4.0`.
If Loki was installed with a package manager, prefer that package manager so its
records stay in sync with the binary on disk; i.e. `brew upgrade loki` for Homebrew,
or `cargo install --locked loki-ai` for Cargo.
If Coyote was installed with a package manager, prefer that package manager so its
records stay in sync with the binary on disk; i.e. `brew upgrade coyote` for Homebrew,
or `cargo install --locked coyote-ai` for Cargo.
When Loki detects a package-manager install it prints a warning and asks for
When Coyote detects a package-manager install it prints a warning and asks for
confirmation. In a non-interactive shell (no TTY), pass `--force` to update
anyway:
```shell
loki --update --force
coyote --update --force
```
## Getting Started
After installation, you can generate the configuration files and directories by simply running:
```sh
loki --info
coyote --info
```
Then, you need to set up the Loki vault by creating a vault password file. Loki will do this for you automatically and
Then, you need to set up the Coyote vault by creating a vault password file. Coyote will do this for you automatically and
guide you through the process when you first attempt to access the vault. So, to get started, you can run:
```sh
loki --list-secrets
coyote --list-secrets
```
### Authentication
Each client in your configuration needs authentication (with a few exceptions; e.g. ollama). Most clients use an API key
(set via `api_key` in the config or through the [vault](https://github.com/Dark-Alex-17/loki/wiki/Vault)). For providers that support OAuth (e.g. Claude Pro/Max
(set via `api_key` in the config or through the [vault](https://github.com/Dark-Alex-17/coyote/wiki/Vault)). For providers that support OAuth (e.g. Claude Pro/Max
subscribers, Google Gemini), you can authenticate with your existing subscription instead:
```yaml
# In your config.yaml
clients:
- type: claude
name: my-claude-oauth
auth: oauth # Indicate you want to authenticate with OAuth instead of an API key
```
```sh
loki --authenticate claude
coyote --authenticate my-claude-oauth
# Or via the REPL: .authenticate
```
For full details, see the [authentication documentation](https://github.com/Dark-Alex-17/loki/wiki/Clients#authentication).
For full details, see the [authentication documentation](https://github.com/Dark-Alex-17/coyote/wiki/Clients#authentication).
### Tab-Completions
You can also enable tab completions to make using Loki easier. To do so, add the following to your shell profile:
You can also enable tab completions to make using Coyote easier. To do so, add the following to your shell profile:
```shell
# Bash
# (add to: `~/.bashrc`)
source <(COMPLETE=bash loki)
source <(COMPLETE=bash coyote)
# Zsh
# (add to: `~/.zshrc`)
source <(COMPLETE=zsh loki)
source <(COMPLETE=zsh coyote)
# Fish
# (add to: `~/.config/fish/config.fish`)
source <(COMPLETE=fish loki | psub)
source <(COMPLETE=fish coyote | psub)
# Elvish
# (add to: `~/.elvish/rc.elv`)
eval (E:COMPLETE=elvish loki | slurp)
eval (E:COMPLETE=elvish coyote | slurp)
# PowerShell
# (add to: `$PROFILE`)
$env:COMPLETE = "powershell"
loki | Out-String | Invoke-Expression
coyote | Out-String | Invoke-Expression
```
### Shell Integration
You can integrate Loki's Shell Assistant into your shell for enhanced command-line assistance. Add the code in the
corresponding [shell integration script](./scripts/shell-integration) to your shell. Then, you can invoke Loki to convert natural language to
You can integrate Coyote's Shell Assistant into your shell for enhanced command-line assistance. Add the code in the
corresponding [shell integration script](./scripts/shell-integration) to your shell. Then, you can invoke Coyote to convert natural language to
shell commands by pressing `Alt-e`. For example:
```shell
@@ -223,18 +227,18 @@ find . -name "*.md"
```
## Configuration
The location of the global Loki configuration varies between systems, so you can use the following command to find your
The location of the global Coyote configuration varies between systems, so you can use the following command to find your
`config.yaml` file:
```shell
loki --info | grep 'config_file' | awk '{print $2}'
coyote --info | grep 'config_file' | awk '{print $2}'
```
The configuration file consists of a number of settings. To see a full example configuration file with every setting
defined, refer to the [example configuration file](./config.example.yaml).
### Default LLM
The following settings are available to configure the default LLM that is used when you start Loki, and its
The following settings are available to configure the default LLM that is used when you start Coyote, and its
hyperparameters:
| Setting | Description |
@@ -244,34 +248,34 @@ hyperparameters:
| `top_p` | The default `top_p` hyperparameter value to use for all models, with a range of (0,1) (or (0,2) for some models); <br>Used unless explicitly overridden |
### CLI Behavior
You can use the following settings to modify the behavior of Loki:
You can use the following settings to modify the behavior of Coyote:
| Setting | Default Value | Description |
|---------------|---------------|-------------------------------------------------------------------------------------------------------------------------------------|
| `stream` | `true` | Controls whether to use stream-style APIs when querying for completions from LLM providers |
| `save` | `true` | Controls whether to save each query/response to every model to `messages.md` for posterity; Useful for debugging |
| `keybindings` | `emacs` | Specifies which keybinding schema to use; can either be `emacs` or `vi` |
| `editor` | `null` | What text editor Loki should use to edit the input buffer or session (e.g. `vim`, `emacs`, `nano`, `hx`); <br>Defaults to `$EDITOR` |
| `editor` | `null` | What text editor Coyote should use to edit the input buffer or session (e.g. `vim`, `emacs`, `nano`, `hx`); <br>Defaults to `$EDITOR` |
| `wrap` | `no` | Controls whether text is wrapped (can be `no`, `auto`, or some `<max_width>` |
| `wrap_code` | `false` | Enables or disables the wrapping of code blocks |
### Preludes
Preludes let you define the default behavior for the different operating modes of Loki. The available settings are
Preludes let you define the default behavior for the different operating modes of Coyote. The available settings are
shown below:
| Setting | Description |
|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `repl_prelude` | This setting lets you specify a default `session` or `role` to use when starting Loki in [REPL](https://github.com/Dark-Alex-17/loki/wiki/REPL) mode. <br>Values can be <ul><li>`role:<name>` to define a role</li><li>`session:<name>` to define a session</li><li>`<session>:<role>` to define both a session and a role to use</li></ul> |
| `cmd_prelude` | This setting lets you specify a default `session` or `role` to use when running one-off queries in Loki via the CLI. <br>Values can be <ul><li>`role:<name>` to define a role</li><li>`session:<name>` to define a session</li><li>`<session>:<role>` to define both a session and a role to use</li></ul> |
| `repl_prelude` | This setting lets you specify a default `session` or `role` to use when starting Coyote in [REPL](https://github.com/Dark-Alex-17/coyote/wiki/REPL) mode. <br>Values can be <ul><li>`role:<name>` to define a role</li><li>`session:<name>` to define a session</li><li>`<session>:<role>` to define both a session and a role to use</li></ul> |
| `cmd_prelude` | This setting lets you specify a default `session` or `role` to use when running one-off queries in Coyote via the CLI. <br>Values can be <ul><li>`role:<name>` to define a role</li><li>`session:<name>` to define a session</li><li>`<session>:<role>` to define both a session and a role to use</li></ul> |
| `agent_session` | This setting is used to specify a default session that all agents should start into, unless otherwise specified in the agent configuration. (e.g. `temp`, `default`) |
### Appearance
The appearance of Loki can be modified using the following settings:
The appearance of Coyote can be modified using the following settings:
| Setting | Default Value | Description |
|---------------|---------------|------------------------------------------------------|
| `highlight` | `true` | This setting enables or disables syntax highlighting |
| `light_theme` | `false` | This setting toggles light mode in Loki |
| `light_theme` | `false` | This setting toggles light mode in Coyote |
### Miscellaneous Settings
| Setting | Default Value | Description |
@@ -283,7 +287,7 @@ The appearance of Loki can be modified using the following settings:
## History
Loki began as a fork of [AIChat CLI](https://github.com/sigoden/aichat) and has since evolved into an independent project.
Coyote began as a fork of [AIChat CLI](https://github.com/sigoden/aichat) and has since evolved into an independent project.
See [CREDITS.md](./CREDITS.md) for full attribution and background.
+4 -4
View File
@@ -7,14 +7,14 @@ set -euo pipefail
#######################
# Cache file name for detected project info
_LOKI_PROJECT_CACHE=".loki-project.json"
_COYOTE_PROJECT_CACHE=".coyote-project.json"
# Read cached project detection if valid
# Usage: _read_project_cache "/path/to/project"
# Returns: cached JSON on stdout (exit 0) or nothing (exit 1)
_read_project_cache() {
local dir="$1"
local cache_file="${dir}/${_LOKI_PROJECT_CACHE}"
local cache_file="${dir}/${_COYOTE_PROJECT_CACHE}"
if [[ -f "${cache_file}" ]]; then
local cached
@@ -32,7 +32,7 @@ _read_project_cache() {
_write_project_cache() {
local dir="$1"
local json="$2"
local cache_file="${dir}/${_LOKI_PROJECT_CACHE}"
local cache_file="${dir}/${_COYOTE_PROJECT_CACHE}"
echo "${json}" > "${cache_file}" 2>/dev/null || true
}
@@ -238,7 +238,7 @@ _detect_with_llm() {
)
local llm_response
llm_response=$(loki --no-stream "${prompt}" 2>/dev/null) || return 1
llm_response=$(coyote --no-stream "${prompt}" 2>/dev/null) || return 1
llm_response=$(echo "${llm_response}" | sed 's/^```json//;s/^```//;s/```$//' | tr -d '\n' | sed 's/^[[:space:]]*//')
llm_response=$(echo "${llm_response}" | grep -o '{[^}]*}' | head -1)
+48 -12
View File
@@ -1,7 +1,6 @@
name: code-reviewer
description: CodeRabbit-style code reviewer - spawns per-file reviewers, synthesizes findings
version: 1.0.0
temperature: 0.1
version: 2.0.0
auto_continue: true
max_auto_continues: 20
@@ -11,6 +10,11 @@ can_spawn_agents: true
max_concurrent_agents: 10
max_agent_depth: 2
skills_enabled: true
enabled_skills:
- delegation-protocol
- parallel-research
variables:
- name: project_dir
description: Project directory to review
@@ -18,6 +22,7 @@ variables:
global_tools:
- fs_read.sh
- fs_cat.sh
- fs_grep.sh
- fs_glob.sh
- execute_command.sh
@@ -25,32 +30,62 @@ global_tools:
instructions: |
You are a code review orchestrator, similar to CodeRabbit. You coordinate per-file reviews and produce a unified report.
## Step 0: Load orchestration skills
Before doing anything else, call `skill__load` for `delegation-protocol` and `parallel-research`. They carry the methodology you need:
- **`delegation-protocol`** — how to write delegation prompts that give the sub-agent its full context (TASK / EXPECTED OUTCOME / MUST DO / MUST NOT DO / CONTEXT). Apply this format when spawning each file-reviewer.
- **`parallel-research`** — the spawn-and-wait protocol, the anti-duplication rule (don't redo work you delegated), and the rule about ending your response and letting the system notify you on agent completion.
Both skills are always-on for this agent's workflow. Skill bodies are your source of truth for HOW to delegate and HOW to coordinate parallel work; this agent's instructions handle the CodeRabbit-specific shape.
## Workflow
1. **Get the diff:** Run `get_diff` to get the git diff (defaults to staged changes, falls back to unstaged)
2. **Parse changed files:** Extract the list of files from the diff
3. **Create todos:** One todo per phase (get diff, spawn reviewers, collect results, synthesize report)
4. **Spawn file-reviewers:** One `file-reviewer` agent per changed file, in parallel
4. **Spawn file-reviewers:** One `file-reviewer` agent per changed file, in parallel. Apply the `delegation-protocol` structured prompt format.
5. **Broadcast sibling roster:** Send each file-reviewer a message with all sibling IDs and their file assignments
6. **Collect all results:** Wait for each file-reviewer to complete
6. **Collect all results:** Per `parallel-research`, do not poll. End your response after spawns + roster; the system will notify you when agents complete.
7. **Synthesize:** Combine all findings into a CodeRabbit-style report
## Spawning File Reviewers
For each changed file, spawn a file-reviewer with a prompt containing:
- The file path
- The relevant diff hunk(s) for that file
- Instructions to review it
Apply the `delegation-protocol` structured prompt format. Each spawn gets the full TASK / EXPECTED OUTCOME / MUST DO / MUST NOT DO / CONTEXT sections — the file-reviewer hasn't seen the codebase or the broader PR; the spawn prompt IS its entire context.
```
agent__spawn --agent file-reviewer --prompt "Review the following diff for <file_path>:
agent__spawn --agent file-reviewer --prompt "
## TASK
Review the git diff for <file_path>. Produce structured findings per your output format.
## EXPECTED OUTCOME
A REVIEW_COMPLETE-terminated report following your standard format:
- ## File: <file_path>
- ### Summary (1-2 sentences)
- ### Findings (each with severity, lines, description, suggestion)
- ### Cross-File Concerns (or 'None')
## MUST DO
- Load `code-review` and `ai-slop-remover` skills before reading any code
- Apply both skill checklists to the diff
- Use targeted fs_read with offset/limit; max 5 file reads
- End with REVIEW_COMPLETE
## MUST NOT DO
- Do not modify files (you are read-only)
- Do not review unchanged code unrelated to the diff
- Do not omit findings to keep the report short
## CONTEXT
Project: {{project_dir}}
File under review: <file_path>
Diff:
<diff content for this file>
Focus on bugs, security issues, logic errors, and style. Use the severity format (🔴🟡🟢💡).
End with REVIEW_COMPLETE."
"
```
Paste the actual diff hunk(s) inline — the reviewer can't see your context. If you have prior knowledge of the change's intent (PR description, ticket), include it in CONTEXT.
## Sibling Roster Broadcast
After spawning ALL file-reviewers (collecting their IDs), send each one a message with the roster:
@@ -117,6 +152,7 @@ instructions: |
3. **Don't review code yourself:** Delegate ALL review work to file-reviewers
4. **Preserve severity tags:** Don't downgrade or remove severity from file-reviewer findings
5. **Include ALL findings:** Don't summarize away specific issues
6. **File reads:** If you do read a file directly (e.g. to verify a finding before synthesis), `fs_read` returns a TRUNCATED view with line numbers (default 2000 lines, long lines cut at 2000 chars). Use `fs_cat` only when you need the FULL untruncated contents of a file.
## Context
- Project: {{project_dir}}
+3 -3
View File
@@ -4,7 +4,7 @@ A graph-based implementation agent. Plans, implements, and runs build +
tests in a bounded fix-loop until verified. Designed to be delegated to by
the **[Sisyphus](../sisyphus/README.md)** agent.
Coder is a [graph agent](https://github.com/Dark-Alex-17/loki/wiki/Graph-Agents): its workflow is
Coder is a [graph agent](https://github.com/Dark-Alex-17/coyote/wiki/Graph-Agents): its workflow is
defined declaratively in `graph.yaml`, with verification and the
implement-fix loop enforced as graph edges rather than prose.
@@ -42,10 +42,10 @@ so it accepts the runtime override flag:
```sh
# Invoke from inside the project (project_dir defaults to ".")
cd /path/to/your/project
loki -a coder "Add a foo() function..."
coyote -a coder "Add a foo() function..."
# Or invoke from anywhere with an explicit override
loki -a coder --agent-variable project_dir /path/to/your/project "Add..."
coyote -a coder --agent-variable project_dir /path/to/your/project "Add..."
```
`graph.yaml` `initial_state` exposes:
+105 -8
View File
@@ -4,8 +4,6 @@ description: |
bounded fix-loop until verified. Designed to be delegated to by sisyphus.
version: "1.0"
temperature: 0.1
global_tools:
- fs_cat.sh
- fs_ls.sh
@@ -13,12 +11,20 @@ global_tools:
- fs_patch.sh
- execute_command.sh
skills_enabled: true
enabled_skills:
- ai-slop-remover
- code-review
- git-master
- frontend-ui-ux
- verification-gates
variables:
- name: project_dir
description: |
Absolute path to the project directory. Defaults to "." which is the
directory you invoked `loki` from. Override at runtime with
`loki -a coder --agent-variable project_dir /abs/path "..."`.
directory you invoked `coyote` from. Override at runtime with
`coyote -a coder --agent-variable project_dir /abs/path "..."`.
default: "."
settings:
@@ -40,6 +46,10 @@ initial_state:
files_to_create: []
risks: []
complexity_score: 0
review_attempts: 0
max_review_attempts: 1
review_clean: true
review_notes: ""
start: resolve_paths
@@ -70,7 +80,7 @@ nodes:
MUST be absolute. The project root is {{project_dir}}. Prefer paths
like "{{project_dir}}/src/foo.rs" over "src/foo.rs". The implementer
uses these paths directly with fs_write and fs_patch tools, which
resolve relative paths against the loki invocation directory (NOT
resolve relative paths against the coyote invocation directory (NOT
the project dir). Empty arrays are fine if no files in that category.
`risks` is a list of short strings. Anything that could derail the
@@ -145,17 +155,37 @@ nodes:
id: implement
type: llm
description: Write code via fs tools. Bounded tool-call loop.
skills_enabled: true
enabled_skills:
- ai-slop-remover
- code-review
- git-master
- frontend-ui-ux
- verification-gates
instructions: |
You are a senior engineer. Implement the plan by writing code via
tools. Follow existing patterns in the codebase.
## Skills
Use `skill__list` to see what's available, then `skill__load` the ones
that fit the work: `ai-slop-remover` always, `frontend-ui-ux` when
touching UI, `git-master` when touching history, `verification-gates`
to remember what evidence is required. Unload when a phase ends.
## Writing code
1. Use `fs_patch` for surgical edits to existing files.
2. Use `fs_write` for new files or full rewrites.
3. NEVER output code to chat. Always use tools.
4. ALWAYS pass ABSOLUTE paths to fs_write and fs_patch. Relative
paths resolve against the loki invocation directory (not the
3. NEVER write files via `execute_command`. Do not use `cat >`,
`cat >>`, `echo >`, `printf >`, `tee`, heredocs (`<<EOF`), or
`python3 -c "open(...).write(...)"`. Shell-based file writes
break on multi-line content, special characters, quoted strings,
and nested language blocks. `fs_write` and `fs_patch` handle
these correctly because they don't go through shell parsing.
4. NEVER output code to chat. Always use tools.
5. ALWAYS pass ABSOLUTE paths to fs_write and fs_patch. Relative
paths resolve against the coyote invocation directory (not the
project dir), which is rarely what you want. The project root
is {{project_dir}}.
@@ -241,6 +271,73 @@ nodes:
timeout: 5
fallback: end_failure
self_review:
id: self_review
type: llm
description: Skill-driven self-review of the diff. Catches AI slop, dishonest naming, suppressed errors. Bounded to max_review_attempts.
skills_enabled: true
enabled_skills:
- code-review
- ai-slop-remover
instructions: |
You are reviewing the diff you just produced. Load `code-review` and
`ai-slop-remover` via `skill__load` and apply their checklists STRICTLY.
Flag ONLY concrete issues:
- Correctness bugs or uncovered edge cases
- Suppressed errors (as any, @ts-ignore, #[allow(...)] on unfamiliar
lints, empty catch blocks)
- Dishonest naming (get_X that mutates, returns wrong type, etc.)
- Useless comments that restate the code
- AI slop (filler prose, multi-paragraph docstrings, defensive
handling of impossible cases)
Do NOT flag:
- Style preferences if the pattern matches existing code in the repo
- Things the build/tests already verified
- "Could be more elegant" without a concrete bug
Be terse. The orchestrator wants signal, not noise. If you find nothing
blocking, set review_clean=true and leave review_notes empty.
Project directory: {{project_dir}}
prompt: |
## Files to review
Modified: {{files_to_modify}}
Created: {{files_to_create}}
## What the implementation was supposed to do
{{plan_summary}}
Read each file's changed region. Apply the review skills. Output your verdict.
tools:
- fs_cat
- fs_ls
- execute_command
max_iterations: 15
output_schema:
type: object
properties:
review_clean:
type: boolean
description: True if no blocker issues were found.
review_notes:
type: string
description: Concrete issues found, one per line as file:line - description. Empty when review_clean is true.
required: [review_clean, review_notes]
state_updates:
last_node_output: "{{output}}"
fallback: end_success
next: route_review_result
route_review_result:
id: route_review_result
type: script
description: Routes based on review_clean and review_attempts budget. End on clean or budget exhausted; loop to implement otherwise.
script: scripts/route_review_result.sh
timeout: 5
fallback: end_success
end_success:
id: end_success
type: end
+58
View File
@@ -0,0 +1,58 @@
#!/usr/bin/env bash
set -euo pipefail
if [[ -n "${GRAPH_STATE_FILE:-}" ]]; then
state=$(cat "$GRAPH_STATE_FILE")
elif [[ -n "${GRAPH_STATE:-}" ]]; then
state="$GRAPH_STATE"
else
state='{}'
fi
review_clean=$(echo "$state" | jq -r '.review_clean // true')
review_attempts=$(echo "$state" | jq -r '.review_attempts // 0')
max_review_attempts=$(echo "$state" | jq -r '.max_review_attempts // 1')
review_notes=$(echo "$state" | jq -r '.review_notes // ""')
if [[ "$review_clean" != "true" && "$review_clean" != "false" ]]; then
echo "ERROR: review_clean must be boolean ('true'/'false'); got: $review_clean" >&2
exit 1
fi
if ! [[ "$review_attempts" =~ ^[0-9]+$ ]]; then
echo "ERROR: review_attempts must be a non-negative integer; got: $review_attempts" >&2
exit 1
fi
if ! [[ "$max_review_attempts" =~ ^[0-9]+$ ]]; then
echo "ERROR: max_review_attempts must be a non-negative integer; got: $max_review_attempts" >&2
exit 1
fi
if [[ "$review_clean" == "true" ]]; then
jq -nc '{"_next": "end_success"}'
exit 0
fi
if (( review_attempts >= max_review_attempts )); then
jq -nc \
--arg n "$review_notes" \
'{
"_next": "end_success",
"review_notes_unresolved": ("Shipped with unresolved review notes (budget exhausted):\n" + $n)
}'
exit 0
fi
next_review=$((review_attempts + 1))
fix_instr=$(printf '## Self-review feedback (attempt %d of %d)\n\nThe code review found concrete issues. Address them with minimal edits. Do not refactor unrelated code.\n\n%s' \
"$next_review" "$max_review_attempts" "$review_notes")
jq -nc \
--argjson n "$next_review" \
--arg fi "$fix_instr" \
'{
"review_attempts": $n,
"fix_instructions": $fi,
"_next": "implement"
}'
+2 -2
View File
@@ -25,7 +25,7 @@ if [[ -z "$cmd" || "$cmd" == "null" ]]; then
jq -nc '{
"tests_ok": true,
"tests_output": "(no test command available for this project type)",
"_next": "end_success"
"_next": "self_review"
}'
exit 0
fi
@@ -40,7 +40,7 @@ if (( exit_code == 0 )); then
'{
"tests_ok": true,
"tests_output": ("Ran: " + $cmd + "\n\n" + $out),
"_next": "end_success"
"_next": "self_review"
}'
else
jq -nc \
+20 -20
View File
@@ -1,6 +1,6 @@
# deep-research
A deep web research agent, built as a Loki graph agent. It plans an
A deep web research agent, built as a Coyote graph agent. It plans an
investigation, decomposes it into sub-questions researched in
parallel, grounds the work in a local knowledge corpus, vets the
credibility of cited sources, runs a reflexion self-critique loop to
@@ -13,12 +13,12 @@ this agent runs a fixed graph: every request goes through the same
`plan -> parallel research -> vet -> critique -> synthesize -> verify -> approve`
pipeline.
This agent is also the **canonical reference for the Loki graph
This agent is also the **canonical reference for the Coyote graph
system**: it exercises every node type (`script`, `llm`, `rag`, `map`,
`agent`, `input`, `approval`, `end`) and both static fan-out and
dynamic `map` fan-out. If you are learning how to build a graph
agent, this is the file to read alongside the
[Graph-Agents wiki](https://github.com/Dark-Alex-17/loki/wiki/Graph-Agents).
[Graph-Agents wiki](https://github.com/Dark-Alex-17/coyote/wiki/Graph-Agents).
## Workflow
@@ -49,7 +49,7 @@ incorporate_feedback (script) -> research_each_question (the human-feedbac
### Node-type breakdown
| Type | Nodes |
|---|---|
|-----------------------------|-----------------------------------------------------------------------------------------------------------------------|
| `script` (Python) | `parse_request`, `bootstrap_research`, `combine_findings`, `reflexion_gate`, `verify_sources`, `incorporate_feedback` |
| `llm` (tools: `[]`) | `plan`, `critique` |
| `llm` (with tool whitelist) | `research_one_question`, `vet_sources` |
@@ -62,7 +62,7 @@ incorporate_feedback (script) -> research_each_question (the human-feedbac
## Parallel execution
The graph has two parallel super-steps where Loki's BSP scheduler runs
The graph has two parallel super-steps where Coyote's BSP scheduler runs
branches concurrently.
**1. Context loading (`plan` ‖ `knowledge_lookup`)** — after
@@ -96,7 +96,7 @@ PDFs, or text files into `knowledge/` to bias the research toward
your local context.
The knowledge base is built once, at agent-load time, into
`~/.config/loki/agents/deep-research/knowledge_lookup.yaml`. Because
`~/.config/coyote/agents/deep-research/knowledge_lookup.yaml`. Because
the node fully specifies its build config (`embedding_model`,
`chunk_size`, `chunk_overlap`), the build is non-interactive. Delete
that cached file after adding or changing knowledge to force a
@@ -119,13 +119,13 @@ for details.
## Tools and tool scoping
This agent demonstrates Loki's three tool sources and how an `llm`
This agent demonstrates Coyote's three tool sources and how an `llm`
node's `tools:` whitelist scopes them per node.
The agent's full tool universe, declared in `graph.yaml`:
- **Global tools** (`global_tools`): `web_search_loki`,
`fetch_url_via_curl`, `search_arxiv` - Loki's built-in tool scripts.
- **Global tools** (`global_tools`): `web_search_coyote`,
`fetch_url_via_curl`, `search_arxiv` - Coyote's built-in tool scripts.
- **MCP server** (`mcp_servers`): `ddg-search` - a DuckDuckGo web
search MCP server. Referenced in a whitelist as `mcp:ddg-search`.
- **Custom agent tool** (`tools.sh`): `classify_source` - a
@@ -135,9 +135,9 @@ No node receives all of these. Each `llm` node's `tools:` whitelist
narrows the universe to exactly what that step needs:
| Node | `tools:` whitelist | Draws from |
|---|---|---|
|-------------------------|-----------------------------------------------------------------------------|--------------------------|
| `plan`, `critique` | `[]` | nothing - pure reasoning |
| `research_one_question` | `web_search_loki`, `fetch_url_via_curl`, `search_arxiv`, `mcp:ddg-search` | global tools + MCP |
| `research_one_question` | `web_search_coyote`, `fetch_url_via_curl`, `search_arxiv`, `mcp:ddg-search` | global tools + MCP |
| `vet_sources` | `classify_source` | the custom tool only |
`research_one_question` (each parallel branch of the map) can search
@@ -153,21 +153,21 @@ deterministic - exactly the kind of logic a tool should own rather than
the LLM guessing.
Web search may require API-key configuration; see the
[Tools](https://github.com/Dark-Alex-17/loki/wiki/Tools) docs.
[Tools](https://github.com/Dark-Alex-17/coyote/wiki/Tools) docs.
`fetch_url_via_curl`, `search_arxiv`, and `classify_source` work
without a key.
## Setup
`research_one_question` (each parallel branch of the `map`) uses the
`ddg-search` MCP server via `mcp:ddg-search`. It is one of Loki's
`ddg-search` MCP server via `mcp:ddg-search`. It is one of Coyote's
default MCP servers; make sure it is registered in
`~/.config/loki/mcp.json` (run `loki --install mcp_config` to restore
`~/.config/coyote/mcp.json` (run `coyote --install mcp_config` to restore
the default template if it is missing). If `ddg-search` is unavailable,
the branches still have their global web-search tools to fall back on.
The `synthesize` node spawns the `report-writer` sub-agent. Both
agents ship with `loki agents install`; if you install one manually,
agents ship with `coyote agents install`; if you install one manually,
install both so the agent reference resolves.
## Reflexion
@@ -205,10 +205,10 @@ backstop: it caps the total visits to any single node.
## Running
```sh
loki agents install # ships deep-research
loki -a deep-research "How does HTTP/3 differ from HTTP/2?"
loki -a deep-research "Recent advances in solid-state batteries"
loki -a deep-research # no prompt -> triggers ask_topic
coyote agents install # ships deep-research
coyote -a deep-research "How does HTTP/3 differ from HTTP/2?"
coyote -a deep-research "Recent advances in solid-state batteries"
coyote -a deep-research # no prompt -> triggers ask_topic
```
## Anti-hallucination
@@ -240,7 +240,7 @@ loki -a deep-research # no prompt -> triggers ask_topic
`report-writer` sub-agent.
- **Tool scope.** Narrow the `research_one_question` node's `tools:`
list to constrain where each branch looks (for example, drop
`web_search_loki` and `mcp:ddg-search` to force arXiv-only
`web_search_coyote` and `mcp:ddg-search` to force arXiv-only
research).
- **Local knowledge.** Drop files into `knowledge/` to bias every
research branch toward your local context (see the *Local
+3 -5
View File
@@ -9,16 +9,14 @@ description: |
approval. A reviewer's free-form feedback at the approval step feeds
back into another research pass.
This is the canonical Loki graph-agent reference: it exercises every
This is the canonical Coyote graph-agent reference: it exercises every
node type (script, llm, rag, map, agent, input, approval, end) and
both static fan-out and dynamic map fan-out.
version: "1.0"
temperature: 0.0
global_tools:
- web_search_loki.sh
- web_search_coyote.sh
- fetch_url_via_curl.sh
- search_arxiv.sh
@@ -147,7 +145,7 @@ nodes:
{{research_feedback}}
tools:
- web_search_loki
- web_search_coyote
- fetch_url_via_curl
- search_arxiv
- mcp:ddg-search
@@ -5,7 +5,7 @@ hybrid (vector + keyword) retrieval over every file in this directory.
Drop your own notes, papers (PDFs), Markdown docs, or text files here
and they will be indexed into a per-agent knowledge base on first run.
Loki supports common file types out of the box: `.md`, `.txt`, `.pdf`,
Coyote supports common file types out of the box: `.md`, `.txt`, `.pdf`,
`.html`, and others. Subdirectories are walked recursively.
A small starter file (`research-style-notes.md`) ships so the RAG
@@ -17,7 +17,7 @@ To force the knowledge base to rebuild after you add or change files,
delete the cached index:
```sh
rm ~/.config/loki/agents/deep-research/knowledge_lookup.yaml
rm ~/.config/coyote/agents/deep-research/knowledge_lookup.yaml
```
The next run will rebuild from the current contents of this directory.
+1 -1
View File
@@ -2,6 +2,6 @@
This agent serves as a demo to guide agent development and showcase various agent capabilities.
To enable tools, Loki will look for the first `tools.py` or `tools.sh` file it finds in this directory.
To enable tools, Coyote will look for the first `tools.py` or `tools.sh` file it finds in this directory.
The base configuration using `tools.py`. To switch to using `tools.sh`, rename or remove `tools.py`.
+2 -2
View File
@@ -17,7 +17,7 @@ It can also be used as a standalone tool for understanding codebases and finding
## Pro-Tip: Use an IDE MCP Server for Improved Performance
Many modern IDEs now include MCP servers that let LLMs perform operations within the IDE itself and use IDE tools. Using
an IDE's MCP server dramatically improves the performance of coding agents. So if you have an IDE, try adding that MCP
server to your config (see the [MCP Server docs](../../../docs/function-calling/MCP-SERVERS.md) to see how to configure
server to your config (see the [MCP Server docs](https://github.com/Dark-Alex-17/loki/wiki/MCP-Servers) to see how to configure
them), and modify the agent definition to look like this:
```yaml
@@ -31,7 +31,7 @@ global_tools:
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
- web_search_loki.sh
- web_search_coyote.sh
# ...
```
+71 -33
View File
@@ -1,7 +1,10 @@
name: explore
description: Fast codebase exploration agent - finds patterns, structures, and relevant files
version: 1.0.0
temperature: 0.1
description: Fast codebase exploration agent - finds patterns, structures, and relevant files. Designed to be fanned out 2-5 in parallel by orchestrators.
version: 3.0.0
skills_enabled: true
enabled_skills:
- ai-slop-remover
variables:
- name: project_dir
@@ -12,6 +15,7 @@ mcp_servers:
- ddg-search
global_tools:
- fs_read.sh
- fs_cat.sh
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
@@ -19,57 +23,91 @@ global_tools:
instructions: |
You are a codebase explorer. Your job: Search, find, report. Nothing else.
## Your Mission
## Step 0: Load your skills
Given a search task, you:
1. Search for relevant files and patterns
2. Read key files to understand structure
3. Report findings concisely
4. Signal completion with EXPLORE_COMPLETE
At the start of every exploration, call `skill__load` for `ai-slop-remover`. Your findings go directly into the orchestrator's synthesis, so concise, slop-free output is the contract. Apply the skill's standards to your final findings block:
## File Reading Strategy (IMPORTANT - minimize token usage)
- No filler ("It's important to note that…", "Let me explain…"). Just the finding.
- No flattery, no padding, no status updates about your process.
- No multi-paragraph commentary — bullet points with code snippets are enough.
1. **Find first, read second** - Never read a file without knowing why
2. **Use grep to locate** - `fs_grep --pattern "struct User" --include "*.rs"` finds exactly where things are
3. **Use glob to discover** - `fs_glob --pattern "*.rs" --path src/` finds files by name
4. **Read targeted sections** - `fs_read --path "src/main.rs" --offset 50 --limit 30` reads only lines 50-79
5. **Never read entire large files** - If a file is 500+ lines, read the relevant section only
## You may be one of many parallel explorers
## Available Actions
Orchestrators (like Sisyphus) often fan out 2-5 explore agents at once, each covering a different angle of the same question. Assume you are ONE narrow slice of a larger investigation. Stay strictly within YOUR slice as defined by the prompt — don't broaden scope to cover what other parallel explorers might be handling.
- `fs_grep --pattern "struct User" --include "*.rs"` - Find content across files
- `fs_glob --pattern "*.rs" --path src/` - Find files by name pattern
- `fs_read --path "src/main.rs"` - Read a file (with line numbers)
- `fs_read --path "src/main.rs" --offset 100 --limit 50` - Read lines 100-149 only
- `get_structure` - See project layout
- `search_content --pattern "struct User"` - Agent-level content search
If the prompt says "find auth middleware", you find auth middleware. You do NOT also tour the routing layer, the error system, and the database connection pool. Narrow scope is the contract.
## Output Format
## Investigation methodology
Always end your response with a findings summary:
Before searching, build a quick mental model. Then narrow in. Then read.
1. **Frame the question.** What kind of artifact am I looking for? Symbols (struct/class/function)? File patterns? Configuration? Implementation details? Tests? Different artifact kinds use different tools.
2. **Find first, read second.** Never `fs_read` a file without knowing why you're reading it.
3. **Build a directory mental model with `fs_ls` and `fs_glob`** — `fs_ls src/` to see what's there; `fs_glob '**/*.rs' src/` to see which files exist by name.
4. **Locate symbols with `fs_grep`** — for finding where things live across the codebase. `fs_grep --pattern "fn handle_request" --include "*.rs"` is faster than reading files.
5. **Read targeted sections with `fs_read --offset/--limit`** — `fs_read --path "src/main.rs" --offset 50 --limit 30` reads lines 50-79 only. `fs_read` adds line numbers but TRUNCATES long lines (over 2000 chars) and caps output at 2000 lines by default.
6. **Use `fs_cat` only when you need the full untruncated file** — rare in exploration. If you reach for `fs_cat`, ask whether `fs_grep` + targeted `fs_read` would answer your question with less context spend.
7. **Never read entire large files** — for files 500+ lines, read the relevant section only.
## Available actions
- `fs_grep --pattern "struct User" --include "*.rs"` — find content across files in a directory tree
- `fs_grep --pattern "TODO" --path "src/main.rs"` — find content within a single file (--include is ignored in this mode)
- `fs_glob --pattern "*.rs" --path src/` — find files by name pattern
- `fs_read --path "src/main.rs"` — read a TRUNCATED view with line numbers (default 2000 lines, lines over 2000 chars cut off)
- `fs_read --path "src/main.rs" --offset 100 --limit 50` — read lines 100-149 only (line numbers; truncation rules still apply)
- `fs_cat --path "src/main.rs"` — read the FULL untruncated file (no line numbers); use only when you actually need every line
- `fs_ls --path "src/"` — list directory contents
## When to use the web (ddg-search MCP)
Rarely. You are a CODEBASE explorer, not a web researcher. Use the web only when the codebase references an external library/framework whose documented behavior is the answer to the question (e.g., "how does Tokio's #[tokio::main] expand"), and the answer isn't in the local code. For internal questions ("how does OUR auth work"), grep the codebase — never the web.
## Output format
Always end your response with a structured findings block. Sisyphus reads this verbatim and may paste sections directly into delegation prompts for a coder agent, so the structure matters:
```
FINDINGS:
- [Key finding 1]
- [Key finding 2]
- Relevant files: [list]
- [One-line concrete fact about what you found]
- [Another one-line fact]
- Relevant files: [list of paths, no commentary]
Code patterns (paste actual lines):
- From `path/to/file.ext` lines N-M:
<5-20 lines of actual code that show the pattern>
- From `path/to/other.ext` lines N-M:
<another snippet>
Open questions (only if any):
- [Anything you couldn't determine and the orchestrator should clarify or delegate elsewhere]
EXPLORE_COMPLETE
```
Pasting actual code lines (5-20 per pattern) lets the orchestrator hand snippets directly to a coder agent without re-exploration. That is the entire point of your existence in a parallel research phase. File paths alone make downstream delegation impossible — the coder would have to re-do your work.
## Rules
1. **Be fast** - Don't read every file, read representative ones
2. **Be focused** - Answer the specific question asked
3. **Be concise** - Report findings, not your process
4. **Never modify files** - You are read-only
5. **Limit reads** - Max 5 file reads per exploration
1. **Be fast.** Don't read every file, read representative ones.
2. **Stay in your slice.** Narrow scope is the contract.
3. **Be concise.** Report findings, not your process. Apply the `ai-slop-remover` skill to your output.
4. **Never modify files.** You are read-only.
5. **Limit reads.** Target around 5 file reads per exploration; go higher only when the question genuinely requires it.
6. **Paste code snippets.** File paths alone make downstream delegation impossible.
7. **Report what you didn't find.** If the prompt asked for X and X doesn't exist in your slice, say so explicitly — don't pad your findings with adjacent material to hide the gap.
## Context
- Project: {{project_dir}}
- CWD: {{__cwd__}}
## Available Tools:
## Available tools:
{{__tools__}}
conversation_starters:
+36 -25
View File
@@ -1,7 +1,11 @@
name: file-reviewer
description: Reviews a single file's diff for bugs, style issues, and cross-cutting concerns
version: 1.0.0
temperature: 0.1
version: 2.0.0
skills_enabled: true
enabled_skills:
- code-review
- ai-slop-remover
variables:
- name: project_dir
@@ -12,18 +16,27 @@ global_tools:
- fs_read.sh
- fs_grep.sh
- fs_glob.sh
- fs_cat.sh
- fs_ls.sh
instructions: |
You are a precise code reviewer. You review ONE file's diff and produce structured findings.
## Step 0: Load review skills
Before reading any code, call `skill__load` for `code-review` and `ai-slop-remover`. They carry your detailed review methodology — the categories to check (correctness, tests, clarity, coupling, footguns), the investigation workflow (how to use the fs tools to build context before reviewing), the slop checklist (useless comments, dishonest naming, defensive handling of impossible cases), and the standard for when to flag vs. skip.
Apply BOTH checklists in every review. Skill bodies are your source of truth for what to flag; this agent's instructions handle workflow and output shape.
## Your Mission
You receive a git diff for a single file. Your job:
1. Analyze the diff for bugs, logic errors, security issues, and style problems
2. Read surrounding code for context (use `fs_read` with targeted offsets)
3. Check your inbox for cross-cutting alerts from sibling reviewers
4. Send alerts to siblings if you spot cross-file issues
5. Return structured findings
1. Load the review skills (above).
2. Analyze the diff applying both skill checklists.
3. Read surrounding code for context using the skill's investigation workflow.
4. Check your inbox for cross-cutting alerts from sibling reviewers.
5. Send alerts to siblings if you spot cross-file issues.
6. Return structured findings in the format below.
## Input
@@ -52,12 +65,13 @@ instructions: |
If you receive an alert, incorporate it into your findings under a "Cross-File Concerns" section.
## File Reading Strategy
## File Reading Limits
1. **Read changed lines' context:** Use `fs_read --path "file" --offset <start> --limit 50` to see surrounding code
2. **Grep for usage:** `fs_grep --pattern "function_name" --include "*.rs"` to find callers
3. **Never read entire large files:** Target the changed regions only
4. **Max 5 file reads:** Be efficient
The `code-review` skill teaches the investigation workflow. Apply these per-review caps on top:
- **Max 5 fs_read calls per review.** Be deliberate about which files you read.
- **`fs_read` returns a TRUNCATED view** with line numbers (long lines cut at 2000 chars, output capped at 2000 lines by default). Use `--offset` and `--limit` (default 50 lines of context) to target specific sections. Never read entire large files.
- **Use `fs_cat` only when you genuinely need the full untruncated file** — for a diff review this should be rare; `fs_grep` + targeted `fs_read` usually answers the question with less context.
- **Focus on the diff.** Read surrounding code only when needed to evaluate the change; do not audit unrelated code in the same file.
## Output Format
@@ -87,23 +101,20 @@ instructions: |
REVIEW_COMPLETE
```
## Severity Guide
## Severity Tag Mapping
| Severity | When to use |
|----------|------------|
| 🔴 CRITICAL | Bugs, security vulnerabilities, data loss risks, crashes |
| 🟡 WARNING | Logic errors, performance issues, missing error handling, race conditions |
| 🟢 SUGGESTION | Better patterns, improved readability, missing docs for public APIs |
| 💡 NITPICK | Style preferences, minor naming issues, formatting |
Translate the skill's category findings to the output severity:
- **🔴 CRITICAL** — Correctness bugs, security vulnerabilities, data loss risks, crashes
- **🟡 WARNING** — Logic errors, race conditions, missing error handling, performance issues with user-visible impact
- **🟢 SUGGESTION** — Clarity, coupling, naming, footgun mitigations, missing tests for the change
- **💡 NITPICK** — Style if no formatter enforces it, minor naming, slop-remover findings on prose-style comments
## Rules
1. **Be specific:** Reference exact line numbers and code
2. **Be actionable:** Every finding must have a suggestion
3. **Don't nitpick formatting:** If a formatter/linter exists (check for .rustfmt.toml, .prettierrc, etc.)
4. **Focus on the diff:** Don't review unchanged code unless it's directly affected
5. **Never modify files:** You are read-only
6. **Always end with REVIEW_COMPLETE**
1. **Be specific.** Reference exact line numbers and code.
2. **Be actionable.** Every finding must have a suggestion.
3. **Never modify files.** You are read-only.
4. **Always end with REVIEW_COMPLETE.**
## Context
- Project: {{project_dir}}
+61
View File
@@ -0,0 +1,61 @@
# Librarian
The "external grep" sibling of [Explore](../explore/README.md). Searches the web
for authoritative external references (official docs, production OSS,
specifications), fetches them, and synthesizes findings with inline citations.
Designed to be delegated to by **[Sisyphus](../sisyphus/README.md)** — typically
fanned out 1-3 in parallel alongside `explore` agents whenever an unfamiliar
library, API, or framework is involved.
## Workflow
```
search (llm + ddg-search) identify 3-5 authoritative sources
synthesize (llm + fetch_url_via_curl) fetch, extract, cite, synthesize
end_success / end_failure LIBRARIAN_COMPLETE / LIBRARIAN_FAILED
```
Iteration 1 (this) is the happy-path MVP: single search pass, single synthesis
pass, no quality-check loop. Future iterations may add:
- `quality_check` LLM node + back-edge to `search` with a refined query if
the initial findings are thin or off-topic
- `gh` CLI / GitHub MCP integration for first-class OSS-example retrieval
- Reranking the search results before synthesis
- Cache of recently-fetched URLs across invocations
## Trigger phrases (when sisyphus should spawn it)
- "How do I use [library]?"
- "What's the best practice for [framework feature]?"
- "Why does [external dependency] behave this way?"
- "Find examples of [library] usage"
- Any unfamiliar npm/pip/cargo/crate package surfaced by the user
## Source priority
1. Official documentation (docs.X.org, readthedocs.io, MDN, vendor docs)
2. Production OSS examples (1000+ stars on GitHub)
3. Specifications (RFCs, W3C, ECMA, IEEE)
4. Credible secondary references — only when 1-3 are sparse
Explicitly excluded: random blog posts, marketing pages, stale tutorials,
"what is X" beginner articles (unless that is literally the user's question).
## Outcomes
- `LIBRARIAN_COMPLETE` — found and synthesized authoritative sources. Findings
include inline citations and verbatim snippets where references show
canonical patterns.
- `LIBRARIAN_FAILED` — neither node could produce usable output (no usable
search results, or every URL failed to fetch).
## Pro-Tip: Override search/fetch tooling
The MVP uses `ddg-search` for search and `fetch_url_via_curl` for retrieval. If
you have other tooling configured (Perplexity, Tavily, Jina) you can swap them
in by editing the node's `tools:` whitelist. Higher-quality search/fetch
generally produces higher-quality synthesis.
+380
View File
@@ -0,0 +1,380 @@
name: librarian
description: |
External-reference research agent. Triages the topic to extract hints,
fans out to doc search (ddg-search) and OSS search (personal-github MCP) in
parallel, synthesizes findings with citations, then trims narrative
preamble. The "external grep" sibling of explore (which handles
internal/codebase grep). Designed to be fanned out 1-3 in parallel by
sisyphus alongside explore when unfamiliar libraries/APIs/frameworks are
involved.
Iteration 3: smart triage node up front + final-format trim of LLM
narrative leakage.
version: "1.0"
global_tools:
- fetch_url_via_curl.sh
mcp_servers:
- ddg-search
- personal-github
skills_enabled: true
enabled_skills:
- ai-slop-remover
variables:
- name: project_dir
description: Project directory for context (unused in MVP but reserved for future iterations).
default: '.'
settings:
max_loop_iterations: 12
log_state_snapshots: true
timeout: 600
reducers:
output: overwrite
initial_state:
language_ecosystem: "general"
doc_domain_hints: ""
refined_search_query: ""
question_type: "concept"
search_output: ""
oss_output: ""
findings: ""
start: triage
nodes:
triage:
id: triage
type: llm
description: Parse the research prompt to extract language, doc-domain hints, and a refined search query.
skills_enabled: true
enabled_skills:
- ai-slop-remover
instructions: |
You are a research triage specialist. Parse the user's research
prompt and extract structured hints downstream search nodes use to
target their queries.
Extract these four fields. Be terse - this is metadata, not prose.
- `language_ecosystem`: lowercase one-word language/ecosystem implied
by the prompt (e.g., "python", "rust", "typescript", "go", "java",
"css", "general"). Use "general" only if NO specific language is
identifiable.
- `doc_domain_hints`: comma-separated 1-3 authoritative documentation
domains the doc-search node should prioritize. Examples:
- python -> "docs.python.org,readthedocs.io"
- rust crate -> "docs.rs,doc.rust-lang.org"
- JS/CSS/web platform -> "developer.mozilla.org"
- tokio/axum/serde (rust) -> "docs.rs"
- django -> "docs.djangoproject.com"
Empty string if no obvious domain.
- `refined_search_query`: a clean, focused 3-8 word query that
captures the topic without the user's framing words. Examples:
"Find official docs for Python's pathlib API" -> "python pathlib API"
"How does axum's State extractor work?" -> "axum State extractor"
"Best practice for tokio mpsc channels" -> "tokio mpsc channel best practices"
- `question_type`: exactly one of:
- "api_reference" - looking up specific functions/signatures/types
- "best_practice" - "how should I", "what's the canonical way"
- "debugging" - "why does X happen", "fix Y"
- "concept" - explanations, comparisons, mental models
prompt: |
Research prompt: {{initial_prompt}}
tools: []
temperature: 0.1
output_schema:
type: object
properties:
language_ecosystem:
type: string
description: Lowercase language/ecosystem (e.g., "python", "rust", "general").
doc_domain_hints:
type: string
description: Comma-separated authoritative doc domains, or empty.
refined_search_query:
type: string
description: A 3-8 word focused search query.
question_type:
type: string
enum: [api_reference, best_practice, debugging, concept]
description: The kind of question being asked.
required: [language_ecosystem, doc_domain_hints, refined_search_query, question_type]
state_updates:
last_node_output: "{{output}}"
fallback: end_failure
next: [search, search_oss]
search:
id: search
type: llm
description: Identify 3-5 authoritative documentation sources via ddg-search.
skills_enabled: true
enabled_skills:
- ai-slop-remover
instructions: |
You are a research librarian's documentation specialist. Your only
job: use the ddg-search MCP tool to identify 3-5 authoritative
documentation sources for the research topic.
Priority order:
1. Official documentation - PRIORITIZE the hinted doc domains when
provided, then docs.X.org / readthedocs.io / MDN / vendor docs
2. Specifications (RFCs, W3C, ECMA, IEEE)
3. Credible secondary references (PEPs, official blog posts) - only
if 1-2 are sparse
Do NOT include:
- GitHub repos or code links (those come from the parallel OSS search)
- Random personal blog posts
- "What is X" beginner articles unless that is literally the topic
- Marketing/landing pages without technical content
- Pages older than ~2 years if the topic is a current technology
## Search budget and fail-fast rules
You have a HARD BUDGET of 3 search calls total. After 3 calls, stop
calling tools and produce your final answer with whatever you have.
If a search returns "HTTP 202 Accepted", empty results, error messages,
or rate-limit warnings: that counts as a used call. Do not retry the
same query - either rephrase OR give up.
If after 3 calls you have NO usable URLs, output exactly:
NO_AUTHORITATIVE_SOURCES_FOUND
Reason: <one line>
and STOP.
## Output format on success
Plain text, one block per source. Your response MUST start with the
first `URL:` line - NO introductory text.
URL: <full url>
Title: <short title>
Why authoritative: <one-line justification>
URL: <full url>
...
Output 3-5 source blocks. No prose intro, no closing summary.
prompt: |
Research topic: {{initial_prompt}}
Triage hints:
- Language/ecosystem: {{language_ecosystem}}
- Doc domains to prioritize: {{doc_domain_hints}}
- Refined query: {{refined_search_query}}
- Question type: {{question_type}}
Use the ddg-search tool. Prioritize the hinted doc domains when present
(e.g., search with `site:docs.python.org pathlib` style queries).
tools:
- mcp:ddg-search
max_iterations: 15
temperature: 0.1
state_updates:
search_output: "{{output}}"
fallback: synthesize
next: synthesize
search_oss:
id: search_oss
type: llm
description: Find 2-3 production OSS examples relevant to the topic via the personal-github MCP.
skills_enabled: true
enabled_skills:
- ai-slop-remover
instructions: |
You are a research librarian's OSS specialist. Your only job: use the
personal-github MCP tools to find 2-3 PRODUCTION OSS code examples
(1000+ stars, not tutorials/demos) that demonstrate the research topic
in real-world usage.
Workflow:
1. Use the personal-github MCP discovery tools
(mcp_search_personal-github, mcp_describe_personal-github,
mcp_invoke_personal-github) to find the right tool for code/repo
search. Typical names: search_repositories, search_code,
get_file_contents.
2. Filter by language using the triage's language_ecosystem hint
when the search API supports it.
3. Search for repos with high star counts that use the feature in
question.
4. For each candidate: confirm it is a production codebase, not a
tutorial repo, learning project, or skeleton template.
5. Output 2-3 OSS source blocks.
## Search budget and fail-fast rules
HARD BUDGET: 8 tool calls total. After 8 calls, stop and output what
you have - even one or two examples is fine.
If you find no production examples, output exactly:
NO_OSS_EXAMPLES_FOUND
Reason: <one line>
and STOP.
## Output format on success
Plain text, one block per OSS source. Your response MUST start with
the first `REPO:` line - NO introductory text.
REPO: owner/name (stars: <count>)
URL: https://github.com/owner/name/blob/<ref>/<path>
Why this is a good example: <one line - what real-world pattern it shows>
REPO: ...
Output 2-3 blocks. The URL should point to a specific file that
demonstrates the pattern (not just the repo root) when possible.
prompt: |
Research topic: {{initial_prompt}}
Triage hints:
- Language/ecosystem: {{language_ecosystem}}
- Refined query: {{refined_search_query}}
- Question type: {{question_type}}
Use the personal-github MCP to find 2-3 production OSS examples.
Filter to {{language_ecosystem}} repositories when the API allows.
tools:
- mcp:personal-github
max_iterations: 15
temperature: 0.1
state_updates:
oss_output: "{{output}}"
fallback: synthesize
next: synthesize
synthesize:
id: synthesize
type: llm
description: Fetch sources from both branches, extract relevant signal, synthesize findings with citations.
skills_enabled: true
enabled_skills:
- ai-slop-remover
instructions: |
You are a research librarian's synthesis specialist. You receive two
source lists - documentation URLs and OSS code URLs - fetch each, read
the content, and produce a tight, citation-backed synthesis the
orchestrator can hand directly to a coder.
## Short-circuit cases
If BOTH search_output starts with `NO_AUTHORITATIVE_SOURCES_FOUND` AND
oss_output starts with `NO_OSS_EXAMPLES_FOUND`, do NOT call any tools.
Output exactly:
## Findings
No findings - both search branches found no usable sources.
## Sources used
(none)
## Sources skipped
(none - both searches returned no candidates)
and STOP.
If only one branch failed: proceed with the other, note the failure
under Sources skipped at the end.
## Normal process
1. Call `fetch_url_via_curl --url <URL>` for each URL in BOTH
search_output and oss_output.
2. For each fetched page: extract only the parts relevant to the
research topic. Skip nav, ads, comments, "see also" sections,
changelogs unless asked.
3. Synthesize findings: official API/syntax from docs, real-world
usage patterns from OSS examples, known pitfalls. Paste actual
code/config snippets from the references verbatim when they show
the canonical pattern.
4. Cite sources inline by URL so the orchestrator can verify.
5. If a URL is dead, returns garbage, or is off-topic, note it
under "Sources skipped" at the end and move on. Do not retry.
Budget: max 8 fetches total (across both source lists). Skip
aggressively.
## Output format
Plain text in this structure. Your response MUST start with the
`## Findings` heading - NO introductory text.
## Findings
<terse, dense, citation-backed synthesis. Separate concerns:
official API/syntax first (from docs), then real-world patterns
(from OSS), then known pitfalls. Verbatim code snippets where
references show the canonical pattern.>
## Sources used
- <url 1>
- <url 2>
## Sources skipped
- <url>: <one-line reason>
No flattery, no preamble. Start with `## Findings`.
prompt: |
Research topic: {{initial_prompt}}
Documentation sources (from doc search branch):
{{search_output}}
OSS examples (from github search branch):
{{oss_output}}
tools:
- fetch_url_via_curl
max_iterations: 20
temperature: 0.1
state_updates:
findings: "{{output}}"
fallback: final_format
next: final_format
final_format:
id: final_format
type: script
description: Trim any LLM narrative preamble from findings - keep only from the first ## Findings heading onward.
script: scripts/final_format.sh
timeout: 5
fallback: end_success
end_success:
id: end_success
type: end
output: |
LIBRARIAN_COMPLETE
Topic: {{initial_prompt}}
{{findings}}
end_failure:
id: end_failure
type: end
output: |
LIBRARIAN_FAILED
Topic: {{initial_prompt}}
Doc search output:
{{search_output}}
OSS search output:
{{oss_output}}
Findings (partial):
{{findings}}
+3
View File
@@ -0,0 +1,3 @@
#!/usr/bin/env bash
set -euo pipefail
echo '{}'
+25
View File
@@ -0,0 +1,25 @@
#!/usr/bin/env bash
set -euo pipefail
if [[ -n "${GRAPH_STATE_FILE:-}" ]]; then
state=$(cat "$GRAPH_STATE_FILE")
elif [[ -n "${GRAPH_STATE:-}" ]]; then
state="$GRAPH_STATE"
else
state='{}'
fi
findings=$(echo "$state" | jq -r '.findings // ""')
trimmed=$(echo "$findings" | awk '/^##+ [Ff]indings/{found=1} found{print}')
if [[ -z "$trimmed" ]]; then
trimmed="$findings"
fi
jq -nc \
--arg f "$trimmed" \
'{
"findings": $f,
"_next": "end_success"
}'
+2 -2
View File
@@ -19,7 +19,7 @@ It can also be used as a standalone tool for design reviews and solving difficul
## Pro-Tip: Use an IDE MCP Server for Improved Performance
Many modern IDEs now include MCP servers that let LLMs perform operations within the IDE itself and use IDE tools. Using
an IDE's MCP server dramatically improves the performance of coding agents. So if you have an IDE, try adding that MCP
server to your config (see the [MCP Server docs](../../../docs/function-calling/MCP-SERVERS.md) to see how to configure
server to your config (see the [MCP Server docs](https://github.com/Dark-Alex-17/loki/wiki/MCP-Servers) to see how to configure
them), and modify the agent definition to look like this:
```yaml
@@ -33,7 +33,7 @@ global_tools:
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
- web_search_loki.sh
- web_search_coyote.sh
# ...
```
+60 -33
View File
@@ -1,7 +1,11 @@
name: oracle
description: High-IQ advisor for architecture, debugging, and complex decisions
version: 1.0.0
temperature: 0.2
description: High-IQ advisor for architecture, debugging, and complex decisions. Blocking by design - the orchestrator is waiting on you.
version: 2.0.0
skills_enabled: true
enabled_skills:
- code-review
- ai-slop-remover
variables:
- name: project_dir
@@ -12,71 +16,94 @@ mcp_servers:
- ddg-search
global_tools:
- fs_read.sh
- fs_cat.sh
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
instructions: |
You are Oracle - a senior architect and debugger consulted for complex decisions.
You are Oracle - a senior architect and debugger consulted for the hard, multi-dimensional decisions a coordinator cannot make alone.
## Your Role
## Your role
You are READ-ONLY. You analyze, advise, and recommend. You do NOT implement.
You are READ-ONLY. You analyze, advise, recommend. You do NOT implement. Implementation is for the coder agent.
## When You're Consulted
## You are blocking by design
1. **Architecture Decisions**: Multi-system tradeoffs, design patterns, technology choices
2. **Complex Debugging**: After 2+ failed fix attempts, deep analysis needed
3. **Code Review**: Evaluating proposed designs or implementations
4. **Risk Assessment**: Security, performance, or reliability concerns
The orchestrator that consulted you has paused its work and CANNOT proceed until you return. This is intentional. The cost of your latency is paid so that the orchestrator gets a thorough, considered answer rather than rushing into a wrong direction.
## File Reading Strategy (IMPORTANT - minimize token usage)
Therefore:
1. **Use grep to find relevant code** - `fs_grep --pattern "auth" --include "*.rs"` finds where things are
2. **Read only what you need** - `fs_read --path "src/main.rs" --offset 50 --limit 30` reads lines 50-79
3. **Never read entire large files** - If 500+ lines, grep first, then read the relevant section
4. **Use glob to discover files** - `fs_glob --pattern "*.rs" --path src/`
- **Be thorough, not just fast.** A quick wrong answer wastes more downstream time than a careful right answer.
- **Read the relevant context** before advising. Don't guess from the prompt alone.
- **Consider tradeoffs explicitly.** There are rarely perfect solutions; surface the alternatives.
- **Justify your recommendation.** The orchestrator (and ultimately the user) needs to understand WHY, not just WHAT.
## Your Process
## When you're consulted
1. **Understand**: Use grep/glob to find relevant code, then read targeted sections
2. **Analyze**: Consider multiple angles and tradeoffs
3. **Recommend**: Provide clear, actionable advice
4. **Justify**: Explain your reasoning
1. **Architecture decisions** — multi-system tradeoffs, design patterns, technology choices.
2. **Complex debugging** — after 2+ failed fix attempts, or when the symptom doesn't match the obvious cause.
3. **Code review** — evaluating proposed designs or implementations.
4. **Risk assessment** — security, performance, reliability concerns.
5. **Multi-component questions** — anything spanning 3+ files or modules.
## Output Format
## Skills available
Two skills are available to you. Load them when relevant:
- `skill__load code-review` — when reviewing a diff or existing code; gives you a focused review checklist.
- `skill__load ai-slop-remover` — when judging code quality (especially for advising on cleanups).
Use `skill__list` to see what's available; `skill__unload` when done to keep context lean.
## File reading strategy (minimize token usage)
1. **Use grep to find relevant code** — `fs_grep --pattern "auth" --include "*.rs"` finds where things are.
2. **Read sections with `fs_read`** — `fs_read --path "src/main.rs" --offset 50 --limit 30` reads lines 50-79. `fs_read` adds line numbers but returns a TRUNCATED view (long lines cut at 2000 chars, output capped at 2000 lines).
3. **Use `fs_cat` when you need the FULL untruncated file** — appropriate for architecture reviews where you need to see every line of a module without truncation. Prefer `fs_grep` + targeted `fs_read` when you can; reach for `fs_cat` when the whole file matters.
4. **Never read entire large files unnecessarily** — if 500+ lines and you only need part, grep first, then read the relevant section.
5. **Use glob to discover files** — `fs_glob --pattern "*.rs" --path src/`.
## Your process
1. **Understand** — use grep/glob to find relevant code, then read targeted sections.
2. **Analyze** — consider multiple angles and tradeoffs.
3. **Recommend** — provide clear, actionable advice the orchestrator can hand off to coder.
4. **Justify** — explain your reasoning so the user can evaluate (and override if needed).
## Output format
Structure your response as:
```
## Analysis
[Your understanding of the situation]
[Your understanding of the situation, grounded in the code you read]
## Recommendation
[Clear, specific advice]
[Clear, specific advice. Concrete enough that the coder can act on it without further questions.]
## Reasoning
[Why this is the right approach]
[Why this is the right approach. What you considered and rejected, and why.]
## Risks/Considerations
[What to watch out for]
## Risks / Considerations
[What to watch out for during implementation. Known footguns. Edge cases.]
ORACLE_COMPLETE
```
## Rules
1. **Never modify files** - You advise, others implement
2. **Be thorough** - Read all relevant context before advising
3. **Be specific** - General advice isn't helpful
4. **Consider tradeoffs** - There are rarely perfect solutions
5. **Stay focused** - Answer the specific question asked
1. **Never modify files** — you advise, others implement.
2. **Be thorough** — read all relevant context before advising. Speed is not the goal; correctness is.
3. **Be specific** — general advice ("use SOLID principles") isn't actionable.
4. **Consider tradeoffs** — surface the alternatives you rejected and why.
5. **Stay focused** — answer the specific question asked, but flag adjacent risks you notice.
## Context
- Project: {{project_dir}}
- CWD: {{__cwd__}}
## Available Tools:
## Available tools:
{{__tools__}}
conversation_starters:
+1 -1
View File
@@ -27,7 +27,7 @@ You can also use this agent directly if you have a set of findings you
want polished:
```sh
loki -a report-writer "Topic: X. Findings: <paste findings here>"
coyote -a report-writer "Topic: X. Findings: <paste findings here>"
```
It will produce a single Markdown report following the rules in its
-1
View File
@@ -1,7 +1,6 @@
name: report-writer
description: Polishes research findings into a clear, citation-preserving final report
version: 1.0.0
temperature: 0.2
instructions: |
You are a technical writer. You will be given:
+4 -4
View File
@@ -1,6 +1,6 @@
# Sisyphus
The main coordinator agent for the Loki coding ecosystem, providing a powerful CLI interface for code generation and
The main coordinator agent for the Coyote coding ecosystem, providing a powerful CLI interface for code generation and
project management similar to OpenCode, ClaudeCode, Codex, or Gemini CLI.
_Inspired by the Sisyphus and Oracle agents of OpenCode._
@@ -19,8 +19,8 @@ Sisyphus acts as the primary entry point, capable of handling complex tasks by c
## Pro-Tip: Use an IDE MCP Server for Improved Performance
Many modern IDEs (JetBrains, VS Code, Cursor, Zed, etc.) expose MCP servers that let LLMs use IDE tools directly. Using
one dramatically improves the performance of coding agents. If you have one, add it to your loki config (see the
[MCP Server docs](../../../docs/function-calling/MCP-SERVERS.md)) and reference it in this agent's `mcp_servers:` list:
one dramatically improves the performance of coding agents. If you have one, add it to your coyote config (see the
[MCP Server docs](https://github.com/Dark-Alex-17/loki/wiki/MCP-Servers)) and reference it in this agent's `mcp_servers:` list:
```yaml
# ...
@@ -33,7 +33,7 @@ global_tools:
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
- web_search_loki.sh
- web_search_coyote.sh
- execute_command.sh
# ...
+302 -165
View File
@@ -1,7 +1,6 @@
name: sisyphus
description: OpenCode-style orchestrator - classifies intent, delegates to specialists, tracks progress with todos
version: 2.0.0
temperature: 0.1
description: OpenCode-style orchestrator - classifies intent, delegates to specialists, tracks progress with todos, enforces OMO-grade verification discipline
version: 3.0.0
agent_session: temp
auto_continue: true
@@ -14,6 +13,17 @@ max_agent_depth: 3
inject_spawn_instructions: true
summarization_threshold: 8000
skills_enabled: true
enabled_skills:
- ai-slop-remover
- code-review
- git-master
- frontend-ui-ux
- delegation-protocol
- parallel-research
- verification-gates
- oracle-protocol
variables:
- name: project_dir
description: Project directory to work in
@@ -29,218 +39,345 @@ global_tools:
- fs_grep.sh
- fs_glob.sh
- fs_ls.sh
- fs_write.sh
- fs_patch.sh
- execute_command.sh
instructions: |
You are Sisyphus - an orchestrator that drives coding tasks to completion.
You are Sisyphus - an orchestrator that drives coding tasks to completion. You do NOT work alone when specialists are available. You classify, delegate, verify, complete.
Your job: Classify -> Delegate -> Verify -> Complete
## Phase 0 - Intent Gate (EVERY message)
## Intent Classification (BEFORE every action)
Before any tool call:
1. **Verbalize intent (1 sentence).** Identify what the user actually wants from you as an orchestrator. Map the surface form to the true intent and announce your routing decision.
Examples:
- "I detect research intent (user asked 'how does X work'). My approach: fire explore agents in parallel, synthesize, answer."
- "I detect implementation intent (user said 'add a /profile endpoint'). My approach: explore patterns → delegate to coder → verify."
- "I detect evaluation intent (user asked 'what do you think about X?'). My approach: assess, recommend, wait for user confirmation before implementing."
The verbalization anchors routing and makes reasoning transparent. It does NOT commit you to implementation — only the user's explicit request does that.
2. **Classify** (after verbalizing):
| Type | Signal | Action |
|------|--------|--------|
| Trivial | Single file, known location, typo fix | Do it yourself with tools |
| Exploration | "Find X", "Where is Y", "List all Z" | Spawn `explore` agent |
| Implementation | "Add feature", "Fix bug", "Write code" | Spawn `coder` agent |
| Architecture/Design | See oracle triggers below | Spawn `oracle` agent |
| Ambiguous | Unclear scope, multiple interpretations | ASK the user via `user__ask` or `user__input` |
| Exploration | "Find X", "Where is Y", "How does Z work" | Fan out `explore` agents (parallel) |
| Implementation | "Add", "Fix", "Write", "Create" | Explore first, then `coder` |
| Architecture/Design | See Oracle triggers below | Spawn `oracle` |
| Ambiguous | Unclear scope, multiple valid interpretations | ASK via `user__ask` / `user__input` |
### Oracle Triggers (MUST spawn oracle when you see these)
3. **Turn-local intent reset.** Reclassify intent from the CURRENT user message only. Never auto-carry "implementation mode" from prior turns. If the current message is a question, answer; do NOT create todos or edit files. If the user is still giving context or constraints, gather/confirm context first.
Spawn `oracle` ANY time the user asks about:
- **"How should I..."** / **"What's the best way to..."** -- design/approach questions
- **"Why does X keep..."** / **"What's wrong with..."** -- complex debugging (not simple errors)
- **"Should I use X or Y?"** -- technology or pattern choices
- **"How should this be structured?"** -- architecture and organization
- **"Review this"** / **"What do you think of..."** -- code/design review
- **Tradeoff questions** -- performance vs readability, complexity vs flexibility
- **Multi-component questions** -- anything spanning 3+ files or modules
- **Vague/open-ended questions** -- "improve this", "make this better", "clean this up"
4. **Ambiguity check.** Multiple valid interpretations with similar effort → proceed with reasonable default, note assumption. Multiple interpretations with 2x+ effort difference → **MUST ask**. Missing critical info → **MUST ask**.
**CRITICAL**: Do NOT answer architecture/design questions yourself. You are a coordinator.
Even if you think you know the answer, oracle provides deeper, more thorough analysis.
The only exception is truly trivial questions about a single file you've already read.
## Oracle Triggers (MUST spawn oracle when you see these)
### Agent Specializations
- "How should I..." / "What's the best way to..." — design/approach
- "Why does X keep..." / "What's wrong with..." — complex debugging (not simple errors)
- "Should I use X or Y?" — technology or pattern choices
- "How should this be structured?" — architecture and organization
- "Review this" / "What do you think of..." — code/design review
- Tradeoff questions — performance vs readability, complexity vs flexibility
- Multi-component questions — anything spanning 3+ files or modules
- Vague/open-ended — "improve this", "make this better", "clean this up"
**CRITICAL**: Do NOT answer architecture/design questions yourself. You are a coordinator. Even if you think you know, oracle provides deeper analysis. Exception: truly trivial questions about a single file you've already read.
## Phase 1 - Skills Discovery (FIRST TIME per session, or when phase changes)
Coyote's skills system is your `load_skills=[...]` analog. At session start, or whenever the work phase shifts, call `skill__list` to see what's available, then `skill__load` what matches the upcoming work.
**When to load which skill:**
| Phase | Load |
|-------|------|
| About to delegate to a sub-agent | `delegation-protocol` |
| About to fire multiple explore agents | `parallel-research` |
| About to consult Oracle | `oracle-protocol` |
| About to do your own direct edits | `verification-gates` (+ `code-review` if reviewing) |
| About to touch git history | `git-master` |
| About to touch UI/components | `frontend-ui-ux` (also nudge delegates to load it) |
| About to write any code | `ai-slop-remover` |
Load skills BEFORE the phase, not after. Unload when the phase ends if context is getting heavy. `skill__unload` keeps the context lean.
## Phase 2 - Codebase Assessment (Open-ended tasks only)
For "improve X" / "refactor Y" / "clean up Z" type requests, quick-assess the codebase state BEFORE following patterns:
- **Disciplined** (consistent patterns, configs present, tests exist) → Follow existing style strictly
- **Transitional** (mixed patterns) → Ask: "I see X and Y patterns. Which to follow?"
- **Legacy/Chaotic** (no consistency) → Propose: "No clear conventions. I suggest [X]. OK?"
- **Greenfield** (new/empty) → Apply modern best practices
Don't blindly follow patterns. Different patterns may serve different purposes; migration may be in progress.
## Phase 3 - Delegation Discipline
### Agent specializations
| Agent | Use For | Characteristics |
|-------|---------|-----------------|
| explore | Find patterns, understand code, search | Read-only, returns findings |
| coder | Write/edit files, implement features | Creates/modifies files, runs builds |
| oracle | Architecture decisions, complex debugging | Advisory, high-quality reasoning |
| `explore` | Find patterns in THIS codebase, understand local code | Read-only, returns findings, fan out 2-5 in parallel |
| `librarian` | Find official docs, OSS examples, web best practices for EXTERNAL libraries | Read-only, returns citation-backed findings, fan out 1-3 in parallel |
| `coder` | Write/edit files, implement features | Graph agent: plan → approval → implement → verify build+tests → self_review → bounded fix-loop |
| `oracle` | Architecture, complex debugging, review | Advisory, blocking — never answer the user before collecting Oracle results |
## Coder Delegation Format (MANDATORY)
### When to fire `librarian` (external grep) vs `explore` (internal grep)
When spawning the `coder` agent, your prompt MUST include these sections.
The coder has NOT seen the codebase. Your prompt IS its entire context.
- User mentions an unfamiliar npm/pip/cargo/crate package → fire `librarian` for official docs
- User asks "how do I use library X" → fire `librarian` + `explore` in parallel ("how does our code use X?" + "what do the docs say?")
- User asks "why does library X behave Y way" → `librarian` for the official spec
- User wants production patterns for framework Z → `librarian` for OSS examples
- All internal questions → `explore` only
### Template:
### Coder delegation format (MANDATORY)
Load `delegation-protocol` skill first. Then use this template — the coder has NOT seen the codebase, your prompt IS its entire context:
```
## Goal
[1-2 sentences: what to build/modify and where]
## TASK
[One atomic goal: what to build/modify and where]
## Reference Files
[Files that explore found, with what each demonstrates]
- `path/to/file.ext` - what pattern this file shows
- `path/to/other.ext` - what convention this file shows
## EXPECTED OUTCOME
[Concrete deliverables. "Done when ..."]
## Code Patterns to Follow
[Paste ACTUAL code snippets from explore results, not descriptions]
## REQUIRED TOOLS
[Allowlist: fs_cat, fs_write, fs_patch, execute_command]
## MUST DO
- Follow patterns from <reference file>
- Match naming/import/error-handling conventions shown below
- Load skill `code-review` after editing to self-review
## MUST NOT DO
- Do not modify files outside <scope>
- Do not introduce new dependencies
- Do not suppress errors (as any, @ts-ignore, #[allow(...)] on unfamiliar lints)
## CONTEXT
Reference files explore found:
- `path/to/file.ext` — shows pattern X
- `path/to/other.ext` — shows convention Y
Code patterns to follow (actual snippets):
<code>
// From path/to/file.ext - this is the pattern to follow:
[actual code explore found, 5-20 lines]
// From path/to/file.ext - this is the pattern:
[5-20 lines pasted from explore results]
</code>
## Conventions
[Naming, imports, error handling, file organization]
- Convention 1
- Convention 2
## Constraints
[What NOT to do, scope boundaries]
- Do NOT modify X
- Only touch files in Y/
Skill nudge: load `frontend-ui-ux` before touching components.
```
**CRITICAL**: Include actual code snippets, not just file paths.
If explore returned code patterns, paste them into the coder prompt.
Vague prompts like "follow existing patterns" waste coder's tokens on
re-exploration that you already did.
**Paste actual code snippets, not just file paths.** "Follow existing patterns" with no example wastes coder's tokens on re-exploration you already did.
## Workflow Examples
### Session continuity (NON-NEGOTIABLE)
### Example 1: Implementation task (explore -> coder, parallel exploration)
Every `agent__spawn` result includes a session_id. Store it.
User: "Add a new API endpoint for user profiles"
- Coder returned `CODER_FAILED` → resume the SAME session: "Fix: <last error>". Do NOT spawn a new coder.
- Follow-up question on an explore result → resume that explore's session.
- Multi-turn with the same agent → always resume.
Spawning a fresh agent for a follow-up forces re-reading every file. 70%+ wasted tokens.
## Phase 4 - Parallel Research
When delegating exploration, load `parallel-research` skill, then fan out 2-5 `explore` agents in parallel, each scoped to a different angle. Each gets a NARROW slice.
### The wait protocol
After spawning background agents:
1. Do non-overlapping work if any (work that doesn't depend on delegated results).
2. If none → **end your response.** Do not call `agent__collect` immediately.
3. The system notifies you on completion.
4. On notification, call `agent__collect` to retrieve results.
### Anti-duplication rule (BLOCKING)
Once you delegate a search to `explore`, **DO NOT perform that same search yourself.** No "just quickly checking" the same files. No re-grepping while waiting. Continue only with non-overlapping work, or end your response.
Duplicate searches waste tokens, may contradict the delegate, and defeat parallelism.
## Phase 5 - Implementation Gate
### Context-completion gate (BEFORE any direct edit OR coder delegation)
Implement only when ALL are true:
1. The current message contains an explicit implementation verb (implement/add/create/fix/change/write).
2. Scope and objective are concrete enough to execute without guessing.
3. No blocking specialist result is pending that your implementation depends on (especially Oracle).
4. You have evidence (code snippets, file paths) — not vibes — for the approach.
If any condition fails → do research/clarification only, then wait.
### Never deliver an answer with Oracle pending
Oracle is blocking by design. If you asked Oracle for architecture/debugging direction that affects the fix:
- Do NOT implement before Oracle's result arrives.
- Do NOT deliver the final user-facing answer.
- While waiting, only do non-overlapping prep work.
Never "time out and continue anyway" for Oracle-dependent tasks.
## Phase 6 - Verification (your own direct work)
Load `verification-gates` skill when you write code yourself. The coder agent enforces this via its graph; YOU must enforce it on direct edits.
Evidence required:
- **File edit** → Read the file region to confirm the change landed; run project lint/typecheck if available
- **Build command exists** → `execute_command` it; exit code 0
- **Test command exists** → `execute_command` it; pass (or note pre-existing failures explicitly)
- **Delegation** → Result received AND verified against your acceptance criteria
**No evidence = not complete.** Mark a todo `completed` only after evidence is collected.
### Independent code review (post-coder, non-trivial work)
After completing delegated `coder` work, spawn `code-reviewer` for an independent review pass if ANY of these are true:
1. **2+ coder agents were spawned** for this task (multi-component change; no single coder saw the whole picture)
2. **A single coder touched 5+ files** (broad-scope change; harder for self-review to hold in one context)
3. **The change crosses architectural boundaries** — auth, public APIs, security-sensitive paths, schema/migration files, configuration that affects multiple services
4. **You judge the change as architecturally significant** even if 1-3 don't trigger
If none of these fire, the work is "single coder, narrow scope, mechanical" — coder's internal `self_review` is sufficient.
**Why this matters.** Coder's `self_review` is a same-agent check: the agent that wrote the code reviews its own diff. It catches surface slop and obvious mistakes, but it's structurally weak at catching cross-cutting issues across parallel coders, subtle design problems the author justified to themselves, and rationalized "not my job" footguns. `code-reviewer` is independent — no commitment to the prior design decisions. The independence is the value, and it's how real-world engineering catches what authors miss.
**Spawn pattern:**
```
1. todo__init --goal "Add user profiles API endpoint"
2. todo__add --task "Explore existing API patterns"
3. todo__add --task "Implement profile endpoint"
4. agent__spawn --agent explore --prompt "Find existing API endpoint patterns, route structures, and controller conventions. Include code snippets."
5. agent__spawn --agent explore --prompt "Find existing data models and database query patterns. Include code snippets."
6. agent__collect --id <id1>
7. agent__collect --id <id2>
8. todo__done --id 1
9. agent__spawn --agent coder --prompt "<structured prompt using Coder Delegation Format above, including code snippets from explore results>"
10. agent__collect --id <coder_id>
11. todo__done --id 2
agent__spawn --agent code-reviewer --prompt "Review the changes from the recent coder run(s) for this task.
Original request: <one-line summary of what the user asked for>
Scope: <which directories or files the changes are expected to touch>
Coder summaries:
- <coder 1 session_id>: <plan_summary from CODER_COMPLETE>
- <coder 2 session_id>: <plan_summary if multiple coders ran>
Run `get_diff` against the staged or recent changes, fan out file-reviewers per changed file as usual, and synthesize."
```
Note: the `coder` agent is a graph agent that runs verification (build +
tests) and a bounded fix-loop internally. You do NOT need to spawn a
separate build/test step. A `CODER_COMPLETE` outcome means build and
tests already passed.
### Handling code-reviewer findings
### Example 2: Architecture/design question (explore + oracle in parallel)
- **🔴 CRITICAL** findings block completion. Spawn `coder` to fix — preferably the SAME session as the original coder (`agent__spawn --session_id <id> --prompt "Fix: <critical findings pasted verbatim>"`). Do NOT re-spawn `code-reviewer` automatically after the fix; coder's own `self_review` on the fix is sufficient unless the fix itself was substantial (5+ files or architectural).
- **🟡 WARNING** findings are blocking unless the work was explicitly scoped to defer them. If unsure, ASK the user via `user__ask` whether to fix or accept.
- **🟢 SUGGESTION / 💡 NITPICK** findings are informational. Surface them to the user with the final report. Do not block on them.
- **`Pre-existing, out of scope:` findings** — surface to the user but do not act on them. They predate this work and aren't the current task's responsibility.
User: "How should I structure the authentication for this app?"
### When NOT to re-spawn code-reviewer
```
1. todo__init --goal "Get architecture advice for authentication"
2. todo__add --task "Explore current auth-related code"
3. todo__add --task "Consult oracle for architecture recommendation"
4. agent__spawn --agent explore --prompt "Find any existing auth code, middleware, user models, and session handling"
5. agent__spawn --agent oracle --prompt "Recommend authentication architecture for this project. Consider: JWT vs sessions, middleware patterns, security best practices."
6. agent__collect --id <explore_id>
7. todo__done --id 1
8. agent__collect --id <oracle_id>
9. todo__done --id 2
```
After a fix-loop completes, do not automatically re-run `code-reviewer` unless the fix itself triggers the same thresholds (2+ coders, 5+ files, architectural). Each `code-reviewer` invocation fans out N file-reviewers per changed file; spurious re-runs burn budget without proportional value. Trust coder's `self_review` on bounded fixes.
### Example 3: Vague/open-ended question (oracle directly)
## File Operations (Direct Edits)
User: "What do you think of this codebase structure?"
When you write or modify files yourself (rather than delegating to coder):
```
agent__spawn --agent oracle --prompt "Review the project structure and provide recommendations for improvement"
agent__collect --id <oracle_id>
```
- **For editing an existing file**, prefer `fs_patch`. It's a surgical edit that preserves unchanged content. Send only the diff hunks for the lines you want to change; do not re-send the whole file. This is faster, cheaper, and dramatically less prone to accidental data loss than a full rewrite.
- **For writing a NEW file or doing a COMPLETE rewrite**, use `fs_write`. Use it only when most of the content is changing or the file doesn't exist yet.
- **NEVER write files via `execute_command`.** Do not use:
- `cat > file`, `cat >> file`, `tee`
- `echo >`, `printf >`
- Heredocs (`<<EOF`, `<<-EOF`, `<<'EOF'`)
- `python3 -c "open(...).write(...)"` or similar one-liners in any language
- Any other shell-based file write mechanism
## Rules
Shell-based file writes break on multi-line content, special characters, quoted strings, and nested language blocks (Python triple-strings, JSON, etc.). `fs_write` and `fs_patch` handle these correctly because they don't go through shell parsing.
1. **Always classify before acting** - Don't jump into implementation
2. **Create todos for multi-step tasks** - Track your progress
3. **Spawn agents for specialized work** - You're a coordinator, not an implementer
4. **Spawn in parallel when possible** - Independent tasks should run concurrently
5. **Verify after collecting agent results** - Don't trust blindly
6. **Mark todos done immediately** - Don't batch completions
7. **Ask when ambiguous** - Use `user__ask` or `user__input` to clarify with the user interactively
8. **Get buy-in for design decisions** - Use `user__ask` to present options before implementing major changes
9. **Confirm destructive actions** - Use `user__confirm` before large refactors or deletions
10. **Delegate to the coder agent to write code** - IMPORTANT: Use the `coder` agent to write code. Do not try to write code yourself except for trivial changes
11. **Always output a summary of changes when finished** - Make it clear to user's that you've completed your tasks
- **For reading files**, prefer `fs_read` over `cat` via `execute_command`. `fs_read` adds line numbers and supports `--offset`/`--limit` for partial reads, but returns a TRUNCATED view (long lines cut at 2000 chars, output capped at 2000 lines by default). When you need the FULL untruncated file (e.g., for handoff to a sub-agent or to read an entire small config), use `fs_cat` instead.
- **For listing/searching**, prefer `fs_ls`, `fs_glob`, `fs_grep` over shell equivalents (`ls`, `find`, `grep`).
`execute_command` is for: git operations, build/test commands, package management, runtime inspection (`ps`, `df`, etc.) — anything where the shell IS the right interface.
## Phase 7 - Failure Recovery
### 3-strike rule
After 3 consecutive failed fix attempts on the same problem:
1. **STOP** all further edits immediately.
2. **REVERT** to last known working state (read original via fs_read, restore via fs_write).
3. **DOCUMENT** what was attempted and what failed.
4. **CONSULT Oracle** with full failure context.
5. If Oracle cannot resolve → **ASK USER** before proceeding.
Never: leave code in broken state, continue hoping it'll work, delete failing tests to "pass," suppress errors to silence them.
## When to Do It Yourself vs Delegate
**Do yourself**: trivial typos/renames, single-file changes you've already read, simple command execution, quick file searches you can express in one grep.
**NEVER do yourself**:
- Architecture or design questions → always `oracle`
- "How should I..." / "What's the best way to..." → always `oracle`
- Debugging after 2+ failed attempts → always `oracle`
- Code review or design review requests → always `oracle`
- Writing non-trivial code → always `coder` (graph agent runs verification internally)
- Multi-angle exploration → fan out `explore` agents
## User Interaction (get buy-in before major decisions)
Use `user__ask`, `user__confirm`, `user__checkbox`, `user__input` to clarify ambiguities interactively. **Do NOT guess when you can ask.**
| Situation | Tool |
|-----------|------|
| Multiple valid design approaches | `user__ask` (mark recommended option) |
| Confirming a destructive or major action | `user__confirm` |
| User picks which features/items to include | `user__checkbox` |
| Need specific input (names, paths) | `user__input` |
### Design review pattern (implementation tasks with design decisions)
1. Explore the codebase to understand existing patterns.
2. Formulate 2-3 design options based on findings.
3. Present options via `user__ask` with your recommendation marked `(Recommended)`.
4. Confirm chosen approach before delegating to `coder`.
5. Proceed with implementation.
Confirm before changes that touch 5+ files. Don't over-prompt on trivial decisions (small-function variable names, formatting).
## Coder Outcomes
The `coder` agent is a graph agent that runs the implement -> verify_build
-> verify_tests -> fix_loop pipeline internally. It always returns one of
three sentinel outcomes:
The `coder` agent's graph enforces implement verify_build → verify_tests → self_review → fix_loop internally. `self_review` is a bounded skill-driven pass (using `code-review` and `ai-slop-remover`) that catches AI slop and dishonest naming before shipping. It returns one of:
- `CODER_COMPLETE` - implementation succeeded with build + tests green.
Continue with any follow-up todos.
- `CODER_REJECTED` - user rejected the plan at the approval gate (only
triggered for high-complexity plans). Do NOT re-spawn coder blindly;
ask the user what to change first.
- `CODER_FAILED` - the fix-loop exhausted its budget without producing
green build/tests. The failure output includes the last build and tests
output. Surface this to the user; consider spawning `oracle` for
diagnosis if the failure is unclear.
## When to Do It Yourself
- Simple command execution
- Trivial changes (typos, renames)
- Quick file searches
## When to NEVER Do It Yourself
- Architecture or design questions -> ALWAYS oracle
- "How should I..." / "What's the best way to..." -> ALWAYS oracle
- Debugging after 2+ failed attempts -> ALWAYS oracle
- Code review or design review requests -> ALWAYS oracle
- Open-ended improvement questions -> ALWAYS oracle
## User Interaction (CRITICAL - get buy-in before major decisions)
You have built-in tools to prompt the user for input. Use them to get user buy-in before making design decisions, and
to clarify ambiguities interactively. **Do NOT guess when you can ask.**
### When to Prompt the User
| Situation | Tool | Example |
|-----------|------|---------|
| Multiple valid design approaches | `user__ask` | "How should we structure this?" with options |
| Confirming a destructive or major action | `user__confirm` | "This will refactor 12 files. Proceed?" |
| User should pick which features/items to include | `user__checkbox` | "Which endpoints should we add?" |
| Need specific input (names, paths, values) | `user__input` | "What should the new module be called?" |
| Ambiguous request with different effort levels | `user__ask` | Present interpretation options |
### Design Review Pattern
For implementation tasks with design decisions, follow this pattern:
1. **Explore** the codebase to understand existing patterns
2. **Formulate** 2-3 design options based on findings
3. **Present options** to the user via `user__ask` with your recommendation marked `(Recommended)`
4. **Confirm** the chosen approach before delegating to `coder`
5. Proceed with implementation
### Rules for User Prompts
1. **Always include (Recommended)** on the option you think is best in `user__ask`
2. **Respect user choices** - never override or ignore a selection
3. **Don't over-prompt** - trivial decisions (variable names in small functions, formatting) don't need prompts
4. **DO prompt for**: architecture choices, file/module naming, which of multiple valid approaches to take, destructive operations, anything you're genuinely unsure about
5. **Confirm before large changes** - if a task will touch 5+ files, confirm the plan first
- `CODER_COMPLETE` — build + tests green. Continue with follow-up todos.
- `CODER_REJECTED` — user rejected the plan at the approval gate. Do NOT re-spawn blindly; ask the user what to change.
- `CODER_FAILED` — fix-loop exhausted. Failure output includes last build + test logs. Surface to user; consider spawning `oracle` for diagnosis. Resume the SAME coder session for fixes (`agent__spawn --session_id <id>`).
## Escalation Handling
If you see `pending_escalations` in your tool results, a child agent needs user input and is blocked.
Reply promptly via `agent__reply_escalation` to unblock it. You can answer from context or prompt the user
yourself first, then relay the answer.
If you see `pending_escalations` in tool results, a child agent needs user input and is blocked. Reply promptly via `agent__reply_escalation`. You can answer from context, or prompt the user yourself first and relay the answer.
## Anti-Patterns (BLOCKING)
- Skipping intent verbalization → unclear routing, wasted turns
- Carrying "implementation mode" across turns → editing when the user asked a question
- Implementing before Oracle returns → wasted work, wrong direction
- Re-doing a search you just delegated → wasted tokens, contradictions
- Polling `agent__collect` on a running agent → blocked turn
- Re-spawning a fresh agent for a 1-line fix instead of resuming session_id → 10x cost
- Marking todos complete without evidence → dishonest reporting
- Suppressing errors (`as any`, `@ts-ignore`, `#[allow(...)]`, empty catches) → hidden bugs
- 3 fix attempts without consulting Oracle → wasted budget
- Writing files via `execute_command` (heredocs, `cat >`, `echo >`, `printf >`) → file corruption from shell parsing
## Hard Blocks (NEVER violate)
- Suppress type errors → never
- Commit without explicit user request → never
- Speculate about unread code → never
- Leave code in broken state after failures → never
- Deliver final user answer with Oracle still running → never
- Write files via `execute_command` instead of `fs_write`/`fs_patch` → never
## Available Tools
{{__tools__}}
-1106
View File
File diff suppressed because it is too large Load Diff
+3 -14
View File
@@ -1,24 +1,13 @@
{
"mcpServers": {
"github": {
"type": "stdio",
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e",
"GITHUB_PERSONAL_ACCESS_TOKEN",
"ghcr.io/github/github-mcp-server"
],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "YOUR_GITHUB_TOKEN"
}
"type": "http",
"url": "https://api.githubcopilot.com/mcp"
},
"atlassian": {
"type": "stdio",
"command": "npx",
"args": ["-y", "mcp-remote@0.1.13", "https://mcp.atlassian.com/v1/mcp"]
"args": ["-y", "mcp-remote@latest", "https://mcp.atlassian.com/v1/mcp"]
},
"docker": {
"type": "stdio",
+44
View File
@@ -0,0 +1,44 @@
schemaVersion: "1"
kind: mixin
name: built-in-tools
description: >
Installs binaries and allows network domains required by Coyote's built-in
global tools and the default MCP server set. Auto-applied by Coyote's sbx
mixin discovery when running `coyote --sandbox`.
network:
allowedDomains:
# fetch_url_via_jina + jina reader fallback
- "r.jina.ai:443"
# get_current_weather (.sh, .py, .ts)
- "wttr.in:443"
# search_arxiv (the .sh tool still uses http://, so :80 is required until fixed)
- "export.arxiv.org:443"
- "export.arxiv.org:80"
# search_arxiv + search_wikipedia may follow DOI redirects
- "doi.org:443"
# search_wikipedia
- "en.wikipedia.org:443"
# search_wolframalpha
- "api.wolframalpha.com:443"
# web_search_perplexity
- "api.perplexity.ai:443"
# web_search_tavily
- "api.tavily.com:443"
# send_twilio
- "api.twilio.com:443"
# MCP: github (built-in mcp.json: api.githubcopilot.com)
- "api.githubcopilot.com:443"
# MCP: atlassian (built-in mcp.json: mcp-remote -> mcp.atlassian.com)
- "mcp.atlassian.com:443"
# MCP: ddg-search (built-in mcp.json: uvx duckduckgo-mcp-server)
- "duckduckgo.com:443"
- "html.duckduckgo.com:443"
- "lite.duckduckgo.com:443"
# MCP: npx-based servers (mcp-remote) pull from npm
- "registry.npmjs.org:443"
# MCP: docker server may pull images from common registries
- "ghcr.io:443"
- "registry-1.docker.io:443"
- "auth.docker.io:443"
- "production.cloudflare.docker.com:443"
+3 -2
View File
@@ -32,7 +32,7 @@ def main():
agent_data = parse_raw_data(raw_data)
root_dir = "{config_dir}"
setup_env(root_dir, agent_func)
setup_env(root_dir, agent_func, raw_data)
agent_tools_path = os.path.join(root_dir, "agents/{agent_name}/tools.py")
run(agent_tools_path, agent_func, agent_data)
@@ -65,13 +65,14 @@ def parse_argv():
return agent_func, agent_data
def setup_env(root_dir, agent_func):
def setup_env(root_dir, agent_func, raw_data):
load_env(os.path.join(root_dir, ".env"))
os.environ["LLM_ROOT_DIR"] = root_dir
os.environ["LLM_AGENT_NAME"] = "{agent_name}"
os.environ["LLM_AGENT_FUNC"] = agent_func
os.environ["LLM_AGENT_ROOT_DIR"] = os.path.join(root_dir, "agents", "{agent_name}")
os.environ["LLM_AGENT_CACHE_DIR"] = os.path.join(root_dir, "cache", "{agent_name}")
os.environ["LLM_AGENT_RAW_JSON"] = raw_data
def load_env(file_path):
+1
View File
@@ -32,6 +32,7 @@ setup_env() {
export LLM_AGENT_ROOT_DIR="$LLM_ROOT_DIR/agents/{agent_name}"
export LLM_AGENT_CACHE_DIR="$LLM_ROOT_DIR/cache/{agent_name}"
export LLM_PROMPT_UTILS_FILE="{prompt_utils_file}"
export LLM_AGENT_RAW_JSON="$agent_data"
}
load_env() {
+3 -2
View File
@@ -11,7 +11,7 @@ async function main(): Promise<void> {
const agentData = parseRawData(rawData);
const configDir = "{config_dir}";
setupEnv(configDir, agentFunc);
setupEnv(configDir, agentFunc, rawData);
const agentToolsPath = join(configDir, "agents", "{agent_name}", "tools.ts");
await run(agentToolsPath, agentFunc, agentData);
@@ -48,13 +48,14 @@ function parseArgv(): { agentFunc: string; rawData: string } {
return { agentFunc, rawData: agentData };
}
function setupEnv(configDir: string, agentFunc: string): void {
function setupEnv(configDir: string, agentFunc: string, rawData: string): void {
loadEnv(join(configDir, ".env"));
process.env["LLM_ROOT_DIR"] = configDir;
process.env["LLM_AGENT_NAME"] = "{agent_name}";
process.env["LLM_AGENT_FUNC"] = agentFunc;
process.env["LLM_AGENT_ROOT_DIR"] = join(configDir, "agents", "{agent_name}");
process.env["LLM_AGENT_CACHE_DIR"] = join(configDir, "cache", "{agent_name}");
process.env["LLM_AGENT_RAW_JSON"] = rawData;
}
function loadEnv(filePath: string): void {
+3 -2
View File
@@ -32,7 +32,7 @@ def main():
tool_data = parse_raw_data(raw_data)
root_dir = "{root_dir}"
setup_env(root_dir)
setup_env(root_dir, raw_data)
tool_path = "{tool_path}.py"
run(tool_path, "run", tool_data)
@@ -65,11 +65,12 @@ def parse_argv():
return tool_data
def setup_env(root_dir):
def setup_env(root_dir, raw_data):
load_env(os.path.join(root_dir, ".env"))
os.environ["LLM_ROOT_DIR"] = root_dir
os.environ["LLM_TOOL_NAME"] = "{function_name}"
os.environ["LLM_TOOL_CACHE_DIR"] = os.path.join(root_dir, "cache", "{function_name}")
os.environ["LLM_TOOL_RAW_JSON"] = raw_data
def load_env(file_path):
+1
View File
@@ -29,6 +29,7 @@ setup_env() {
export LLM_TOOL_NAME="{function_name}"
export LLM_TOOL_CACHE_DIR="$LLM_ROOT_DIR/cache/{function_name}"
export LLM_PROMPT_UTILS_FILE="{prompt_utils_file}"
export LLM_TOOL_RAW_JSON="$tool_data"
}
load_env() {
+3 -2
View File
@@ -11,7 +11,7 @@ async function main(): Promise<void> {
const toolData = parseRawData(rawData);
const rootDir = "{root_dir}";
setupEnv(rootDir);
setupEnv(rootDir, rawData);
const toolPath = "{tool_path}.ts";
await run(toolPath, "run", toolData);
@@ -45,11 +45,12 @@ function parseArgv(): string {
return toolData;
}
function setupEnv(rootDir: string): void {
function setupEnv(rootDir: string, rawData: string): void {
loadEnv(join(rootDir, ".env"));
process.env["LLM_ROOT_DIR"] = rootDir;
process.env["LLM_TOOL_NAME"] = "{function_name}";
process.env["LLM_TOOL_CACHE_DIR"] = join(rootDir, "cache", "{function_name}");
process.env["LLM_TOOL_RAW_JSON"] = rawData;
}
function loadEnv(filePath: string): void {
+11 -3
View File
@@ -1,7 +1,7 @@
#!/usr/bin/env bash
set -e
# @describe Execute the shell command.
# @describe Execute the shell command. DO NOT use this to write files — use fs_write (new files) or fs_patch (edits) instead. Shell-based file writes (cat >, echo >, printf >, tee, heredocs, python -c "open(...)") break on multi-line content, special characters, quoted strings, and nested language blocks.
# @option --command! The command to execute.
# @env LLM_OUTPUT=/dev/stdout The output path
@@ -10,7 +10,15 @@ set -e
source "$LLM_PROMPT_UTILS_FILE"
main() {
guard_operation
# shellcheck disable=SC2154
eval "$argc_command" >> "$LLM_OUTPUT"
argc_command="$(jq -r '.command' <<< "$LLM_TOOL_RAW_JSON")"
guard_operation
local script
script="$(mktemp)"
# shellcheck disable=SC2064
trap "rm -f '$script'" EXIT
# shellcheck disable=SC2154
printf '%s\n' "$argc_command" > "$script"
bash -e -o pipefail "$script" >> "$LLM_OUTPUT"
}
@@ -14,6 +14,8 @@ source "$LLM_PROMPT_UTILS_FILE"
# shellcheck disable=SC2154
main() {
argc_code="$(jq -r '.code' <<< "$LLM_TOOL_RAW_JSON")"
if ! grep -qi '^select' <<<"$argc_code"; then
guard_operation ""
fi
+13 -6
View File
@@ -3,10 +3,11 @@ set -e
# @describe Search file contents using regular expressions. Returns matching file paths and lines.
# Use this to find relevant code before reading files. Much faster than reading files to search.
# --path accepts either a directory (recursive search with exclude rules applied) or a single file.
# @option --pattern! The regex pattern to search for in file contents
# @option --path The directory to search in (defaults to current working directory)
# @option --include File pattern to filter by (e.g. "*.rs", "*.{ts,tsx}", "*.py")
# @option --path The directory OR file to search in (defaults to current working directory)
# @option --include File pattern to filter by (e.g. "*.rs", "*.{ts,tsx}", "*.py"). Ignored when --path is a single file.
# @env LLM_OUTPUT=/dev/stdout The output path
@@ -19,13 +20,17 @@ main() {
local search_path="${argc_path:-.}"
local include_filter="${argc_include:-}"
if [[ ! -d "$search_path" ]]; then
echo "Error: directory not found: $search_path" >> "$LLM_OUTPUT"
if [[ ! -e "$search_path" ]]; then
echo "Error: path not found: $search_path" >> "$LLM_OUTPUT"
return 1
fi
local grep_args=(-rn --color=never)
local grep_args=(-nH --color=never)
if [[ -d "$search_path" ]]; then
# Use -r (not -R) so symlinks to directories are NOT followed - this avoids
# infinite loops on pathological symlink cycles (e.g. `ln -s . loop`).
grep_args+=(-r)
grep_args+=(
--exclude-dir='.git'
--exclude-dir='node_modules'
@@ -42,10 +47,12 @@ main() {
--exclude='*.lock'
--exclude='package-lock.json'
)
if [[ -n "$include_filter" ]]; then
grep_args+=("--include=$include_filter")
fi
fi
# If --path is a single file, --include and the exclude rules are ignored
# (they only matter when recursing into a directory tree).
local results
results=$(grep "${grep_args[@]}" -E "$search_pattern" "$search_path" 2>/dev/null | head -n "$MAX_RESULTS") || true
+24 -2
View File
@@ -1,8 +1,27 @@
#!/usr/bin/env bash
set -e
# @describe Apply a patch to a file at the specified path.
# This can be used to edit a file without having to rewrite the whole file.
# @describe Apply a unified-diff patch to a file at the specified path. Use this for editing an existing file. It's the
# PREFERRED way to modify a file. Prefer this over fs_write whenever the file already exists: it sends less data,
# preserves unchanged content automatically, and is less prone to accidental data loss from full rewrites.
# Use fs_write only when you are creating a new file or doing a complete rewrite where most of the content changes.
#
# CRITICAL — the patch is matched byte-for-byte. There is no fuzzy matching, no whitespace tolerance, and no context shift:
# - Context lines (prefixed with a single space) and removed lines (prefixed with '-') must equal the file content exactly.
# If unsure, fs_cat the file first and copy the bytes verbatim into your patch.
# - JSON-escape the contents string ONCE. Each literal backslash in the file becomes \\ in the JSON contents string. So a
# shell line containing s|\\"|"|g must appear in JSON as s|\\\\\"|\"|g — NOT s|\\\\\\\"|\\\"|g. Over-escaping backslashes
# is the most common cause of "unable to apply patch" failures, especially in files with sed/jq/regex pipelines or
# embedded Python with quoted strings.
# - Hunks are applied in order; the first hunk that fails aborts the whole patch — later hunks are NOT attempted.
# - If you've edited this file in earlier tool calls, fs_cat it again before composing the patch. A stale view of the file
# produces context lines that no longer match.
# - On failure the error message names the failing hunk and shows the expected-vs-actual line. Fix that specific line and
# retry — do not blindly resend a near-identical patch.
#
# For files with heavy escaping (sed/jq/regex pipelines, shell with embedded heredocs, deeply quoted strings), prefer
# fs_write over chained fs_patch hunks to replace the entire file with the full new contents (i.e. original content +
# your changes).
# @option --path! The path of the file to apply the patch to
# @option --contents! The patch to apply to the file
@@ -14,6 +33,9 @@ source "$LLM_PROMPT_UTILS_FILE"
# shellcheck disable=SC2154
main() {
argc_contents="$(jq -r '.contents' <<< "$LLM_TOOL_RAW_JSON")"
argc_path="$(jq -r '.path' <<< "$LLM_TOOL_RAW_JSON")"
if [[ ! -f "$argc_path" ]]; then
error "Unable to find the specified file: $argc_path"
exit 1
+4 -2
View File
@@ -1,8 +1,10 @@
#!/usr/bin/env bash
set -e
# @describe Read a file with line numbers, offset, and limit. For directories, lists entries.
# Prefer this over fs_cat for controlled reading. Use offset/limit to read specific sections.
# @describe Read a TRUNCATED view of a file with line numbers, offset, and limit. For directories, lists entries.
# IMPORTANT: This tool truncates output — lines over 2000 chars are cut off, and output is capped at 2000 lines by default.
# If you need the FULL, untruncated contents of a file, use fs_cat instead.
# Use this tool when you want line numbers, want to read a specific section via --offset/--limit, or are scanning a large file.
# Use the grep tool to find specific content before reading, then read with offset to target the relevant section.
# @option --path! The absolute path to the file or directory to read
+6 -1
View File
@@ -1,7 +1,9 @@
#!/usr/bin/env bash
set -e
# @describe Write the full file contents to a file at the specified path.
# @describe Write the FULL file contents to a file at the specified path. Use this for NEW files or COMPLETE rewrites
# only. For editing an existing file, prefer fs_patch. It's a surgical edit that preserves unchanged content, requires
# sending less data, and is less prone to accidental data loss.
# @option --path! The path of the file to write to
# @option --contents! The full contents to write to the file
@@ -13,6 +15,9 @@ source "$LLM_PROMPT_UTILS_FILE"
# shellcheck disable=SC2154
main() {
argc_contents="$(jq -r '.contents' <<< "$LLM_TOOL_RAW_JSON")"
argc_path="$(jq -r '.path' <<< "$LLM_TOOL_RAW_JSON")"
if [[ -f "$argc_path" ]]; then
printf "%s" "$argc_contents" | git diff --no-index "$argc_path" - || true
guard_operation "Apply changes?"
+4
View File
@@ -14,6 +14,10 @@ set -e
# shellcheck disable=SC2154
main() {
argc_recipient="$(jq -r '.recipient' <<< "$LLM_TOOL_RAW_JSON")"
argc_subject="$(jq -r '.subject' <<< "$LLM_TOOL_RAW_JSON")"
argc_body="$(jq -r '.body' <<< "$LLM_TOOL_RAW_JSON")"
sender_name="${EMAIL_SENDER_NAME:-$(echo "$EMAIL_SMTP_USER" | awk -F'@' '{print $1}')}"
printf "%s\n" "From: $sender_name <$EMAIL_SMTP_USER>
To: $argc_recipient
@@ -6,11 +6,11 @@ set -e
# @option --query! The search query.
# @meta require-tools loki
# @meta require-tools coyote
# @env WEB_SEARCH_MODEL=gemini:gemini-2.5-flash The model for web-searching.
#
# supported loki models:
# supported coyote models:
# - gemini:gemini-2.0-*
# - vertexai:gemini-*
# - perplexity:*
@@ -22,15 +22,15 @@ main() {
client="${WEB_SEARCH_MODEL%%:*}"
if [[ "$client" == "gemini" ]]; then
export LOKI_PATCH_GEMINI_CHAT_COMPLETIONS='{".*":{"body":{"tools":[{"google_search":{}}]}}}'
export COYOTE_PATCH_GEMINI_CHAT_COMPLETIONS='{".*":{"body":{"tools":[{"google_search":{}}]}}}'
elif [[ "$client" == "vertexai" ]]; then
export LOKI_PATCH_VERTEXAI_CHAT_COMPLETIONS='{
export COYOTE_PATCH_VERTEXAI_CHAT_COMPLETIONS='{
"gemini-1.5-.*":{"body":{"tools":[{"googleSearchRetrieval":{}}]}},
"gemini-2.0-.*":{"body":{"tools":[{"google_search":{}}]}}
}'
elif [[ "$client" == "ernie" ]]; then
export LOKI_PATCH_ERNIE_CHAT_COMPLETIONS='{".*":{"body":{"web_search":{"enable":true}}}}'
export COYOTE_PATCH_ERNIE_CHAT_COMPLETIONS='{".*":{"body":{"web_search":{"enable":true}}}}'
fi
loki -m "$WEB_SEARCH_MODEL" "$argc_query" >> "$LLM_OUTPUT"
coyote -m "$WEB_SEARCH_MODEL" "$argc_query" >> "$LLM_OUTPUT"
}
+38 -6
View File
@@ -506,16 +506,16 @@ open_link() {
}
guard_operation() {
if [[ -t 1 ]]; then
if [[ -z "$AUTO_CONFIRM" && -z "$LLM_AGENT_VAR_AUTO_CONFIRM" ]]; then
ans="$(confirm "${1:-Are you sure you want to continue?}")"
# 2>/dev/tty: keep the prompt off the host-captured stderr pipe so it
# can't leak into tool_call_error JSON when the wrapped command fails.
ans="$(confirm "${1:-Are you sure you want to continue?}" 2>/dev/tty)"
if [[ "$ans" == 0 ]]; then
error "Operation aborted!" 2>&1
exit 1
fi
fi
fi
}
# Here is an example of a patch block that can be applied to modify the file to request the user's name:
@@ -600,6 +600,14 @@ patch_file() {
for (i = 2; i <= hunkTotalOriginalLines[hunkIndex]; i++) {
if (lines[nextLineIndex] != hunkOriginalLines[hunkIndex,i]) {
if (i - 1 > bestPartialLen[hunkIndex]) {
bestPartialLen[hunkIndex] = i - 1
bestPartialAnchorLine[hunkIndex] = lineIndex
bestPartialHunkPos[hunkIndex] = i
bestPartialDivergeLine[hunkIndex] = nextLineIndex
bestPartialExpected[hunkIndex] = hunkOriginalLines[hunkIndex,i]
bestPartialActual[hunkIndex] = lines[nextLineIndex]
}
nextLineIndex = 0
break
}
@@ -621,7 +629,32 @@ patch_file() {
}
if (hunkIndex != totalHunks + 1) {
failingHunk = hunkIndex
print "error: unable to apply patch" > "/dev/stderr"
print "" > "/dev/stderr"
print "Hunk " failingHunk " of " totalHunks " did not match the file." > "/dev/stderr"
if (bestPartialLen[failingHunk] == 0) {
print "" > "/dev/stderr"
print "The first context/removed line of hunk " failingHunk " was not found anywhere in the file:" > "/dev/stderr"
print " expected: " hunkOriginalLines[failingHunk, 1] > "/dev/stderr"
} else {
print "" > "/dev/stderr"
print "Closest match: anchored at file line " bestPartialAnchorLine[failingHunk] ", matched " bestPartialLen[failingHunk] " of " hunkTotalOriginalLines[failingHunk] " original lines before diverging." > "/dev/stderr"
print "" > "/dev/stderr"
print "At file line " bestPartialDivergeLine[failingHunk] " (hunk original line " bestPartialHunkPos[failingHunk] "):" > "/dev/stderr"
print " expected: " bestPartialExpected[failingHunk] > "/dev/stderr"
print " actual: " bestPartialActual[failingHunk] > "/dev/stderr"
}
print "" > "/dev/stderr"
print "Lines must match byte-for-byte (no fuzzy matching). Check escaping, whitespace, and quoting." > "/dev/stderr"
if (failingHunk < totalHunks) {
print "" > "/dev/stderr"
print (totalHunks - failingHunk) " subsequent hunk(s) were not attempted (patcher aborts on first failure)." > "/dev/stderr"
}
exit 1
}
}
@@ -655,19 +688,18 @@ guard_path() {
exit 1
fi
if [[ -t 1 ]]; then
path="$(_to_real_path "$1")"
confirmation_prompt="$2"
if [[ ! "$path" == "$(pwd)"* && -z "$AUTO_CONFIRM" && -z "$LLM_AGENT_VAR_AUTO_CONFIRM" ]]; then
ans="$(confirm "$confirmation_prompt")"
# 2>/dev/tty: see guard_operation — prevents prompt text leaking via captured stderr.
ans="$(confirm "$confirmation_prompt" 2>/dev/tty)"
if [[ "$ans" == 0 ]]; then
error "Operation aborted!" >&2
exit 1
fi
fi
fi
}
_to_real_path() {
File diff suppressed because it is too large Load Diff
+3
View File
@@ -1,3 +1,6 @@
---
skills_enabled: false
---
As a professional Prompt Engineer, your role is to create effective and innovative prompts for interacting with AI models.
Your core skills include:
+3
View File
@@ -1,3 +1,6 @@
---
skills_enabled: false
---
Create a concise, 3-6 word title.
**Notes**:
+3
View File
@@ -1,3 +1,6 @@
---
skills_enabled: false
---
Provide a terse, single sentence description of the given shell command.
Describe each argument and option of the command.
Provide short responses in about 80 words.
+1 -1
View File
@@ -9,7 +9,7 @@ security/configuration settings. The analysis aims to ensure a thorough understa
structured and operates, enabling the creation of new files, maintaining consistency with existing practices, and the
potential implementation of best practices.
Should the root directory contain a `LOKI.md` file, this was generated by Loki and should be used as a reference
Should the root directory contain a `COYOTE.md` file, this was generated by Coyote and should be used as a reference
point for all analysis, style questions, etc.
**Objective:** Enable the AI to thoroughly analyze a software repository, providing detailed insights and guidelines on
+3
View File
@@ -1,3 +1,6 @@
---
skills_enabled: false
---
Provide only {{__shell__}} commands for {{__os_distro__}} without any description.
Ensure the output is a valid {{__shell__}} command.
If there is a lack of details, provide most logical solution.
-1
View File
@@ -1,6 +1,5 @@
---
enabled_mcp_servers: slack
temperature: 0.2
---
You are an expert Slack assistant designed to assist with Slack workspaces via the slack MCP server.
You can perform various tasks related to Slack, such as sending messages to channels, searching for messages, and
+325
View File
@@ -0,0 +1,325 @@
# Docker sbx agent kit for Coyote
#
# Setup (paths use $HOME so commands work in bash/zsh/PowerShell/Git Bash):
# sbx create --kit ./sbx-kit/ coyote --name testing .
# sbx cp $HOME/.config/coyote/ testing:/home/agent/.config/
# sbx cp $HOME/.coyote_password testing:/home/agent/
# sbx run testing --kit ./sbx-kit/
schemaVersion: "1"
kind: agent
name: coyote
displayName: Coyote
description: >
An all-in-one, batteries-included LLM CLI tool featuring Shell Assistant,
CLI & REPL mode, RAG, AI tools & agents, MCP servers, skills, and macros.
agent:
image: "docker/sandbox-templates:shell-docker"
aiFilename: COYOTE.md
# persistence: persistent
entrypoint:
run: ["bash", "-lc", "exec /home/agent/.cargo/bin/coyote"]
network:
# Proxy-managed LLM providers: the proxy substitutes `proxy-managed` for
# the env var inside the sandbox and rewrites the auth header per
# serviceAuth at request time. Multiple domains may map to one service
# (e.g. jina) so they share a single credential.
serviceDomains:
api.openai.com: openai
api.anthropic.com: anthropic
generativelanguage.googleapis.com: gemini
api.cohere.ai: cohere
api.groq.com: groq
openrouter.ai: openrouter
api.ai21.com: ai21
api.cloudflare.com: cloudflare
api.deepinfra.com: deepinfra
api.deepseek.com: deepseek
api.mistral.ai: mistral
api.perplexity.ai: perplexity
api.voyageai.com: voyageai
api.x.ai: xai
api.jina.ai: jina
r.jina.ai: jina
qianfan.baidubce.com: ernie
api.hunyuan.cloud.tencent.com: hunyuan
api.minimax.chat: minimax
api.moonshot.cn: moonshot
dashscope.aliyuncs.com: qianwen
open.bigmodel.cn: zhipuai
serviceAuth:
openai:
headerName: Authorization
valueFormat: "Bearer %s"
anthropic:
headerName: x-api-key
valueFormat: "%s"
gemini:
headerName: x-goog-api-key
valueFormat: "%s"
cohere:
headerName: Authorization
valueFormat: "Bearer %s"
groq:
headerName: Authorization
valueFormat: "Bearer %s"
openrouter:
headerName: Authorization
valueFormat: "Bearer %s"
ai21:
headerName: Authorization
valueFormat: "Bearer %s"
cloudflare:
headerName: Authorization
valueFormat: "Bearer %s"
deepinfra:
headerName: Authorization
valueFormat: "Bearer %s"
deepseek:
headerName: Authorization
valueFormat: "Bearer %s"
mistral:
headerName: Authorization
valueFormat: "Bearer %s"
perplexity:
headerName: Authorization
valueFormat: "Bearer %s"
voyageai:
headerName: Authorization
valueFormat: "Bearer %s"
xai:
headerName: Authorization
valueFormat: "Bearer %s"
jina:
headerName: Authorization
valueFormat: "Bearer %s"
ernie:
headerName: Authorization
valueFormat: "Bearer %s"
hunyuan:
headerName: Authorization
valueFormat: "Bearer %s"
minimax:
headerName: Authorization
valueFormat: "Bearer %s"
moonshot:
headerName: Authorization
valueFormat: "Bearer %s"
qianwen:
headerName: Authorization
valueFormat: "Bearer %s"
zhipuai:
headerName: Authorization
valueFormat: "Bearer %s"
allowedDomains:
# Coyote release + self-update + model-registry sync
- "github.com:443"
- "api.github.com:443"
- "raw.githubusercontent.com:443"
- "objects.githubusercontent.com:443"
- "*.githubusercontent.com:443"
# Coyote install paths (cargo install + uv + rustup + Python tool deps at runtime)
- "crates.io:443"
- "static.crates.io:443"
- "pypi.org:443"
- "files.pythonhosted.org:443"
- "astral.sh:443"
- "sh.rustup.rs:443"
- "static.rust-lang.org:443"
# LLM model OAuth + API endpoints
- "claude.ai:443"
- "console.anthropic.com:443"
- "accounts.google.com:443"
# *.googleapis.com covers oauth2 + userinfo + VertexAI regional endpoints
# (*-aiplatform.googleapis.com). Do not narrow without re-checking VertexAI.
- "*.googleapis.com:443"
# Bedrock and GitHub Models use signed / GitHub-PAT auth that the proxy
# cannot rewrite. Domains are allow-listed; credentials must be injected
# separately (see README "Extending").
- "*.amazonaws.com:443"
- "models.inference.ai.azure.com:443"
credentials:
sources:
openai:
env:
- OPENAI_API_KEY
anthropic:
env:
- ANTHROPIC_API_KEY
gemini:
env:
- GEMINI_API_KEY
- GOOGLE_API_KEY
cohere:
env:
- COHERE_API_KEY
groq:
env:
- GROQ_API_KEY
openrouter:
env:
- OPENROUTER_API_KEY
ai21:
env:
- AI21_API_KEY
cloudflare:
env:
- CLOUDFLARE_API_KEY
deepinfra:
env:
- DEEPINFRA_API_KEY
deepseek:
env:
- DEEPSEEK_API_KEY
mistral:
env:
- MISTRAL_API_KEY
perplexity:
env:
- PERPLEXITY_API_KEY
voyageai:
env:
- VOYAGE_API_KEY
xai:
env:
- XAI_API_KEY
jina:
env:
- JINA_API_KEY
ernie:
env:
- ERNIE_API_KEY
hunyuan:
env:
- HUNYUAN_API_KEY
minimax:
env:
- MINIMAX_API_KEY
moonshot:
env:
- MOONSHOT_API_KEY
qianwen:
env:
- DASHSCOPE_API_KEY
zhipuai:
env:
- ZHIPUAI_API_KEY
environment:
variables:
IS_SANDBOX: "1"
COYOTE_LOG_LEVEL: INFO
proxyManaged:
- OPENAI_API_KEY
- ANTHROPIC_API_KEY
- GEMINI_API_KEY
- GOOGLE_API_KEY
- COHERE_API_KEY
- GROQ_API_KEY
- OPENROUTER_API_KEY
- AI21_API_KEY
- CLOUDFLARE_API_KEY
- DEEPINFRA_API_KEY
- DEEPSEEK_API_KEY
- MISTRAL_API_KEY
- PERPLEXITY_API_KEY
- VOYAGE_API_KEY
- XAI_API_KEY
- JINA_API_KEY
- ERNIE_API_KEY
- HUNYUAN_API_KEY
- MINIMAX_API_KEY
- MOONSHOT_API_KEY
- DASHSCOPE_API_KEY
- ZHIPUAI_API_KEY
commands:
install:
- command: |
sudo apt-get update &&
sudo apt-get install -y \
jq curl git \
build-essential pkg-config \
cmake \
clang libclang-dev \
musl-tools \
libssl-dev \
pandoc \
bzip2
user: "1000"
description: Install system prerequisites (including pandoc for fetch_url_via_curl)
- command: "curl -LsSf https://astral.sh/uv/install.sh | sh"
user: "1000"
description: Install uv (required for Python-based custom tools)
- command: |
set -euo pipefail
USQL_VERSION="0.19.20"
ARCH=$(uname -m)
case "$ARCH" in
x86_64) USQL_ARCH=amd64 ;;
aarch64) USQL_ARCH=arm64 ;;
*) echo "Unsupported arch for usql install: $ARCH" >&2; exit 1 ;;
esac
curl -sSL "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o /tmp/usql.tar.bz2
sudo tar -xjf /tmp/usql.tar.bz2 -C /usr/local/bin
sudo chmod +x /usr/local/bin/usql
rm -f /tmp/usql.tar.bz2
user: "1000"
description: Install the usql universal SQL CLI (used by the built-in sql agent and execute_sql_code tool)
- command: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
sh -s -- -y \
--default-toolchain stable \
--profile minimal \
--target x86_64-unknown-linux-musl
. "$HOME/.cargo/env"
cargo install --locked coyote-ai
user: "1000"
description: Install Coyote AI CLI via Rust's Cargo
startup:
- command: ["sh", "-c", "test -f \"$HOME/.config/coyote/config.yaml\" || coyote --info >/dev/null 2>&1 || true"]
user: "1000"
background: false
description: Bootstrap Coyote config directory on first sandbox start
memory: |
## Sandbox environment
You are running inside a Docker sandbox launched via `sbx run coyote`. The
user's project workspace is mounted at its absolute host path and is the
current working directory. `sudo` is passwordless; use it for system
package installs.
Coyote's configuration lives at `~/.config/coyote/` and logs at
`~/.cache/coyote/coyote.log`. Persistence is enabled, so config, sessions,
vault state, OAuth tokens, and installed tools survive sandbox restarts.
LLM provider credentials are forwarded by the sandbox HTTP proxy. The
following provider env vars are recognized - export the ones you use on
the host before running `sbx run coyote`:
OPENAI_API_KEY, ANTHROPIC_API_KEY, GEMINI_API_KEY / GOOGLE_API_KEY,
COHERE_API_KEY, GROQ_API_KEY, OPENROUTER_API_KEY, AI21_API_KEY,
CLOUDFLARE_API_KEY, DEEPINFRA_API_KEY, DEEPSEEK_API_KEY,
MISTRAL_API_KEY, PERPLEXITY_API_KEY, VOYAGE_API_KEY, XAI_API_KEY,
JINA_API_KEY, ERNIE_API_KEY, HUNYUAN_API_KEY, MINIMAX_API_KEY,
MOONSHOT_API_KEY, DASHSCOPE_API_KEY (Qwen), ZHIPUAI_API_KEY
Inside the sandbox these appear as the placeholder string `proxy-managed`;
the proxy substitutes the real value at request time. OAuth flows for
Claude Pro/Max and Gemini are also allow-listed.
Bedrock (AWS) and VertexAI (Google Cloud) use signed/OAuth-token requests
that the proxy cannot rewrite. Their domains are allow-listed but you must
inject credentials yourself via `sbx run --env AWS_ACCESS_KEY_ID=...` or
a mixin kit that mounts a service-account JSON.
Useful first-run commands:
- `coyote --info` # show config paths and resolved settings
- `coyote --list-secrets` # initialise the local vault
- `coyote --authenticate <client>` # OAuth flow (Claude Pro/Max, Gemini)
@@ -0,0 +1,33 @@
schemaVersion: "1"
kind: mixin
name: vault-aws-secrets-manager
description: >
Installs the AWS CLI v2 so the Coyote vault can read secrets from AWS
Secrets Manager inside the sandbox. The AWS Rust SDK does not strictly
require the CLI, but most users authenticate via `aws sso login` or
`aws configure`, which need the CLI to be installed. After install, run
the appropriate auth command in the sandbox; cached credentials persist
for the lifetime of the sandbox.
network:
allowedDomains:
- "awscli.amazonaws.com:443"
- "sts.amazonaws.com:443"
- "*.sts.amazonaws.com:443"
- "*.secretsmanager.amazonaws.com:443"
- "*.amazonaws.com:443"
- "*.awsapps.com:443"
commands:
install:
- command: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y unzip
ARCH=$(uname -m)
curl -sSL "https://awscli.amazonaws.com/awscli-exe-linux-${ARCH}.zip" -o /tmp/awscliv2.zip
unzip -q /tmp/awscliv2.zip -d /tmp
sudo /tmp/aws/install
rm -rf /tmp/awscliv2.zip /tmp/aws
user: "1000"
description: Install AWS CLI v2 from the official installer
@@ -0,0 +1,24 @@
schemaVersion: "1"
kind: mixin
name: vault-azure-key-vault
description: >
Installs the Azure CLI (`az`) so the Coyote vault can read secrets from
Azure Key Vault inside the sandbox. After install, run `az login` in the
sandbox to authenticate; the session token persists for the lifetime of
the sandbox.
network:
allowedDomains:
- "aka.ms:443"
- "packages.microsoft.com:443"
- "azurecliprod.blob.core.windows.net:443"
- "login.microsoftonline.com:443"
- "graph.microsoft.com:443"
- "management.azure.com:443"
- "*.vault.azure.net:443"
commands:
install:
- command: "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
user: "1000"
description: Install Azure CLI via Microsoft's official install script
@@ -0,0 +1,34 @@
schemaVersion: "1"
kind: mixin
name: vault-gcp-secret-manager
description: >
Installs the Google Cloud CLI (`gcloud`) so the Coyote vault can read
secrets from GCP Secret Manager inside the sandbox. The GCP Rust SDK does
not strictly require the CLI, but most users authenticate via
`gcloud auth application-default login`, which needs the CLI to be
installed. After install, run that command in the sandbox; the ADC file
persists for the lifetime of the sandbox.
network:
allowedDomains:
- "packages.cloud.google.com:443"
- "accounts.google.com:443"
- "oauth2.googleapis.com:443"
- "secretmanager.googleapis.com:443"
- "cloudresourcemanager.googleapis.com:443"
- "*.googleapis.com:443"
commands:
install:
- command: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates gnupg
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" \
| sudo tee /etc/apt/sources.list.d/google-cloud-sdk.list >/dev/null
curl -sSL https://packages.cloud.google.com/apt/doc/apt-key.gpg \
| sudo gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg
sudo apt-get update
sudo apt-get install -y google-cloud-cli
user: "1000"
description: Install gcloud CLI from Google's official apt repository
+30
View File
@@ -0,0 +1,30 @@
schemaVersion: "1"
kind: mixin
name: vault-gopass
description: >
Installs `gopass` and `gpg` so the Coyote vault can read secrets from a
gopass store inside the sandbox. The store must be cloned manually
(gopass walks a user-specific git remote, so v1 only allowlists github.com
and gitlab.com; add other hosts via a user mixin if needed). After install,
run `gopass setup` or `gopass clone <remote>` in the sandbox.
network:
allowedDomains:
- "github.com:443"
- "api.github.com:443"
- "objects.githubusercontent.com:443"
- "gitlab.com:443"
commands:
install:
- command: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y gnupg2 git
GOPASS_VERSION="1.15.13"
ARCH=$(dpkg --print-architecture)
curl -sSL "https://github.com/gopasspw/gopass/releases/download/v${GOPASS_VERSION}/gopass_${GOPASS_VERSION}_linux_${ARCH}.deb" -o /tmp/gopass.deb
sudo dpkg -i /tmp/gopass.deb
rm -f /tmp/gopass.deb
user: "1000"
description: Install gnupg2, git, and gopass from the official .deb release
@@ -0,0 +1,31 @@
schemaVersion: "1"
kind: mixin
name: vault-one-password
description: >
Installs the 1Password CLI (`op`) so the Coyote vault can decrypt secrets
inside the sandbox. After install, run `op signin` in the sandbox to
authenticate; credentials persist for the lifetime of the sandbox.
network:
allowedDomains:
- "downloads.1password.com:443"
- "cache.agilebits.com:443"
- "my.1password.com:443"
- "my.1password.eu:443"
- "my.1password.ca:443"
- "events.1password.com:443"
commands:
install:
- command: |
set -euo pipefail
sudo apt-get update
sudo apt-get install -y unzip
OP_VERSION="v2.30.3"
ARCH=$(dpkg --print-architecture)
curl -sSL "https://cache.agilebits.com/dist/1P/op2/pkg/${OP_VERSION}/op_linux_${ARCH}_${OP_VERSION}.zip" -o /tmp/op.zip
sudo unzip -od /usr/local/bin /tmp/op.zip op
sudo chmod +x /usr/local/bin/op
rm -f /tmp/op.zip
user: "1000"
description: Install 1Password CLI from the official archive
+39
View File
@@ -0,0 +1,39 @@
---
description: Detect and remove AI slop from code and prose; produce output indistinguishable from a senior engineer's.
---
You are reviewing or generating content. Apply these standards strictly. The goal is output that reads like it was written by a competent human professional, not an AI.
## Code
**No useless comments.** A comment is useless if it restates the code:
- BAD: `// Increment counter` above `counter += 1`
- BAD: `/// Returns the user's name.` on `fn user_name() -> &str`
- GOOD: Comments that explain a non-obvious WHY: a constraint, an invariant, a workaround for a specific bug, behavior that would surprise a reader.
If removing a comment wouldn't confuse a future reader, the comment shouldn't exist.
**No emojis** unless the user explicitly asked for them.
**No defensive handling for impossible cases.** If a function only receives valid input from internal callers, don't pretend otherwise. Validate at system boundaries (user input, external APIs, file I/O); trust internal code.
**No over-engineering for hypothetical futures.** Three similar lines of code is fine. Premature abstractions are worse than duplication.
**No backwards-compatibility cruft for unreleased code.** If a function isn't called yet, just change it. Don't add `_unused` prefixes, "// removed" comments, or wrapper layers "for migration."
**Names should be honest.** A function called `get_user` should not mutate state. A field called `count` should not be a function. A method that can fail should return `Result`, not panic.
## Prose
**No flattery.** Don't start with "Great question!" or "That's a really good idea!" Just respond.
**No filler.** "It's important to note that" — delete. "Let me explain" — just explain. "I'll go ahead and" — just do it.
**No status updates.** "I'm going to help you with that" — just help.
**Match the user's terseness.** Brief user, brief reply. Detailed user, detailed reply.
**No multi-paragraph docstrings.** One short line max. If the function needs paragraphs to explain, the function is doing too much.
## When in doubt
Ask: "Would a senior engineer write this in a code review or a Slack message?" If not, cut it.
+124
View File
@@ -0,0 +1,124 @@
---
description: Conduct a thorough code review focused on correctness, clarity, tests, and footguns. Grants read-only filesystem access for inspecting code.
enabled_tools: fs_read, fs_grep, fs_glob, fs_cat, fs_ls
---
You are reviewing code. Use the filesystem tools (`fs_read`, `fs_grep`, `fs_glob`, `fs_cat`, `fs_ls`) to inspect files. Apply this checklist in order; stop at the first category where you find substantial issues, since fixing those usually shifts the rest of the review.
## Investigation workflow
Before reviewing, build a mental model of the surrounding code:
- `fs_ls` the directories that contain the changed files.
- `fs_grep` for the symbols being added/modified to see existing callers and tests.
- `fs_read` neighboring files in the same module to understand local conventions.
- `fs_glob` for test files that might cover this area.
A review without context is just a syntax check.
## Reviewing a diff
When you only see a hunk (not the whole file), the default context is sparse — usually 3 lines on either side. You see what changed but rarely the function signature, the caller, or the test. Read deliberately to recover what the diff omits.
### Read around the hunk
The `@@ -120,8 +120,12 @@` header gives you the line numbers in the old (`-`) and new (`+`) file. Read 2040 lines around the hunk to see the enclosing function:
```
fs_read --path "src/auth.rs" --offset 110 --limit 40
```
You're recovering: the function signature, the return type, what unchanged portions do, and whether the hunk's logic fits its enclosing scope.
### Read the callers of anything changed
If a hunk changes a function's body or its signature, grep for the name to find callers and check whether the change ripples:
```
fs_grep --pattern "changed_function" --include "*.rs"
```
Skip the test files in this search; do the test sweep next.
### Read the tests for the change
Even if the diff doesn't touch test files, check whether tests exist for what's changing:
```
fs_grep --pattern "changed_function" --include "*_test.rs"
fs_grep --pattern "changed_function" --include "tests/*"
```
Absence of tests for a changed function is itself a finding ("changes function X but no test references it; regressions won't be caught").
### Diff-shaped issues to watch for
These are review findings that only surface in a diff context, not in a whole-file read:
- **Renames** (`diff --git a/old.rs b/new.rs`) — `fs_grep` for the old path to find imports that need updating but weren't.
- **Signature changes** — verify all callers compile against the new signature. Compiler-checked languages catch some of this; dynamic languages don't.
- **New code path without new tests** — usually a missing test. Flag it.
- **Removed code with tests still present** — the tests probably need updating too.
- **The "dog that didn't bark"** — what's obvious by its ABSENCE? A new field with no migration, a new error path with no test, a public API change with no changelog, a new config option with no documentation. Flag these as missing pieces, not as things to add later.
### Scope discipline
A diff review is a review of THE CHANGE, not the whole file:
- Don't moralize about pre-existing code unless the diff makes it worse.
- Don't suggest refactors outside the scope of the change. ("This whole module could be cleaner" is not actionable feedback on a 5-line patch.)
- If you spot unrelated bugs while reading context, mention them briefly but separately: prefix with `Pre-existing, out of scope:` so the author knows which findings block their merge and which are FYI.
- The author's job is to ship THIS change. Your job is to catch what's wrong with THIS change.
## 1. Correctness
- Does the change actually do what it claims? Does it solve the stated problem?
- Edge cases: empty inputs, max sizes, concurrent access, error paths, partial failures.
- Off-by-one errors, type confusion, null/None handling, integer overflow.
- Race conditions and ordering assumptions across threads, async tasks, or distributed components.
- Resource cleanup: file handles, locks, network connections, transactions.
## 2. Tests
- Do the tests test BEHAVIOR, not implementation? (Tests of `private_helper()` are usually a smell.)
- Will they fail when the code regresses? Or are they tautological (e.g., `assert!(x.is_empty() || !x.is_empty())`)?
- Do they cover the unhappy paths, not just the happy ones?
- Is there a missing test for the specific bug or feature being added? `fs_grep` for the function name in test files to check.
## 3. Clarity
- Are names accurate? `get_user` that mutates is a lie; rename or split.
- Could a competent reader understand this without comments?
- Is there a simpler way to express the same logic?
- Is the function doing one thing, or several things glued together?
## 4. Coupling
- Does this change increase coupling between modules unnecessarily?
- Is the new code reaching into internals it shouldn't (private fields exposed, deep import paths)?
- Could the change be expressed as a smaller diff that doesn't ripple through unrelated files?
## 5. Footguns
- Could a future maintainer easily misuse this API?
- Are invariants enforced by types, or just by convention?
- Are error types specific enough to be actionable?
- Is there a documented or implicit ordering requirement that's easy to break?
## What to flag
- Correctness bugs.
- Missing error handling at trust boundaries.
- Race conditions.
- Tests that won't catch regressions.
- Security issues (injection, auth, exposed secrets).
## What to let go
- Style differences that aren't in the codebase's existing conventions.
- "I would have done it differently" preferences.
- Comments and naming choices that match existing patterns in the same file.
- Micro-optimizations in code that isn't on a hot path.
## Tone
Direct, specific, focused on the code. No flattery, no padding. If something is wrong, say so plainly with the file path and line reference and the reason. If something is good and non-obvious, briefly call it out so the author knows it's intentional.
@@ -0,0 +1,69 @@
---
description: Structured 6-section delegation template and session-continuity rules for orchestrating sub-agents. Load before spawning any agent.
---
You are delegating work to a sub-agent. The sub-agent has not seen the codebase or the conversation — your prompt IS its entire context. Treat delegation as writing a contract: explicit, scoped, and verifiable.
## The 6-section template (every delegation)
Every `agent__spawn` prompt MUST include all six sections. Vague prompts produce vague results and waste tokens on re-exploration the orchestrator already did.
```
## TASK
[One atomic goal. One verb. One outcome. No "and also".]
## EXPECTED OUTCOME
[Concrete deliverables and success criteria. "I will know this is done when ..."]
## REQUIRED TOOLS
[Explicit allowlist: fs_read, fs_grep, etc. Prevents tool sprawl.]
## MUST DO
[Exhaustive requirements. Leave nothing implicit. If you'd be annoyed by the agent not doing X, list X.]
## MUST NOT DO
[Forbidden actions. Anticipate rogue behavior. "Do not modify files outside src/auth/."]
## CONTEXT
[File paths, code snippets, existing patterns, constraints. Paste actual code lines from prior exploration — not just file paths.]
```
## Session continuity (NON-NEGOTIABLE)
Every `agent__spawn` result includes a session_id. **Use it.**
- Task failed/incomplete → resume with `session_id` + a tight "Fix: <error>" prompt.
- Follow-up on a result → resume with `session_id` + "Also: <question>".
- Multi-turn with the same agent → always resume. Never start fresh.
Starting a fresh agent for a follow-up forces it to re-read every file it already read. That's 70%+ wasted tokens, plus the agent loses the reasoning it built up.
After every delegation, **store the session_id** for potential continuation.
## Skill nudges to delegates
Sub-agents have their own skills. Nudge them in the CONTEXT section:
> "Load `code-review` before evaluating the diff."
> "Load `frontend-ui-ux` before editing component files."
> "Load `git-master` before touching history."
A one-line nudge saves the delegate a `skill__list` turn.
## Verification after delegation
A delegation is NOT complete when the sub-agent returns. It is complete when YOU have verified:
1. Did it work as expected? (Did the file change? Did the test pass?)
2. Did it follow existing codebase patterns?
3. Did the EXPECTED OUTCOME actually materialize?
4. Did it respect MUST DO and MUST NOT DO?
If any answer is no → resume the session with a corrective prompt. Do not re-spawn from scratch.
## Anti-patterns
- "Follow existing patterns" with no snippet → agent guesses, often wrong
- Multi-goal prompts → agent does the easy one, skips the rest
- Missing MUST NOT DO → agent over-reaches into unrelated files
- Discarding session_id on failure → forced re-exploration, wasted tokens
- Re-spawning instead of resuming for a 1-line fix → 10x cost
+67
View File
@@ -0,0 +1,67 @@
---
description: Designer-turned-developer who crafts stunning UI/UX even without design mockups. Grants filesystem read/write access for editing component files.
enabled_tools: fs_read, fs_write, fs_patch, fs_grep, fs_glob, fs_cat, fs_ls, fs_mkdir
---
You are doing frontend work. Use the filesystem tools to read, write, and patch component files. Treat UI/UX as a discipline, not a polish step at the end.
## Investigate before editing
Before changing a component:
- `fs_ls` the component's directory to see siblings and tests.
- `fs_read` the component itself.
- `fs_grep` for the component's usages across the codebase — your edits affect every caller.
- `fs_grep` for the project's design tokens, theme variables, or styling primitives (e.g., `--color-`, `theme.spacing`, `tw-`).
- Read existing similar components to match conventions.
## Visual hierarchy
Every screen has a focal point. Identify it before laying out anything else:
- One primary action per view. Make it visually dominant.
- Secondary actions are present but visibly subordinate.
- Tertiary actions can be tucked into menus or hidden behind affordances.
## Spacing and rhythm
- Use the project's existing spacing scale (4px, 8px, custom — match what's already there). Don't introduce one-off values.
- Larger spacing = stronger grouping break. Inside a card, tight; between cards, looser.
- White space is not wasted space. It's the difference between "professional" and "cramped."
## Typography
- Two or three sizes per view, max. More than that is noise.
- Line-height: 1.4-1.6 for body, tighter for headlines.
- Don't center long paragraphs. Left-align (or right-align for RTL).
## Color
- Use the project's existing palette. If you need a color that isn't there, you're probably overdesigning.
- Contrast matters: aim for WCAG AA at minimum (4.5:1 for body text, 3:1 for large text).
- Don't use color as the sole signal — pair with icons, labels, or shape changes for accessibility.
## Component conventions
When adding a new component:
- Match the existing structure: where do props go, where do styles go, where do tests go?
- `fs_read` two or three similar components first to internalize the patterns.
- If the codebase uses CSS modules / styled-components / Tailwind / Vanilla Extract — use the same. Don't introduce a new system.
- Co-locate tests and stories with the component, matching the existing convention.
## Forms
- Label every input. Placeholder text is not a label.
- Show validation errors near the field, not in a banner at the top.
- Validate on blur, not on every keystroke. Show success states only after the user has interacted.
- Required fields: mark visually AND in the input's accessibility attributes.
## Loading and empty states
- Empty states are an opportunity, not a fallback. Tell the user what they can do, not "no data."
- Loading: show structure (skeletons) when you know what's coming. Spinners are for indeterminate waits.
- Errors: explain WHAT failed and what the user can do about it. "Something went wrong" is useless.
## When unsure
Ship the boring version. A well-executed boring design beats an under-executed clever one every time.
+58
View File
@@ -0,0 +1,58 @@
---
description: Methodology for atomic commits, rebase surgery, and clean git history. Grants shell access for running git commands.
enabled_tools: execute_command
---
You are operating on a git repository. Apply these conventions strictly. Use the `execute_command` tool to run git commands.
## Atomic commits
Each commit represents one logical change. If the commit message needs the word "and," the change is too large; split it. Mixed concerns in one commit are nearly impossible to revert cleanly later.
## Commit messages
- Subject line: imperative mood, ≤50 characters, no trailing period.
- Blank line.
- Body: explain WHY, not WHAT. The diff shows what changed.
- Reference issues by URL or canonical ID, not by free-form description.
## Rebase, don't merge
- `git rebase -i origin/main` before opening a PR.
- Squash WIP commits and fixups; keep only meaningful commits in the final history.
- Never rebase a branch others may have based work on. If unsure, ask.
## Conflict resolution
- Read both sides carefully before resolving. Don't reflexively take "ours" or "theirs."
- After resolving, run tests before continuing the rebase.
- For non-trivial conflicts, document the resolution choice in the resulting commit body.
## Investigation workflow
Use `execute_command` to run these inspection commands when chasing down history:
- `git log -p <file>` — see how a file evolved over time.
- `git log -S '<string>'` (pickaxe) — find when a string was added or removed.
- `git log --all --grep '<pattern>'` — search commit messages.
- `git blame -L <start>,<end> <file>` — current authorship for a line range.
- `git diff <ref1>..<ref2> -- <path>` — narrow diffs to specific paths.
- `git bisect start && git bisect bad && git bisect good <ref>` — narrow down regressions.
## Safety checklist before destructive operations
Before running anything that rewrites history or deletes refs:
- `git status` — confirm clean working tree.
- `git branch --show-current` — confirm which branch you're on.
- `git log -3 --oneline` — confirm what's about to be moved.
## What to never do
- Force-push to shared branches (`main`, release branches, anything teammates pull from).
- `git reset --hard` without confirming current branch and verifying the reflog can recover.
- `git push --no-verify` to skip hooks — fix the underlying issue instead.
- Commit secrets, even temporarily. Once pushed, treat as compromised; rotate.
## When unsure, read state first
Before guessing at a fix, run `git status`, `git log -5 --oneline`, and `git diff` (or `git diff --staged`) to see the actual state. Don't operate on assumptions.
+81
View File
@@ -0,0 +1,81 @@
---
description: Discipline for when and how to consult Oracle - blocking by design, never deliver an answer with Oracle pending, never bypass Oracle for design questions.
---
Oracle is your read-only, high-IQ advisor. Using it correctly is the difference between shipping the right thing slowly and shipping the wrong thing fast.
## When you MUST consult Oracle
Spawn `oracle` (do NOT answer yourself) any time the user asks:
- "How should I..." / "What's the best way to..." — design/approach questions
- "Why does X keep..." / "What's wrong with..." — complex debugging (not simple errors)
- "Should I use X or Y?" — technology or pattern choices
- "How should this be structured?" — architecture and organization
- "Review this" / "What do you think of..." — code/design review
- Tradeoff questions — performance vs readability, complexity vs flexibility
- Multi-component questions — anything spanning 3+ files or modules
- Vague/open-ended — "improve this", "make this better", "clean this up"
- After 2+ failed fix attempts on the same problem — complex debugging
Even if you think you know the answer, Oracle provides deeper, more thorough analysis. The only exception is truly trivial questions about a single file you've already read.
## Oracle is BLOCKING by design
The orchestrator (you) has paused work and CANNOT proceed until Oracle returns. This is intentional. The cost of Oracle's latency is paid so YOU get a thorough, considered answer rather than rushing in a wrong direction.
Therefore:
- **Do NOT implement before Oracle returns** if your implementation depends on Oracle's recommendation.
- **Do NOT deliver the final user-facing answer** while Oracle is still running.
- **Do NOT "time out and continue anyway"** for Oracle-dependent tasks.
- While waiting, do only NON-OVERLAPPING prep work (work that doesn't depend on Oracle's verdict).
## How to consult Oracle effectively
Oracle has not seen the codebase or the conversation. Give it enough context to think:
```
## Question
[The decision you need help with, stated as a question]
## Background
[Why this question matters now. What constraint or trigger raised it.]
## Code context
[Paste the actual snippets from prior exploration — file paths alone are not enough]
- From `path/to/file.ext`:
<relevant 5-20 lines>
## What you've considered
[Options you've already weighed and their tradeoffs as you see them]
## What I'd love Oracle to evaluate
[Specific aspects: correctness, performance, security, future flexibility, etc.]
```
A well-scoped Oracle consult returns a tighter answer faster.
## After Oracle returns
1. Read the recommendation, reasoning, and risks sections carefully.
2. If the recommendation conflicts with your prior plan, update the plan — do not silently ignore Oracle.
3. Pass Oracle's recommendation (and reasoning) to the implementer (e.g., coder) as CONTEXT in your delegation.
4. If you disagree with Oracle's verdict, raise it with the user before implementing the alternative — don't act unilaterally against Oracle's advice.
## When NOT to consult Oracle
- Simple file operations you can do with direct tools
- First attempt at any fix (try yourself first; consult after 2 failures)
- Questions answerable from code you've already read
- Trivial decisions (variable names in small functions, formatting)
- Things you can infer from existing code patterns
Over-consultation wastes Oracle's budget and slows the work. Reserve Oracle for genuinely hard or load-bearing decisions.
## Anti-patterns (BLOCKING)
- Answering an architecture question yourself "just this once"
- Delivering a user-facing answer while Oracle is still running
- Implementing the obvious approach without consulting Oracle on a tradeoff question
- Ignoring Oracle's recommendation because it's inconvenient
- Polling `agent__collect` on a running Oracle (end your response, wait for notification)
+70
View File
@@ -0,0 +1,70 @@
---
description: Fan-out exploration protocol — fire multiple research agents in parallel, wait for completion notifications, and never duplicate delegated work.
---
You are entering a research phase. Exploration is parallelizable; serial reads leave throughput on the table.
## Fan out, don't read serially
For any non-trivial codebase question, fire 2-5 `explore` agents in parallel, each scoped to a different angle:
- Auth implementation? → one for routes, one for middleware, one for token handling, one for error response shape.
- Bug investigation? → one for the failing path, one for similar working paths, one for recent changes near the area.
Each agent gets a NARROW slice. Narrow scope = fast, focused result. Broad scope = the agent over-reads and returns a wall of text.
## The wait protocol
After spawning background agents:
1. If you have **non-overlapping** work to do (work that doesn't depend on the delegated research), do it now.
2. If you don't, **end your response.** Do not call `agent__collect` immediately — the agent is still running.
3. The system notifies you when the agent completes (`pending_escalations` or completion event).
4. On notification, call `agent__collect` to retrieve results.
Polling `agent__collect` on a still-running agent blocks your turn for nothing.
## Anti-duplication rule (BLOCKING)
Once you delegate a search to an `explore` agent, **do not perform that same search yourself.**
Forbidden:
- After firing `explore` for "auth middleware", running `fs_grep` for "auth middleware" yourself
- "Just quickly checking" the same files the delegate is checking
- Re-doing the research while waiting impatiently
Allowed:
- Non-overlapping work in a different module
- Preparation work that doesn't depend on the delegated result
- Ending your response and waiting
Duplicate searches waste tokens, may contradict the delegate, and defeat the point of parallelism.
## Stop conditions
Stop searching when:
- The same information appears across multiple sources
- Two search iterations yield no new useful data
- A direct answer was found
- You have enough context to proceed confidently
Over-exploration is as bad as under-exploration. Time spent searching is time not spent shipping.
## Parallel + sequential composition
It is fine to fire `explore` and then `oracle` when oracle needs the explore results — just sequence them:
1. Fire explore(s) in parallel.
2. End response, wait for completion.
3. Synthesize findings, fire `oracle` with those findings as CONTEXT.
4. End response, wait for oracle.
5. Act on oracle's recommendation.
Don't fire oracle blind to "save a turn" — it will give worse advice.
## Anti-patterns
- One huge "explore everything about X" agent → slow, unfocused result
- Serial explores ("wait for first, then fire next") → unnecessary latency
- Firing 8+ parallel agents → diminishing returns, harder to synthesize
- Calling `agent__collect` immediately after spawn → wastes a turn
+66
View File
@@ -0,0 +1,66 @@
---
description: Evidence requirements before claiming completion — diagnostics, build exit code, tests. No completion without proof. Grants shell access for running build/test commands.
enabled_tools: execute_command
---
You are about to mark work complete. Before claiming "done," produce evidence. "I'm fairly confident it works" is not evidence.
## Hard gates
A task is NOT complete until:
| Change kind | Required evidence |
|---|---|
| File edit | Read the file to confirm the change landed; output is clean (or only pre-existing issues, explicitly noted) |
| Build command exists | `execute_command` the build; exit code 0 |
| Test command exists | `execute_command` the tests; pass (or explicit note of pre-existing failures unrelated to this change) |
| Delegation | The delegate's result was received AND verified against your acceptance criteria |
**No evidence = not complete.** Marking a todo done without evidence is dishonest reporting.
## The verification loop
After every meaningful edit:
1. Read the changed file region (confirm the change actually landed where intended).
2. If there's a project-level lint/typecheck command, run it on the touched files.
3. Run the project's build/check command if one exists.
4. Run the project's test command if one exists.
5. Only then mark the corresponding todo `completed`.
If any step fails: do not mark complete. Fix the issue or surface it explicitly.
## Build/test detection (fallback)
If no build/test command is configured, try standard ones for the project:
- Rust: `cargo check`, `cargo test`
- Node/TS: `npm run build`, `npm test`, or `pnpm` / `yarn` equivalents
- Python: `pytest`, `python -m mypy <pkg>`, `ruff check`
- Go: `go build ./...`, `go test ./...`
Run from the project root. Capture exit codes.
## Distinguishing your failures from pre-existing failures
If build or tests fail, identify the cause:
- Caused by your change? → fix it before reporting complete.
- Pre-existing (unrelated)? → note it explicitly: "Done. Build passes. Note: 3 lint errors pre-existing in unrelated files, not touched."
Never silently leave broken state behind. Never delete a failing test to make CI green.
## Anti-patterns (BLOCKING)
- "It should work" without running anything
- Marking a todo complete based on intent, not verified outcome
- Suppressing errors with `@ts-ignore`, `as any`, `#[allow(...)]` on unfamiliar lints, empty catch blocks
- Deleting failing tests to "pass"
- Reporting "all green" when you only ran a subset
## Reporting completion
When the work is verifiably done, report in one sentence:
> "Done. Build passes, 47 tests pass. Modified `auth.rs:42-58` to add JWT validation."
Not a paragraph. Not a victory lap. Specific, terse, evidence-backed.
+19 -7
View File
@@ -1,5 +1,5 @@
# Agent-specific configuration
# Location `<loki-config-dir>/agents/<agent-name>/config.yaml`
# Location `<coyote-config-dir>/agents/<agent-name>/config.yaml`
#
# Available Environment Variables:
# - <agent-name>_MODEL
@@ -21,14 +21,14 @@ version: 1 # Version of the agent
# The auto-continue system provides built-in task tracking for improved reliability.
# When enabled, the model can create todo lists and the system will automatically
# prompt it to continue when incomplete tasks remain.
# See the [Todo System documentation](https://github.com/Dark-Alex-17/loki/wiki/TODO-System) for more information
# See the [Todo System documentation](https://github.com/Dark-Alex-17/coyote/wiki/TODO-System) for more information
auto_continue: false # Enable automatic continuation when incomplete todos remain
max_auto_continues: 10 # Maximum number of automatic continuations before stopping
inject_todo_instructions: true # Inject the default todo tool usage instructions into the agent's system prompt
continuation_prompt: null # Custom prompt used when auto-continuing (optional; uses default if null)
# Sub-Agent Spawning System
# Enable this agent to spawn and manage child agents in parallel.
# See https://github.com/Dark-Alex-17/loki/wiki/Agents for detailed documentation.
# See https://github.com/Dark-Alex-17/coyote/wiki/Agents for detailed documentation.
can_spawn_agents: false # Enable the agent to spawn child agents
max_concurrent_agents: 4 # Maximum number of agents that can run simultaneously
max_agent_depth: 3 # Maximum nesting depth for sub-agents (prevents runaway spawning)
@@ -37,11 +37,23 @@ summarization_model: null # Model to use for summarizing sub-agent output
summarization_threshold: 4000 # Character threshold above which sub-agent output is summarized before returning to parent
escalation_timeout: 300 # Seconds a sub-agent waits for a user interaction response before timing out (default: 5 minutes)
mcp_servers: # Optional list of MCP servers that the agent utilizes
- github # Corresponds to the name of an MCP server in the `<loki-config-dir>/functions/mcp.json` file
- github # Corresponds to the name of an MCP server in the `<coyote-config-dir>/functions/mcp.json` file
global_tools: # Optional list of additional global tools to enable for the agent; i.e. not tools specific to the agent
- web_search
- fs
- python
skills_enabled: true # Master switch for skills in this agent (default: inherit from global).
# Skills also require `function_calling_support: true` in the global config.
enabled_skills: # Optional list of skills available when this agent runs.
# Must be a subset of global `visible_skills`. Omit to inherit the global default.
- git-master
- ai-slop-remover
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled
# (default: true). Suppressed automatically when no skills are available.
skill_instructions: null # Custom text for the skill hint (optional; uses built-in default if null)
memory: null # Per-agent memory override (default: inherit). Set to `false` to disable memory
# for this agent regardless of workspace/global presence. See the Memory wiki page.
dynamic_instructions: false # Whether to use dynamic instructions for the agent; if false, static instructions are used
instructions: | # Static instructions for the agent; ignored if dynamic instructions are used
You are a AI agent designed to demonstrate agent capabilities.
@@ -80,10 +92,10 @@ conversation_starters: # Optional conversation starters for the agent
- What is the best way to exercise?
- How do I manage my time effectively?
documents: # Optional documents to load for the agent
- git:/some/repo # Explicitly tell Loki to use the 'git' document loader using an absolute path
- pdf:some-pdf-file.pdf # Explicitly tell Loki to use the 'pdf' document loader using a relative path
- git:/some/repo # Explicitly tell Coyote to use the 'git' document loader using an absolute path
- pdf:some-pdf-file.pdf # Explicitly tell Coyote to use the 'pdf' document loader using a relative path
- https://some-website.com/some-page
- some-file.pdf # File with relative path to the <loki-config-dir>/agents/<agent-name> directory; i.e. file in the same directory as this config file
- some-file.pdf # File with relative path to the <coyote-config-dir>/agents/<agent-name> directory; i.e. file in the same directory as this config file
- ~/some-file.txt # File in the user's home directory
- /absolute/path/to/some-file.md # File with absolute path
- /absolute/path/**/NAME.txt # Find all NAME.txt files in the specified directory and all its subdirectories
+138 -48
View File
@@ -18,31 +18,78 @@ agent_session: null # Set a session to use when starting an agent (
# ---- Appearance ----
highlight: true # Controls syntax highlighting
light_theme: false # Activates a light color theme when true. env: LOKI_LIGHT_THEME
light_theme: false # Activates a light color theme when true. env: COYOTE_LIGHT_THEME
# ---- Miscellaneous ----
user_agent: null # Set User-Agent HTTP header, use `auto` for loki/<current-version>
user_agent: null # Set User-Agent HTTP header, use `auto` for coyote/<current-version>
save_shell_history: true # Whether to save shell execution command to the history file
sync_models_url: > # URL to sync model changes from
https://raw.githubusercontent.com/Dark-Alex-17/loki/refs/heads/main/models.yaml
https://raw.githubusercontent.com/Dark-Alex-17/coyote/refs/heads/main/models.yaml
# ---- REPL Prompt ----
# Custom REPL left/right prompts; see the [REPL Prompt Documentation](https://github.com/Dark-Alex-17/loki/wiki/REPL-Prompt) for more information
# Custom REPL left/right prompts; see the [REPL Prompt Documentation](https://github.com/Dark-Alex-17/coyote/wiki/REPL-Prompt) for more information
left_prompt:
'{color.red}{model}){color.green}{?session {?agent {agent}>}{session}{?role /}}{!session {?agent {agent}>}}{role}{?rag @{rag}}{color.cyan}{?session )}{!session >}{color.reset} '
right_prompt:
'{color.purple}{?session {?consume_tokens {consume_tokens}({consume_percent}%)}{!consume_tokens {consume_tokens}}}{color.reset}'
# ---- Vault ----
# See the [Vault documentation](https://github.com/Dark-Alex-17/loki/wiki/Vault) for more information on the Loki vault
vault_password_file: null # Path to a file containing the password for the Loki vault (cannot be a secret template)
# See the [Vault documentation](https://github.com/Dark-Alex-17/coyote/wiki/Vault) for more information on the Coyote vault.
#
# The secrets_provider tells Coyote where to read and write secrets referenced via {{SECRET_NAME}} syntax.
#
# Shorthand: set vault_password_file to enable the local provider with that password file.
vault_password_file: null # Path to a file containing the password for the Coyote vault (cannot be a secret template)
#
# Explicit: set secrets_provider to one of the supported types below. When secrets_provider is set,
# vault_password_file is ignored. Note: secrets_provider itself cannot use {{SECRET}} template syntax.
# The vault must be initialized before any secrets can be resolved.
#
# Local (same as the shorthand above):
# secrets_provider:
# type: local
# password_file: ~/.coyote_password
#
# AWS Secrets Manager (requires an authenticated AWS CLI; see `aws sso login` or `aws configure`):
# secrets_provider:
# type: aws_secrets_manager
# aws_profile: default
# aws_region: us-east-1
#
# GCP Secret Manager (requires `gcloud auth application-default login`):
# secrets_provider:
# type: gcp_secret_manager
# gcp_project_id: my-project-id
#
# Azure Key Vault (requires `az login`):
# secrets_provider:
# type: azure_key_vault
# vault_name: my-vault-name
#
# gopass (requires the `gopass` CLI to be installed and initialized):
# secrets_provider:
# type: gopass
# store: my-store # Optional; omit to use the default store
#
# 1Password (requires the `op` CLI to be installed and signed in via `op signin`):
# secrets_provider:
# type: one_password
# vault: Production # Optional; omit to use the default vault
# account: my.1password.com # Optional; omit to use the default account
# ---- Function Calling ----
# See the [Tools documentation](https://github.com/Dark-Alex-17/loki/wiki/Tools) for more details
function_calling: true # Enables or disables function calling (Globally).
# See the [Tools documentation](https://github.com/Dark-Alex-17/coyote/wiki/Tools) for more details
function_calling_support: true # Enables or disables function calling (Globally).
mapping_tools: # Alias for a tool or toolset
fs: 'fs_cat,fs_ls,fs_mkdir,fs_rm,fs_write,fs_read,fs_glob,fs_grep'
enabled_tools: null # Which tools to enable by default. (e.g. 'fs,web_search_loki')
enabled_tools: null # Which tools to enable by default.
# Accepts either a YAML list or a comma-separated string. Use 'all' to enable everything.
# Example (list form):
# enabled_tools:
# - fs
# - web_search_coyote
# Example (comma-separated form):
# enabled_tools: fs,web_search_coyote
visible_tools: # Which tools are visible to be compiled (and are thus able to be defined in 'enabled_tools')
# - demo_py.py
# - demo_sh.sh
@@ -69,29 +116,59 @@ visible_tools: # Which tools are visible to be compiled (and a
# - search_wolframalpha.sh
# - send_mail.sh
# - send_twilio.sh
# - web_search_loki.sh
# - web_search_coyote.sh
# - web_search_perplexity.sh
# - web_search_tavily.sh
# ---- MCP Servers ----
# See the [MCP Servers documentation](https://github.com/Dark-Alex-17/loki/wiki/MCP-Servers) for more details
# See the [MCP Servers documentation](https://github.com/Dark-Alex-17/coyote/wiki/MCP-Servers) for more details
mcp_server_support: true # Enables or disables MCP servers (globally).
mapping_mcp_servers: # Alias for an MCP server or set of servers
git: github,gitmcp
enabled_mcp_servers: null # Which MCP servers to enable by default (e.g. 'github,slack,ddg-search')
enabled_mcp_servers: null # Which MCP servers to enable by default.
# Accepts either a YAML list or a comma-separated string. Use 'all' to enable everything.
# Example (list form):
# enabled_mcp_servers:
# - github
# - slack
# Example (comma-separated form):
# enabled_mcp_servers: github,slack,ddg-search
# ---- Skills ----
# Skills are modular knowledge or capability packs the LLM can load and unload mid-conversation.
# See the [Skills documentation](https://github.com/Dark-Alex-17/coyote/wiki/Skills) for more details.
skills_enabled: true # Master switch. Set to false to hide all skill management tools from the model.
# Skills also require `function_calling_support: true` above to work at all.
visible_skills: # The universe of skills allowed to be enabled in any context. Omit (null) for "all installed".
- ai-slop-remover
- code-review
- frontend-ui-ux
- git-master
enabled_skills: null # Which skills are available by default (no role/agent/session active). null = all visible.
# Accepts either a YAML list or a comma-separated string.
# Example (list form):
# enabled_skills:
# - git-master
# - ai-slop-remover
# Example (comma-separated form):
# enabled_skills: git-master,ai-slop-remover
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled in
# this context. Only injected if `function_calling_support`, `skills_enabled`, and the
# effective enabled skill set is non-empty (default: true).
skill_instructions: null # Custom text used for the skill hint when injected. If null, uses built-in default.
# ---- Auto-Continue (Todo System) ----
# The auto-continue system provides built-in task tracking for improved reliability.
# When enabled, the model can create todo lists and the system will automatically
# prompt it to continue when incomplete tasks remain.
# See the [Todo System documentation](https://github.com/Dark-Alex-17/loki/wiki/TODO-System) for more information
# See the [Todo System documentation](https://github.com/Dark-Alex-17/coyote/wiki/TODO-System) for more information
auto_continue: false # Enable automatic continuation when incomplete todos remain (default: false)
max_auto_continues: 10 # Maximum number of automatic continuations before stopping (default: 10)
inject_todo_instructions: true # Inject default todo usage instructions into the system prompt (default: true)
continuation_prompt: null # Custom prompt used when auto-continuing. If null, uses built-in default
# ---- Session ----
# See the [Session documentation](https://github.com/Dark-Alex-17/loki/wiki/Sessions) for more information
# See the [Session documentation](https://github.com/Dark-Alex-17/coyote/wiki/Sessions) for more information
save_session: null # Controls the persistence of the session. If true, auto save; if false, don't auto-save save; if null, ask the user what to do
compression_threshold: 4000 # Compress the session when the token count reaches or exceeds this threshold
summarization_prompt: > # The text prompt used for creating a concise summary of session message
@@ -99,10 +176,23 @@ summarization_prompt: > # The text prompt used for creating a concise s
summary_context_prompt: > # The text prompt used for including the summary of the entire session as context to the model
'This is a summary of the chat history as a recap: '
# ---- Memory ----
# See the [Memory documentation](https://github.com/Dark-Alex-17/coyote/wiki/Memory) for more information.
# Memory is opt-in by workspace presence (a `COYOTE.md` or `.coyote/memory/MEMORY.md`)
# and global presence (`<config_dir>/memory/MEMORY.md`). Set `memory: false` to disable
# even when memory files exist. The cascade is: agent > session > role > app.
# Bootstrap with `coyote --init-memory [global|workspace]` to create the marker file
# the LLM needs before it will write any memory.
memory: null # null = enabled when memory exists on disk; true = force on; false = force off
memory_cap_with_tools: null # Char cap for injected memory when function calling is available (default: 6000).
# Only MEMORY.md indexes are injected; the LLM uses memory__read to fetch drill files.
memory_cap_without_tools: null # Char cap when function calling is unavailable (default: 12000).
# Indexes plus drill file bodies are injected up to this cap.
# ---- RAG ----
# See the [RAG Docs](https://github.com/Dark-Alex-17/loki/wiki/RAG) for more details.
# See the [RAG Docs](https://github.com/Dark-Alex-17/coyote/wiki/RAG) for more details.
rag_embedding_model: null # Specifies the embedding model used for context retrieval
rag_reranker_model: null # Specifies the reranker model used for sorting retrieved documents; Loki uses Reciprocal Rank Fusion by default
rag_reranker_model: null # Specifies the reranker model used for sorting retrieved documents; Coyote uses Reciprocal Rank Fusion by default
rag_top_k: 5 # Specifies the number of documents to retrieve for answering queries
rag_chunk_size: null # Defines the size of chunks for document processing in characters
rag_chunk_overlap: null # Defines the overlap between chunks
@@ -141,12 +231,12 @@ document_loaders:
docx: 'pandoc --to plain $1' # Use pandoc to convert a .docx file to text
# (see https://pandoc.org for details on how to install pandoc)
jina: 'curl -fsSL https://r.jina.ai/$1 -H "Authorization: Bearer {{JINA_API_KEY}}' # Use Jina to translate a website into text;
# Requires a Jina API key to be added to the Loki vault
# Requires a Jina API key to be added to the Coyote vault
git: > # Use yek to load a git repository into the knowledgebase (https://github.com/bodo-run/yek)
sh -c "yek $1 --json | jq 'map({ path: .filename, contents: .content })'"
# ---- Clients ----
# See the [Clients documentation](https://github.com/Dark-Alex-17/loki/wiki/Clients) for more details
# See the [Clients documentation](https://github.com/Dark-Alex-17/coyote/wiki/Clients) for more details
clients:
# All clients have the following configuration:
# - type: xxxx
@@ -177,14 +267,14 @@ clients:
# See https://platform.openai.com/docs/quickstart
- type: openai
api_base: https://api.openai.com/v1 # Optional
api_key: '{{OPENAI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{OPENAI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
organization_id: org-xxx # Optional
# For any platform compatible with OpenAI's API
- type: openai-compatible
name: ollama
api_base: http://localhost:11434/v1
api_key: '{{OLLAMA_API_KEY}}' # Optional; You can either hard-code or inject secrets from the Loki vault
api_key: '{{OLLAMA_API_KEY}}' # Optional; You can either hard-code or inject secrets from the Coyote vault
models:
- name: deepseek-r1
max_input_tokens: 131072
@@ -202,9 +292,9 @@ clients:
# See https://ai.google.dev/docs
- type: gemini
api_base: https://generativelanguage.googleapis.com/v1beta
api_key: '{{GEMINI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
auth: null # When set to 'oauth', Loki will use OAuth instead of an API key
# Authenticate with `loki --authenticate` or `.authenticate` in the REPL
api_key: '{{GEMINI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
auth: null # When set to 'oauth', Coyote will use OAuth instead of an API key
# Authenticate with `coyote --authenticate` or `.authenticate` in the REPL
patch:
chat_completions:
'.*':
@@ -222,49 +312,49 @@ clients:
# See https://docs.anthropic.com/claude/reference/getting-started-with-the-api
- type: claude
api_base: https://api.anthropic.com/v1 # Optional
api_key: '{{ANTHROPIC_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
auth: null # When set to 'oauth', Loki will use OAuth instead of an API key
# Authenticate with `loki --authenticate` or `.authenticate` in the REPL
api_key: '{{ANTHROPIC_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
auth: null # When set to 'oauth', Coyote will use OAuth instead of an API key
# Authenticate with `coyote --authenticate` or `.authenticate` in the REPL
# See https://docs.mistral.ai/
- type: openai-compatible
name: mistral
api_base: https://api.mistral.ai/v1
api_key: '{{MISTRAL_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{MISTRAL_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://docs.x.ai/docs
- type: openai-compatible
name: xai
api_base: https://api.x.ai/v1
api_key: '{{XAI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{XAI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://docs.ai21.com/docs/overview
- type: openai-compatible
name: ai12
api_base: https://api.ai21.com/studio/v1
api_key: '{{AI21_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{AI21_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://docs.cohere.com/docs/the-cohere-platform
- type: cohere
api_base: https://api.cohere.ai/v2 # Optional
api_key: '{{COHERE_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{COHERE_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://docs.perplexity.ai/getting-started/overview
- type: openai-compatible
name: perplexity
api_base: https://api.perplexity.ai
api_key: '{{PERPLEXITY_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{PERPLEXITY_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://console.groq.com/docs/quickstart
- type: openai-compatible
name: groq
api_base: https://api.groq.com/openai/v1
api_key: '{{GROQ_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{GROQ_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://learn.microsoft.com/en-us/azure/ai-services/openai/chatgpt-quickstart
- type: azure-openai
api_base: https://{RESOURCE}.openai.azure.com
api_key: '{{AZURE_OPENAI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{AZURE_OPENAI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
models:
- name: gpt-4o # Model deployment name
max_input_tokens: 128000
@@ -295,8 +385,8 @@ clients:
# See https://docs.aws.amazon.com/bedrock/latest/userguide/
- type: bedrock
access_key_id: '{{AWS_ACCESS_KEY_ID}}' # You can either hard-code or inject secrets from the Loki vault
secret_access_key: '{{AWS_SECRET_ACCESS_KEY}}' # You can either hard-code or inject secrets from the Loki vault
access_key_id: '{{AWS_ACCESS_KEY_ID}}' # You can either hard-code or inject secrets from the Coyote vault
secret_access_key: '{{AWS_SECRET_ACCESS_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
region: xxx
session_token: xxx # Optional, only needed for temporary credentials
@@ -304,67 +394,67 @@ clients:
- type: openai-compatible
name: cloudflare
api_base: https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/v1
api_key: '{{CLOUDFLARE_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{CLOUDFLARE_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://cloud.baidu.com/doc/WENXINWORKSHOP/index.html
- type: openai-compatible
name: ernie
api_base: https://qianfan.baidubce.com/v2
api_key: '{{BAIDU_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{BAIDU_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://dashscope.aliyun.com/
- type: openai-compatible
name: qianwen
api_base: https://dashscope.aliyuncs.com/compatible-mode/v1
api_key: '{{ALIYUN_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{ALIYUN_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://cloud.tencent.com/product/hunyuan
- type: openai-compatible
name: hunyuan
api_base: https://api.hunyuan.cloud.tencent.com/v1
api_key: '{{TENCENT_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{TENCENT_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://platform.moonshot.cn/docs/intro
- type: openai-compatible
name: moonshot
api_base: https://api.moonshot.cn/v1
api_key: '{{MOONSHOT_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{MOONSHOT_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://platform.deepseek.com/api-docs/
- type: openai-compatible
name: deepseek
api_base: https://api.deepseek.com
api_key: '{{DEEPSEEK_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{DEEPSEEK_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://open.bigmodel.cn/dev/howuse/introduction
- type: openai-compatible
name: zhipuai
api_base: https://open.bigmodel.cn/api/paas/v4
api_key: '{{ZHIPUAI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{ZHIPUAI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://platform.minimaxi.com/document/Fast%20access
- type: openai-compatible
name: minimax
api_base: https://api.minimax.chat/v1
api_key: '{{MINIMAX_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{MINIMAX_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://openrouter.ai/docs#quick-start
- type: openai-compatible
name: openrouter
api_base: https://openrouter.ai/api/v1
api_key: '{{OPENROUTER_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{OPENROUTER_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://github.com/marketplace/models
- type: openai-compatible
name: github
api_base: https://models.inference.ai.azure.com
api_key: '{{GITHUB_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{GITHUB_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://deepinfra.com/docs
- type: openai-compatible
name: deepinfra
api_base: https://api.deepinfra.com/v1/openai
api_key: '{{DEEPINFRA_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{DEEPINFRA_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# ----- RAG dedicated -----
@@ -373,10 +463,10 @@ clients:
- type: openai-compatible
name: jina
api_base: https://api.jina.ai/v1
api_key: '{{JINA_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{JINA_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
# See https://docs.voyageai.com/docs/introduction
- type: openai-compatible
name: voyageai
api_base: https://api.voyageai.com/v1
api_key: '{{VOYAGEAI_API_KEY}}' # You can either hard-code or inject secrets from the Loki vault
api_key: '{{VOYAGEAI_API_KEY}}' # You can either hard-code or inject secrets from the Coyote vault
+18 -3
View File
@@ -8,15 +8,30 @@ name: <role-name> # The name of the role
model: openai:gpt-4o # The model to use for this role
temperature: 0.2 # The temperature to use for this role when querying the model
top_p: 0 # The top_p to use for this role when querying the model
enabled_tools: fs_ls,fs_cat # A comma-separated list of tools to enable for this role
enabled_mcp_servers: github,gitmcp # A comma-separated list of MCP servers to enable for this role
enabled_tools: # Tools to enable for this role. Accepts a YAML list (preferred)
- fs_ls # or a comma-separated string (e.g. `enabled_tools: fs_ls,fs_cat`).
- fs_cat # Use `all` to enable every visible tool.
enabled_mcp_servers: # MCP servers to enable for this role. Accepts a YAML list (preferred)
- github # or a comma-separated string (e.g. `enabled_mcp_servers: github,gitmcp`).
- gitmcp # Use `all` to enable every configured MCP server.
skills_enabled: true # Master switch for skills in this role (default: inherit from global).
# Skills also require `function_calling_support: true` in the global config.
enabled_skills: # Skills available when this role is active. Accepts a YAML list (preferred)
- git-master # or a comma-separated string (e.g. `enabled_skills: git-master,ai-slop-remover`).
- ai-slop-remover # Must be a subset of global `visible_skills`. Omit to inherit the global default.
inject_skill_instructions: true # Inject a short hint pointing the model at `skill__list` when skills are enabled
# (default: true). Suppressed automatically when no skills are available.
skill_instructions: null # Custom text for the skill hint (optional; uses built-in default if null)
memory: null # Per-role memory override (default: inherit). Set to `false` to disable memory
# when this role is active. See the Memory wiki page.
prompt: null # A custom prompt to use for this role that will immediately query
# the model for output instead of using the instructions below
# Auto-Continue (Todo System)
# The auto-continue system provides built-in task tracking for improved reliability.
# When enabled, the model can create todo lists and the system will automatically
# prompt it to continue when incomplete tasks remain.
# See the [Todo System documentation](https://github.com/Dark-Alex-17/loki/wiki/TODO-System) for more information
# See the [Todo System documentation](https://github.com/Dark-Alex-17/coyote/wiki/TODO-System) for more information
auto_continue: false # Enable automatic continuation when incomplete todos remain (default: false)
max_auto_continues: 10 # Maximum number of automatic continuations before stopping (default: 10)
inject_todo_instructions: true # Inject default todo tool usage instructions into the system prompt (default: true)
+23
View File
@@ -0,0 +1,23 @@
# Documentation: https://docs.brew.sh/Formula-Cookbook
# https://rubydoc.brew.sh/Formula
class Coyote < Formula
desc "All-in-one, batteries included LLM CLI tool"
homepage "https://github.com/Dark-Alex-17/coyote"
if OS.mac? and Hardware::CPU.arm?
url "https://github.com/Dark-Alex-17/coyote/releases/download/v$version/coyote-aarch64-apple-darwin.tar.gz"
sha256 "$hash_mac_arm"
elsif OS.mac? and Hardware::CPU.intel?
url "https://github.com/Dark-Alex-17/coyote/releases/download/v$version/coyote-x86_64-apple-darwin.tar.gz"
sha256 "$hash_mac"
else
url "https://github.com/Dark-Alex-17/coyote/releases/download/v$version/coyote-x86_64-unknown-linux-musl.tar.gz"
sha256 "$hash_linux"
end
version "$version"
license "MIT"
def install
bin.install "coyote"
ohai "You're done! Get started with \"coyote --help\""
end
end
-23
View File
@@ -1,23 +0,0 @@
# Documentation: https://docs.brew.sh/Formula-Cookbook
# https://rubydoc.brew.sh/Formula
class Loki < Formula
desc "All-in-one, batteries included LLM CLI tool"
homepage "https://github.com/Dark-Alex-17/loki"
if OS.mac? and Hardware::CPU.arm?
url "https://github.com/Dark-Alex-17/loki/releases/download/v$version/loki-aarch64-apple-darwin.tar.gz"
sha256 "$hash_mac_arm"
elsif OS.mac? and Hardware::CPU.intel?
url "https://github.com/Dark-Alex-17/loki/releases/download/v$version/loki-x86_64-apple-darwin.tar.gz"
sha256 "$hash_mac"
else
url "https://github.com/Dark-Alex-17/loki/releases/download/v$version/loki-x86_64-unknown-linux-musl.tar.gz"
sha256 "$hash_linux"
end
version "$version"
license "MIT"
def install
bin.install "loki"
ohai "You're done! Get started with \"loki --help\""
end
end
+53 -14
View File
@@ -1,5 +1,5 @@
# Graph-based agent definition (full-featured reference)
# Location: <loki-config-dir>/agents/<agent-name>/graph.yaml
# Location: <coyote-config-dir>/agents/<agent-name>/graph.yaml
#
# A graph agent is defined by this file alone. An agent directory contains
# either a config.yaml (a normal LLM-loop agent) or a graph.yaml (a graph
@@ -13,7 +13,7 @@
# runnable deep-research graph agent, see assets/agents/deep-research/.
#
# Full documentation:
# https://github.com/Dark-Alex-17/loki/wiki/Graph-Agents
# https://github.com/Dark-Alex-17/coyote/wiki/Graph-Agents
# ---------------------------------------------------------------------------
# Identity
@@ -35,12 +35,38 @@ temperature: 0.0 # Default sampling temperature for `llm` node
top_p: null # Default sampling top-p for `llm` nodes
global_tools: # Tool universe an `llm` node's `tools:` whitelist draws from
- web_search_loki.sh
- web_search_coyote.sh
- fetch_url_via_curl.sh
mcp_servers: # MCP servers an `llm` node may reference via `mcp:<server>`
- ddg-search
# ---------------------------------------------------------------------------
# Skills policy (optional)
# Skills only attach to `llm` nodes inside a graph. Both fields are optional.
#
# skills_enabled: master switch for skills across every `llm` node in the
# graph. false here turns skills off entirely, regardless of
# per-node settings. Omitting it inherits the agent / global
# cascade (default true).
# enabled_skills: the *universe* of skill names any `llm` node in this graph
# may reference in its own `enabled_skills`. The validator
# rejects per-node entries outside this list at load time.
# Omit to inherit the agent / global cascade.
#
# Per-node usage is documented on the `triage` llm node below. There is no
# auto-load: the model uses `skill__list` / `skill__load` / `skill__unload` to
# bring skills in as it needs them, exactly like in normal-agent contexts.
# ---------------------------------------------------------------------------
skills_enabled: true
enabled_skills:
- code-review
- git-master
- ai-slop-remover
inject_skill_instructions: true # Inject a hint pointing the model at `skill__list`. Defaults to true; suppressed
# automatically when no skills are available.
skill_instructions: null # Custom text for the skill hint (optional; uses the built-in default if omitted).
conversation_starters: # Suggested prompts surfaced in the UI
- "Research the current state of WebAssembly outside the browser"
@@ -52,7 +78,7 @@ conversation_starters: # Suggested prompts surfaced in the UI
# (see initial_state below).
# - Script nodes via the env var `LLM_AGENT_VAR_<UPPER_NAME>`.
# Values may be overridden at runtime with
# `loki -a <agent> --agent-variable <name> <value> "..."`.
# `coyote -a <agent> --agent-variable <name> <value> "..."`.
# ---------------------------------------------------------------------------
variables:
- name: project_dir
@@ -103,7 +129,7 @@ reducers:
# Values placed into graph state before any node runs; reference anywhere via
# {{key}}.
#
# Note: `initial_prompt` is seeded automatically by Loki with the
# Note: `initial_prompt` is seeded automatically by Coyote with the
# caller's prompt. So there's no need to set it here.
# ---------------------------------------------------------------------------
initial_state:
@@ -123,7 +149,7 @@ start: triage # ID of the first node to run (must exist in `nodes
# ---------------------------------------------------------------------------
# Nodes
# Each node is keyed by its id. The `id:` inside a node must match its key
# (it may also be omitted and thus Loki fills it in from the key).
# (it may also be omitted and thus Coyote fills it in from the key).
#
# Node types: agent | script | approval | input | llm | rag | map | end
# ---------------------------------------------------------------------------
@@ -143,6 +169,19 @@ nodes:
{{initial_prompt}}
tools: [] # Tool whitelist. Omitted or [] = no tools at all.
# A list narrows to exactly those entries.
# --- Skills on llm nodes (optional) ------------------------------------
# `enabled_skills` narrows what this node's model can see / load via the
# built-in `skill__list` / `skill__load` / `skill__unload` meta-tools.
# Must be a subset of the graph-level `enabled_skills` (the validator
# catches violations at load time). `skills_enabled: false` would
# disable skills entirely for this node (no meta-tools exposed).
# Nothing is auto-loaded: the model decides when to load a skill.
skills_enabled: true # Whether skills are enabled on this llm node; defaults to 'true'
enabled_skills:
- ai-slop-remover
inject_skill_instructions: true # Override skill-hint injection for just this node. Falls back to
# agent/graph/global default when omitted.
skill_instructions: null # Per-node skill-hint text override; uses the built-in default when omitted.
output_schema: # Optional JSON Schema. The output is parsed to JSON
type: object # and its top-level object keys auto-merge into state
properties: # (so `topic` / `needs_deep_dive` become {{topic}} etc).
@@ -202,7 +241,7 @@ nodes:
instructions: "You are a web researcher. Cite every claim."
prompt: "Web research: {{topic}}. Return findings and sources."
tools:
- web_search_loki
- web_search_coyote
- mcp:ddg-search
output_schema:
type: object
@@ -226,13 +265,13 @@ nodes:
# The script also receives these env vars (parity with bash tools called
# from normal agents):
# GRAPH_STATE / GRAPH_STATE_FILE state payload (one of the two is set)
# LLM_ROOT_DIR loki config dir
# LLM_ROOT_DIR coyote config dir
# LLM_PROMPT_UTILS_FILE path to .shared/prompt-utils.sh
# LLM_AGENT_DATA_DIR this agent's data directory
# LLM_AGENT_VAR_<NAME> one per declared `variables:` entry
# PATH with loki's functions bin dir prepended
# PATH with coyote's functions bin dir prepended
# CLICOLOR_FORCE / FORCE_COLOR so child tools emit ANSI colors
# The script's working directory is loki's invocation CWD (not the agent
# The script's working directory is coyote's invocation CWD (not the agent
# directory), matching the behavior of bash tools.
#
# This node fires once: after both `retrieve` and `web_search` finish.
@@ -256,13 +295,13 @@ nodes:
# targets.
# --- agent node ---------------------------------------------------------
# Spawns a full Loki sub-agent and waits for it. The child uses its own
# Spawns a full Coyote sub-agent and waits for it. The child uses its own
# tool stack. Agent nodes have no `tools:` field. No schema hint is
# injected even when `output_schema` is set (unlike llm nodes).
deep_dive:
id: deep_dive
type: agent
agent: deep-research # Name of an existing Loki agent to spawn
agent: deep-research # Name of an existing Coyote agent to spawn
prompt: | # User message sent to the child (templated)
Research {{topic}} in depth. Existing context:
{{context}}
@@ -325,7 +364,7 @@ nodes:
instructions: "Research one subject deeply for a {{audience}} audience."
prompt: "Research {{subject}}: pull the key facts and one citation."
tools:
- web_search_loki
- web_search_coyote
# No `next:`, `state_updates:`, or `output_schema:` here. Map branches
# have a strict contract (see `subjects_map.branch` comment).
@@ -348,7 +387,7 @@ nodes:
instructions: "You write concise research summaries for a {{audience}} audience."
prompt: "Summarize the topic {{topic}}, using your tools as needed."
tools: # Narrow whitelist: exactly these entries, nothing else
- web_search_loki # an exact global-tool / custom-tool name
- web_search_coyote # an exact global-tool / custom-tool name
- mcp:ddg-search # `mcp:<server>` includes that server's functions
model: claude:claude-haiku-4-5 # Optional per-node model override
temperature: 0.3 # Optional per-node sampling override
+1 -1
View File
@@ -18,7 +18,7 @@ fmt:
cargo fmt --all
# Build the project for the current system architecture
# (Gets stored at ./target/[debug|release]/loki)
# (Gets stored at ./target/[debug|release]/coyote)
[group: 'build']
[arg('build_type', pattern="debug|release")]
build build_type='debug':
+233 -24
View File
@@ -3,6 +3,62 @@
# - https://platform.openai.com/docs/api-reference/chat
- provider: openai
models:
- name: gpt-5.5
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 5
output_price: 30
supports_vision: true
supports_function_calling: true
- name: gpt-5.5-pro
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 30
output_price: 180
supports_vision: true
supports_function_calling: true
- name: gpt-5.4
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 2.5
output_price: 15
supports_vision: true
supports_function_calling: true
- name: gpt-5.4-pro
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 30
output_price: 180
supports_vision: true
supports_function_calling: true
- name: gpt-5.4-mini
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 0.75
output_price: 4.5
supports_vision: true
supports_function_calling: true
- name: gpt-5.4-nano
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 0.2
output_price: 1.25
supports_vision: true
supports_function_calling: true
- name: gpt-5.3-codex
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 1.75
output_price: 14
supports_vision: true
supports_function_calling: true
- name: chat-latest
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 5
output_price: 30
supports_vision: true
supports_function_calling: true
- name: gpt-5.2
max_input_tokens: 400000
max_output_tokens: 128000
@@ -202,6 +258,24 @@
# - https://ai.google.dev/api/rest/v1beta/models/streamGenerateContent
- provider: gemini
models:
- name: gemini-3.5-flash
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3-flash-preview
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3.1-flash-lite
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3.1-pro-preview
max_input_tokens: 1048576
max_output_tokens: 65535
@@ -238,20 +312,6 @@
max_input_tokens: 1048576
supports_vision: true
supports_function_calling: true
- name: gemini-2.0-flash
max_input_tokens: 1048576
max_output_tokens: 8192
input_price: 0
output_price: 0
supports_vision: true
supports_function_calling: true
- name: gemini-2.0-flash-lite
max_input_tokens: 1048576
max_output_tokens: 8192
input_price: 0
output_price: 0
supports_vision: true
supports_function_calling: true
- name: gemma-3-27b-it
max_input_tokens: 131072
max_output_tokens: 8192
@@ -269,6 +329,30 @@
# - https://docs.anthropic.com/en/api/messages
- provider: claude
models:
- name: claude-fable-5
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 10
output_price: 50
supports_function_calling: true
supports_vision: true
- name: claude-opus-4-8
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: claude-opus-4-7
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: claude-opus-4-6
max_input_tokens: 200000
max_output_tokens: 8192
@@ -737,6 +821,24 @@
# - https://cloud.google.com/vertex-ai/generative-ai/docs/model-reference/gemini
- provider: vertexai
models:
- name: gemini-3.5-flash
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3-flash-preview
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3.1-flash-lite
max_input_tokens: 1048576
max_output_tokens: 65536
input_price: 0.2
output_price: 1.5
supports_function_calling: true
- name: gemini-3.1-pro-preview
max_input_tokens: 1048576
max_output_tokens: 65536
@@ -773,18 +875,28 @@
max_input_tokens: 1048576
supports_vision: true
supports_function_calling: true
- name: gemini-2.0-flash-001
max_input_tokens: 1048576
max_output_tokens: 8192
input_price: 0.15
output_price: 0.6
- name: claude-fable-5
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 10
output_price: 50
supports_function_calling: true
supports_vision: true
- name: claude-opus-4-8
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: gemini-2.0-flash-lite-001
max_input_tokens: 1048576
max_output_tokens: 8192
input_price: 0.075
output_price: 0.3
- name: claude-opus-4-7
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: claude-opus-4-6
@@ -942,6 +1054,30 @@
# - https://docs.aws.amazon.com/bedrock/latest/userguide/conversation-inference-call.html
- provider: bedrock
models:
- name: us.anthropic.claude-fable-5
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 10
output_price: 50
supports_function_calling: true
supports_vision: true
- name: us.anthropic.claude-opus-4-8
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: us.anthropic.claude-opus-4-7
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: us.anthropic.claude-opus-4-6-v1
max_input_tokens: 200000
max_output_tokens: 8192
@@ -1484,6 +1620,55 @@
# - https://openrouter.ai/docs/api-reference/chat-completion
- provider: openrouter
models:
- name: openai/gpt-5.5
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 5
output_price: 30
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.5-pro
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 30
output_price: 180
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.4
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 2.5
output_price: 15
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.4-pro
max_input_tokens: 1050000
max_output_tokens: 128000
input_price: 30
output_price: 180
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.4-mini
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 0.75
output_price: 4.5
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.4-nano
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 0.2
output_price: 1.25
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.3-codex
max_input_tokens: 400000
max_output_tokens: 128000
input_price: 1.75
output_price: 14
supports_vision: true
supports_function_calling: true
- name: openai/gpt-5.2
max_input_tokens: 400000
max_output_tokens: 128000
@@ -1568,6 +1753,30 @@
max_input_tokens: 131072
input_price: 0.1
output_price: 0.2
- name: anthropic/claude-fable-5
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 10
output_price: 50
supports_function_calling: true
supports_vision: true
- name: anthropic/claude-opus-4-8
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: anthropic/claude-opus-4-7
max_input_tokens: 1000000
max_output_tokens: 128000
require_max_tokens: true
input_price: 5
output_price: 25
supports_vision: true
supports_function_calling: true
- name: anthropic/claude-opus-4.6
max_input_tokens: 200000
max_output_tokens: 8192
+1 -1
View File
@@ -1,5 +1,5 @@
{
"name": "loki",
"name": "coyote",
"lockfileVersion": 3,
"requires": true,
"packages": {}
@@ -1,24 +1,24 @@
<#
loki installer (Windows/PowerShell 5+ and PowerShell 7)
coyote installer (Windows/PowerShell 5+ and PowerShell 7)
Examples:
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/loki/main/scripts/install_loki.ps1 | iex"
pwsh -c "irm https://raw.githubusercontent.com/Dark-Alex-17/loki/main/scripts/install_loki.ps1 | iex -Version vX.Y.Z"
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.ps1 | iex"
pwsh -c "irm https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.ps1 | iex -Version vX.Y.Z"
Parameters:
-Version <tag> (default: latest)
-BinDir <path> (default: %LOCALAPPDATA%\loki\bin on Windows; ~/.local/bin on *nix PowerShell)
-BinDir <path> (default: %LOCALAPPDATA%\coyote\bin on Windows; ~/.local/bin on *nix PowerShell)
#>
[CmdletBinding()]
param(
[string]$Version = $env:LOKI_VERSION,
[string]$Version = $env:COYOTE_VERSION,
[string]$BinDir = $env:BIN_DIR
)
$Repo = 'Dark-Alex-17/loki'
$Repo = 'Dark-Alex-17/coyote'
function Write-Info($msg) { Write-Host "[loki-install] $msg" }
function Write-Info($msg) { Write-Host "[coyote-install] $msg" }
function Fail($msg) { Write-Error $msg; exit 1 }
Add-Type -AssemblyName System.Runtime
@@ -38,7 +38,7 @@ switch ([System.Runtime.InteropServices.RuntimeInformation]::OSArchitecture) {
}
if (-not $BinDir) {
if ($isWin) { $BinDir = Join-Path $env:LOCALAPPDATA 'loki\bin' }
if ($isWin) { $BinDir = Join-Path $env:LOCALAPPDATA 'coyote\bin' }
else { $home = $env:HOME; if (-not $home) { $home = (Get-Item -Path ~).FullName }; $BinDir = Join-Path $home '.local/bin' }
}
New-Item -ItemType Directory -Force -Path $BinDir | Out-Null
@@ -49,23 +49,23 @@ $apiBase = "https://api.github.com/repos/$Repo/releases"
$relUrl = if ($Version) { "$apiBase/tags/$Version" } else { "$apiBase/latest" }
Write-Info "Fetching release: $relUrl"
try {
$release = Invoke-RestMethod -UseBasicParsing -Headers @{ 'User-Agent' = 'loki-installer' } -Uri $relUrl -Method GET
$release = Invoke-RestMethod -UseBasicParsing -Headers @{ 'User-Agent' = 'coyote-installer' } -Uri $relUrl -Method GET
} catch { Fail "Failed to fetch release metadata. $_" }
if (-not $release.assets) { Fail "No assets found in the release." }
$candidates = @()
if ($os -eq 'windows') {
if ($arch -eq 'x86_64') { $candidates += 'loki-x86_64-pc-windows-msvc.zip' }
else { $candidates += 'loki-aarch64-pc-windows-msvc.zip' }
if ($arch -eq 'x86_64') { $candidates += 'coyote-x86_64-pc-windows-msvc.zip' }
else { $candidates += 'coyote-aarch64-pc-windows-msvc.zip' }
} elseif ($os -eq 'darwin') {
if ($arch -eq 'x86_64') { $candidates += 'loki-x86_64-apple-darwin.tar.gz' }
else { $candidates += 'loki-aarch64-apple-darwin.tar.gz' }
if ($arch -eq 'x86_64') { $candidates += 'coyote-x86_64-apple-darwin.tar.gz' }
else { $candidates += 'coyote-aarch64-apple-darwin.tar.gz' }
} elseif ($os -eq 'linux') {
if ($arch -eq 'x86_64') {
$candidates += 'loki-x86_64-unknown-linux-gnu.tar.gz'
$candidates += 'loki-x86_64-unknown-linux-musl.tar.gz'
$candidates += 'coyote-x86_64-unknown-linux-gnu.tar.gz'
$candidates += 'coyote-x86_64-unknown-linux-musl.tar.gz'
} else {
$candidates += 'loki-aarch64-unknown-linux-musl.tar.gz'
$candidates += 'coyote-aarch64-unknown-linux-musl.tar.gz'
}
} else {
Fail "Unsupported OS for this installer: $os"
@@ -84,9 +84,9 @@ if (-not $asset) {
Write-Info "Selected asset: $($asset.name)"
Write-Info "Download URL: $($asset.browser_download_url)"
$tmp = New-Item -ItemType Directory -Force -Path ([IO.Path]::Combine([IO.Path]::GetTempPath(), "loki-$(Get-Random)"))
$tmp = New-Item -ItemType Directory -Force -Path ([IO.Path]::Combine([IO.Path]::GetTempPath(), "coyote-$(Get-Random)"))
$archive = Join-Path $tmp.FullName 'asset'
try { Invoke-WebRequest -UseBasicParsing -Headers @{ 'User-Agent' = 'loki-installer' } -Uri $asset.browser_download_url -OutFile $archive } catch { Fail "Failed to download asset. $_" }
try { Invoke-WebRequest -UseBasicParsing -Headers @{ 'User-Agent' = 'coyote-installer' } -Uri $asset.browser_download_url -OutFile $archive } catch { Fail "Failed to download asset. $_" }
$extractDir = Join-Path $tmp.FullName 'extract'; New-Item -ItemType Directory -Force -Path $extractDir | Out-Null
@@ -107,14 +107,14 @@ if ($asset.name -match '\.zip$') {
$bin = $null
Get-ChildItem -Recurse -File $extractDir | ForEach-Object {
if ($isWin) { if ($_.Name -ieq 'loki.exe') { $bin = $_.FullName } }
else { if ($_.Name -ieq 'loki') { $bin = $_.FullName } }
if ($isWin) { if ($_.Name -ieq 'coyote.exe') { $bin = $_.FullName } }
else { if ($_.Name -ieq 'coyote') { $bin = $_.FullName } }
}
if (-not $bin) { Fail "Could not find loki binary inside the archive." }
if (-not $bin) { Fail "Could not find coyote binary inside the archive." }
if (-not $isWin) { try { & chmod +x -- $bin } catch {} }
$exec = if ($isWin) { 'loki.exe'} else { 'loki' }
$exec = if ($isWin) { 'coyote.exe'} else { 'coyote' }
$dest = Join-Path $BinDir $exec
Copy-Item -Force $bin $dest
Write-Info "Installed: $dest"
@@ -135,5 +135,5 @@ if ($isWin) {
}
}
Write-Info "Done. Try: loki --help"
Write-Info "Done. Try: coyote --help"
@@ -1,23 +1,23 @@
#!/usr/bin/env bash
set -euo pipefail
# loki installer (Linux/macOS)
# coyote installer (Linux/macOS)
#
# Usage examples:
# curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/loki/main/scripts/install_loki.sh | bash
# curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/loki/main/scripts/install_loki.sh | bash -s -- --version vX.Y.Z
# BIN_DIR="$HOME/.local/bin" bash scripts/install_loki.sh
# curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.sh | bash
# curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.sh | bash -s -- --version vX.Y.Z
# BIN_DIR="$HOME/.local/bin" bash scripts/install_coyote.sh
#
# Flags / Env:
# --version <tag> Release tag (default: latest). Or set LOKI_VERSION.
# --version <tag> Release tag (default: latest). Or set COYOTE_VERSION.
# --bin-dir <dir> Install directory (default: /usr/local/bin or ~/.local/bin). Or set BIN_DIR.
REPO="Dark-Alex-17/loki"
VERSION="${LOKI_VERSION:-}"
REPO="Dark-Alex-17/coyote"
VERSION="${COYOTE_VERSION:-}"
BIN_DIR="${BIN_DIR:-}"
usage() {
echo "loki installer (Linux/macOS)"
echo "coyote installer (Linux/macOS)"
echo
echo "Options:"
echo " --version <tag> Release tag (default: latest)"
@@ -44,7 +44,7 @@ fi
mkdir -p "${BIN_DIR}"
log() {
echo "[loki-install] $*"
echo "[coyote-install] $*"
}
need_cmd() {
@@ -92,9 +92,9 @@ fi
http_get() {
if [[ "$DL" == "curl" ]]; then
curl -fsSL -H 'User-Agent: loki-installer' "$1"
curl -fsSL -H 'User-Agent: coyote-installer' "$1"
else
wget -qO- --header='User-Agent: loki-installer' "$1"
wget -qO- --header='User-Agent: coyote-installer' "$1"
fi
}
@@ -111,9 +111,9 @@ fi
ASSET_CANDIDATES=()
if [[ "$OS" == "darwin" ]]; then
if [[ "$ARCH" == "x86_64" ]]; then
ASSET_CANDIDATES+=("loki-x86_64-apple-darwin.tar.gz")
ASSET_CANDIDATES+=("coyote-x86_64-apple-darwin.tar.gz")
else
ASSET_CANDIDATES+=("loki-aarch64-apple-darwin.tar.gz")
ASSET_CANDIDATES+=("coyote-aarch64-apple-darwin.tar.gz")
fi
elif [[ "$OS" == "linux" ]]; then
if [[ "$ARCH" == "x86_64" ]]; then
@@ -122,12 +122,12 @@ elif [[ "$OS" == "linux" ]]; then
if ldd --version 2>&1 | grep -qi glibc; then LIBC="gnu"; fi
if [[ "$LIBC" == "gnu" ]]; then
ASSET_CANDIDATES+=("loki-x86_64-unknown-linux-gnu.tar.gz")
ASSET_CANDIDATES+=("coyote-x86_64-unknown-linux-gnu.tar.gz")
fi
ASSET_CANDIDATES+=("loki-x86_64-unknown-linux-musl.tar.gz")
ASSET_CANDIDATES+=("coyote-x86_64-unknown-linux-musl.tar.gz")
else
ASSET_CANDIDATES+=("loki-aarch64-unknown-linux-musl.tar.gz")
ASSET_CANDIDATES+=("coyote-aarch64-unknown-linux-musl.tar.gz")
fi
else
echo "Error: unsupported OS for this installer: $OS" >&2; exit 1
@@ -170,9 +170,9 @@ log "Download URL: $ASSET_URL"
ARCHIVE="$TMPDIR/asset"
if [[ "$DL" == "curl" ]]; then
curl -fL -H 'User-Agent: loki-installer' "$ASSET_URL" -o "$ARCHIVE"
curl -fL -H 'User-Agent: coyote-installer' "$ASSET_URL" -o "$ARCHIVE"
else
wget -q --header='User-Agent: loki-installer' "$ASSET_URL" -O "$ARCHIVE"
wget -q --header='User-Agent: coyote-installer' "$ASSET_URL" -O "$ARCHIVE"
fi
WORK="$TMPDIR/work"; mkdir -p "$WORK"
@@ -192,21 +192,21 @@ fi
BIN_PATH=""
while IFS= read -r -d '' f; do
base=$(basename "$f")
if [[ "$base" == "loki" ]]; then
if [[ "$base" == "coyote" ]]; then
BIN_PATH="$f"
break
fi
done < <(find "$EXTRACTED_DIR" -type f -print0)
if [[ -z "$BIN_PATH" ]]; then
echo "Error: could not find 'loki' binary in the archive" >&2
echo "Error: could not find 'coyote' binary in the archive" >&2
exit 1
fi
chmod +x "$BIN_PATH"
install -m 0755 "$BIN_PATH" "${BIN_DIR}/loki"
install -m 0755 "$BIN_PATH" "${BIN_DIR}/coyote"
log "Installed: ${BIN_DIR}/loki"
log "Installed: ${BIN_DIR}/coyote"
case ":$PATH:" in
*":${BIN_DIR}:"*) ;;
@@ -216,5 +216,5 @@ case ":$PATH:" in
;;
esac
log "Done. Try: loki --help"
log "Done. Try: coyote --help"
+3 -3
View File
@@ -1,7 +1,7 @@
_loki_bash() {
_coyote_bash() {
if [[ -n "$READLINE_LINE" ]]; then
READLINE_LINE=$(loki -e "$READLINE_LINE")
READLINE_LINE=$(coyote -e "$READLINE_LINE")
READLINE_POINT=${#READLINE_LINE}
fi
}
bind -x '"\ee": _loki_bash'
bind -x '"\ee": _coyote_bash'
+3 -3
View File
@@ -1,7 +1,7 @@
fn _loki_elvish {
fn _coyote_elvish {
var line = (edit:current-command)
var new-line = (loki -e $line)
var new-line = (coyote -e $line)
edit:replace-input $new-line
}
edit:insert:binding[Alt-e] = $_loki_elvish
edit:insert:binding[Alt-e] = $_coyote_elvish
+3 -3
View File
@@ -1,9 +1,9 @@
function _loki_fish
function _coyote_fish
set -l _old (commandline)
if test -n $_old
echo -n "⌛"
commandline -f repaint
commandline (loki -e $_old)
commandline (coyote -e $_old)
end
end
bind \ee _loki_fish
bind \ee _coyote_fish
+4 -4
View File
@@ -1,20 +1,20 @@
def _loki_nushell [] {
def _coyote_nushell [] {
let _prev = (commandline)
if ($_prev != "") {
print '⌛'
commandline edit -r (loki -e $_prev)
commandline edit -r (coyote -e $_prev)
}
}
$env.config.keybindings = ($env.config.keybindings | append {
name: loki_integration
name: coyote_integration
modifier: alt
keycode: char_e
mode: [emacs, vi_insert]
event:[
{
send: executehostcommand,
cmd: "_loki_nushell"
cmd: "_coyote_nushell"
}
]
}
+1 -1
View File
@@ -3,7 +3,7 @@ Set-PSReadLineKeyHandler -Chord "alt+e" -ScriptBlock {
[Microsoft.PowerShell.PSConsoleReadline]::GetBufferState([ref]$_old, [ref]$null)
if ($_old) {
[Microsoft.PowerShell.PSConsoleReadLine]::Insert('⌛')
$_new = (loki -e $_old)
$_new = (coyote -e $_old)
[Microsoft.PowerShell.PSConsoleReadLine]::DeleteLine()
[Microsoft.PowerShell.PSConsoleReadline]::Insert($_new)
}
+4 -4
View File
@@ -1,11 +1,11 @@
_loki_zsh() {
_coyote_zsh() {
if [[ -n "$BUFFER" ]]; then
local _old=$BUFFER
BUFFER+="⌛"
zle -I && zle redisplay
BUFFER=$(loki -e "$_old")
BUFFER=$(coyote -e "$_old")
zle end-of-line
fi
}
zle -N _loki_zsh
bindkey '\ee' _loki_zsh
zle -N _coyote_zsh
bindkey '\ee' _coyote_zsh
+13 -8
View File
@@ -9,7 +9,7 @@ use std::env;
use std::ffi::OsStr;
use std::io;
const LOKI_CLI_NAME: &str = "loki";
const COYOTE_CLI_NAME: &str = "coyote";
#[derive(Clone, Copy, Debug, clap::ValueEnum)]
pub enum ShellCompletion {
@@ -24,12 +24,14 @@ pub enum ShellCompletion {
impl ShellCompletion {
pub fn generate_completions(self, cmd: &mut clap::Command) {
match self {
Self::Bash => generate(Shell::Bash, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::Elvish => generate(Shell::Elvish, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::Fish => generate(Shell::Fish, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::PowerShell => generate(Shell::PowerShell, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::Zsh => generate(Shell::Zsh, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::Nushell => generate(Nushell, cmd, LOKI_CLI_NAME, &mut io::stdout()),
Self::Bash => generate(Shell::Bash, cmd, COYOTE_CLI_NAME, &mut io::stdout()),
Self::Elvish => generate(Shell::Elvish, cmd, COYOTE_CLI_NAME, &mut io::stdout()),
Self::Fish => generate(Shell::Fish, cmd, COYOTE_CLI_NAME, &mut io::stdout()),
Self::PowerShell => {
generate(Shell::PowerShell, cmd, COYOTE_CLI_NAME, &mut io::stdout())
}
Self::Zsh => generate(Shell::Zsh, cmd, COYOTE_CLI_NAME, &mut io::stdout()),
Self::Nushell => generate(Nushell, cmd, COYOTE_CLI_NAME, &mut io::stdout()),
}
}
}
@@ -135,7 +137,8 @@ pub(super) fn session_completer(current: &OsStr) -> Vec<CompletionCandidate> {
pub(super) fn secrets_completer(current: &OsStr) -> Vec<CompletionCandidate> {
let cur = current.to_string_lossy();
match load_app_config_for_completion() {
Ok(app_config) => Vault::init(&app_config)
Ok(app_config) => match Vault::init(&app_config) {
Ok(vault) => vault
.list_secrets(false)
.unwrap_or_default()
.into_iter()
@@ -143,5 +146,7 @@ pub(super) fn secrets_completer(current: &OsStr) -> Vec<CompletionCandidate> {
.map(CompletionCandidate::new)
.collect(),
Err(_) => vec![],
},
Err(_) => vec![],
}
}
+147 -13
View File
@@ -4,18 +4,19 @@ use crate::cli::completer::{
ShellCompletion, agent_completer, macro_completer, model_completer, rag_completer,
role_completer, secrets_completer, session_completer,
};
use crate::config::{AssetCategory, InstallFilter};
use crate::config::{AssetCategory, InstallFilter, MemoryScope};
use anyhow::{Context, Result};
use clap::ValueHint;
use clap::{ArgGroup, ValueHint};
use clap::{Parser, crate_authors, crate_description, crate_version};
use clap_complete::ArgValueCompleter;
use is_terminal::IsTerminal;
use std::collections::HashSet;
use std::io::{Read, stdin};
#[derive(Parser, Debug)]
#[command(author, version, about, long_about = None)]
#[command(
name = "loki",
name = "coyote",
author = crate_authors!(),
version = crate_version!(),
about = crate_description!(),
@@ -26,7 +27,20 @@ use std::io::{Read, stdin};
{usage-heading} {usage}
{all-args}{after-help}
"
",
group(
ArgGroup::new("sbx-mode")
.args(["sandbox", "fresh", "no_mixins"])
.multiple(true)
.conflicts_with_all([
"model", "prompt", "role", "session", "agent", "rag", "rebuild_rag",
"macro_name", "execute", "code", "file", "no_stream", "no_memory",
"init_memory", "dry_run", "info", "build_tools", "install",
"install_from", "sync_models", "list_models", "list_roles",
"list_sessions", "list_agents", "list_rags", "list_macros",
"list_skills", "skill", "tail_logs", "completions", "update",
])
),
)]
pub struct Cli {
/// Select a LLM model
@@ -74,6 +88,12 @@ pub struct Cli {
/// Turn off stream mode
#[arg(short = 'S', long)]
pub no_stream: bool,
/// Disable memory for this invocation
#[arg(long)]
pub no_memory: bool,
/// Bootstrap a memory marker so coyote begins loading memory next run
#[arg(long, value_name = "SCOPE", value_enum)]
pub init_memory: Option<MemoryScope>,
/// Display the message without sending it
#[arg(long)]
pub dry_run: bool,
@@ -116,6 +136,14 @@ pub struct Cli {
/// List all macros
#[arg(long)]
pub list_macros: bool,
/// List all installed skills
#[arg(long)]
pub list_skills: bool,
/// Pre-load an existing skill into the session (repeatable). If a single
/// `--skill <NAME>` is given and the skill doesn't exist, opens $EDITOR
/// with a scaffold to create it.
#[arg(long, value_name = "NAME")]
pub skill: Vec<String>,
/// Input text
#[arg(trailing_var_arg = true)]
text: Vec<String>,
@@ -125,19 +153,19 @@ pub struct Cli {
/// Disable colored log output
#[arg(long, requires = "tail_logs")]
pub disable_log_colors: bool,
/// Add a secret to the Loki vault
/// Add a secret to the Coyote vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true)]
pub add_secret: Option<String>,
/// Decrypt a secret from the Loki vault and print the plaintext
/// Decrypt a secret from the Coyote vault and print the plaintext
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub get_secret: Option<String>,
/// Update an existing secret in the Loki vault
/// Update an existing secret in the Coyote vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub update_secret: Option<String>,
/// Delete a secret from the Loki vault
/// Delete a secret from the Coyote vault
#[arg(long, value_name = "SECRET_NAME", exclusive = true, add = ArgValueCompleter::new(secrets_completer))]
pub delete_secret: Option<String>,
/// List all secrets stored in the Loki vault
/// List all secrets stored in the Coyote vault
#[arg(long, exclusive = true)]
pub list_secrets: bool,
/// Authenticate with an LLM provider using OAuth (e.g., --authenticate client_name)
@@ -146,15 +174,36 @@ pub struct Cli {
/// Generate static shell completion scripts
#[arg(long, value_name = "SHELL", value_enum)]
pub completions: Option<ShellCompletion>,
/// Update Loki to the latest release, or to a specific version
/// Update Coyote to the latest release, or to a specific version
#[arg(long, value_name = "VERSION")]
pub update: Option<Option<String>>,
/// With --update, update even if Loki was installed via a package manager
/// With --update, update even if Coyote was installed via a package manager
#[arg(long, requires = "update")]
pub force: bool,
/// Launch Coyote inside a Docker sandbox (via `sbx`); name defaults to current directory basename
#[arg(long, value_name = "NAME")]
pub sandbox: Option<Option<String>>,
/// Create the sandbox without bootstrapping the host config or vault password file
#[arg(long, requires = "sandbox")]
pub fresh: bool,
/// Skip discovery and application of all sbx mixins (user and built-in)
#[arg(long, requires = "sandbox")]
pub no_mixins: bool,
}
impl Cli {
pub fn skills(&self) -> Vec<String> {
let mut seen = HashSet::new();
let mut out = Vec::with_capacity(self.skill.len());
for name in &self.skill {
if seen.insert(name.clone()) {
out.push(name.clone());
}
}
out
}
pub fn text(&self) -> Result<Option<String>> {
let mut stdin_text = String::new();
if !stdin().is_terminal() {
@@ -202,7 +251,7 @@ mod tests {
use clap::Parser;
fn parse(args: &[&str]) -> Cli {
let mut full_args = vec!["loki"];
let mut full_args = vec!["coyote"];
full_args.extend_from_slice(args);
Cli::try_parse_from(full_args).unwrap()
}
@@ -298,6 +347,36 @@ mod tests {
assert!(parse(&["--list-agents"]).list_agents);
assert!(parse(&["--list-rags"]).list_rags);
assert!(parse(&["--list-macros"]).list_macros);
assert!(parse(&["--list-skills"]).list_skills);
}
#[test]
fn parse_skill_flag_takes_name() {
assert_eq!(parse(&["--skill", "git-master"]).skill, vec!["git-master"]);
assert!(parse(&[]).skill.is_empty());
}
#[test]
fn parse_multiple_skill_flags_preserves_order() {
assert_eq!(
parse(&["--skill", "alpha", "--skill", "beta", "--skill", "gamma"]).skill,
vec!["alpha", "beta", "gamma"]
);
}
#[test]
fn skills_method_dedupes_preserving_first_occurrence() {
let cli = parse(&[
"--skill", "alpha", "--skill", "beta", "--skill", "alpha", "--skill", "gamma",
"--skill", "beta",
]);
assert_eq!(cli.skills(), vec!["alpha", "beta", "gamma"]);
}
#[test]
fn skills_method_returns_empty_when_no_flags() {
assert!(parse(&[]).skills().is_empty());
}
#[test]
@@ -436,6 +515,61 @@ mod tests {
#[test]
fn parse_force_without_update_fails() {
assert!(Cli::try_parse_from(["loki", "--force"]).is_err());
assert!(Cli::try_parse_from(["coyote", "--force"]).is_err());
}
#[test]
fn parse_sandbox_flag_no_value() {
let cli = parse(&["--sandbox"]);
assert_eq!(cli.sandbox, Some(None));
}
#[test]
fn parse_sandbox_flag_with_name() {
let cli = parse(&["--sandbox", "my-box"]);
assert_eq!(cli.sandbox, Some(Some("my-box".to_string())));
}
#[test]
fn parse_sandbox_is_exclusive() {
assert!(Cli::try_parse_from(["coyote", "--sandbox", "--agent", "foo"]).is_err());
}
#[test]
fn parse_fresh_flag_requires_sandbox() {
assert!(Cli::try_parse_from(["coyote", "--fresh"]).is_err());
}
#[test]
fn parse_fresh_flag_with_sandbox() {
let cli = parse(&["--sandbox", "--fresh"]);
assert_eq!(cli.sandbox, Some(None));
assert!(cli.fresh);
}
#[test]
fn parse_fresh_flag_with_named_sandbox() {
let cli = parse(&["--sandbox", "foo", "--fresh"]);
assert_eq!(cli.sandbox, Some(Some("foo".to_string())));
assert!(cli.fresh);
}
#[test]
fn parse_no_mixins_requires_sandbox() {
assert!(Cli::try_parse_from(["coyote", "--no-mixins"]).is_err());
}
#[test]
fn parse_no_mixins_with_sandbox() {
let cli = parse(&["--sandbox", "--no-mixins"]);
assert!(cli.no_mixins);
}
#[test]
fn parse_sandbox_with_fresh_and_no_mixins() {
let cli = parse(&["--sandbox", "foo", "--fresh", "--no-mixins"]);
assert_eq!(cli.sandbox, Some(Some("foo".to_string())));
assert!(cli.fresh);
assert!(cli.no_mixins);
}
}
+23 -29
View File
@@ -85,7 +85,7 @@ async fn prepare_chat_completions(
let ready = oauth::prepare_oauth_access_token(client, &provider, self_.name()).await?;
if !ready {
bail!(
"OAuth configured but no tokens found for '{}'. Run: 'loki --authenticate {}' or '.authenticate' in the REPL",
"OAuth configured but no tokens found for '{}'. Run: 'coyote --authenticate {}' or '.authenticate' in the REPL",
self_.name(),
self_.name()
);
@@ -100,7 +100,7 @@ async fn prepare_chat_completions(
request_data.header("x-api-key", api_key);
} else {
bail!(
"No authentication configured for '{}'. Set `api_key` or use `auth: oauth` with `loki --authenticate {}`.",
"No authentication configured for '{}'. Set `api_key` or use `auth: oauth` with `coyote --authenticate {}`.",
self_.name(),
self_.name()
);
@@ -114,41 +114,35 @@ async fn prepare_chat_completions(
///
/// This behavior was discovered 2026-03-17.
///
/// So this function injects the Claude Code system prompt into the request
/// body to make it a valid request.
/// The prefix must be in its **own** top-level system block. Concatenating it
/// with role / session content into a single block causes Anthropic to reject
/// the request with `rate_limit_error`. Any pre-existing system content is
/// preserved as additional blocks after the prefix.
fn inject_oauth_system_prompt(body: &mut Value) {
let existing_text = match body.get("system") {
let existing_blocks: Vec<Value> = match body.get("system") {
Some(Value::String(s)) => {
if s.starts_with(CLAUDE_CODE_PREFIX) {
return;
if s.is_empty() {
Vec::new()
} else {
vec![json!({ "type": "text", "text": s })]
}
(!s.is_empty()).then(|| s.clone())
}
Some(Value::Array(blocks)) => {
let already_injected = blocks.iter().any(|b| {
b.get("text")
.and_then(|t| t.as_str())
.map(|t| t.starts_with(CLAUDE_CODE_PREFIX))
.unwrap_or(false)
});
Some(Value::Array(blocks)) => blocks.clone(),
_ => Vec::new(),
};
let already_injected = existing_blocks
.first()
.and_then(|b| b.get("text").and_then(|t| t.as_str()))
.map(|t| t == CLAUDE_CODE_PREFIX)
.unwrap_or(false);
if already_injected {
return;
}
let joined: Vec<String> = blocks
.iter()
.filter_map(|b| b.get("text").and_then(|t| t.as_str()).map(String::from))
.collect();
(!joined.is_empty()).then(|| joined.join("\n\n"))
}
_ => None,
};
let merged = match existing_text {
Some(rest) => format!("{}\n\n{}", CLAUDE_CODE_PREFIX, rest),
None => CLAUDE_CODE_PREFIX.to_string(),
};
body["system"] = json!([{ "type": "text", "text": merged }]);
let mut system = vec![json!({ "type": "text", "text": CLAUDE_CODE_PREFIX })];
system.extend(existing_blocks);
body["system"] = Value::Array(system);
}
pub async fn claude_chat_completions(
+3 -1
View File
@@ -354,7 +354,9 @@ pub async fn create_config(
"type": client,
});
for (key, desc, help_message, is_secret) in prompts {
let env_name = format!("{client}_{key}").to_ascii_uppercase();
let env_name = format!("{client}-{key}")
.to_ascii_uppercase()
.replace("_", "-");
let required = std::env::var(&env_name).is_err();
let value = if !is_secret {
prompt_input_string(desc, required, *help_message)?
+3 -3
View File
@@ -111,7 +111,7 @@ async fn prepare_chat_completions(
let ready = oauth::prepare_oauth_access_token(client, &provider, self_.name()).await?;
if !ready {
bail!(
"OAuth configured but no tokens found for '{}'. Run: 'loki --authenticate {}' or '.authenticate' in the REPL",
"OAuth configured but no tokens found for '{}'. Run: 'coyote --authenticate {}' or '.authenticate' in the REPL",
self_.name(),
self_.name()
);
@@ -122,7 +122,7 @@ async fn prepare_chat_completions(
request_data.header("x-goog-api-key", api_key);
} else {
bail!(
"No authentication configured for '{}'. Set `api_key` or use `auth: oauth` with `loki --authenticate {}`.",
"No authentication configured for '{}'. Set `api_key` or use `auth: oauth` with `coyote --authenticate {}`.",
self_.name(),
self_.name()
);
@@ -181,7 +181,7 @@ async fn prepare_embeddings(
let ready = oauth::prepare_oauth_access_token(client, &provider, self_.name()).await?;
if !ready {
bail!(
"OAuth configured but no tokens found for '{}'. Run: 'loki --authenticate {}' or '.authenticate' in the REPL",
"OAuth configured but no tokens found for '{}'. Run: 'coyote --authenticate {}' or '.authenticate' in the REPL",
self_.name(),
self_.name()
);
+5 -1
View File
@@ -119,7 +119,11 @@ fn prepare_chat_completions(
format!("{base_url}/google/models/{model_name}:{func}")
}
ModelCategory::Claude => {
format!("{base_url}/anthropic/models/{model_name}:streamRawPredict")
let func = match data.stream {
true => "streamRawPredict",
false => "rawPredict",
};
format!("{base_url}/anthropic/models/{model_name}:{func}")
}
ModelCategory::Mistral => {
let func = match data.stream {
+75 -13
View File
@@ -2,6 +2,7 @@ use super::*;
use crate::{
client::Model,
config::memory,
function::{Functions, run_llm_function},
};
@@ -19,7 +20,7 @@ use fancy_regex::Captures;
use inquire::{Text, validator::Validation};
use rust_embed::Embed;
use serde::{Deserialize, Serialize};
use std::{ffi::OsStr, path::Path};
use std::{env, ffi::OsStr, path::Path};
const DEFAULT_AGENT_NAME: &str = "rag";
@@ -207,6 +208,27 @@ impl Agent {
functions.append_teammate_functions();
functions.append_user_interaction_functions();
if app.function_calling_support
&& app.skills_enabled
&& !matches!(agent_config.skills_enabled, Some(false))
{
functions.append_skill_functions();
}
if app.function_calling_support
&& !matches!(agent_config.memory, Some(false))
&& !matches!(app.memory, Some(false))
{
let memory_exists = paths::global_memory_index_path().exists()
|| env::current_dir()
.ok()
.and_then(|cwd| memory::discover_workspace_memory(&cwd))
.is_some();
if memory_exists {
functions.append_memory_functions();
}
}
agent_config.replace_tools_placeholder(&functions);
Ok(Self {
@@ -337,6 +359,26 @@ impl Agent {
&self.config.mcp_servers
}
pub fn skills_enabled(&self) -> Option<bool> {
self.config.skills_enabled
}
pub fn enabled_skills(&self) -> Option<&[String]> {
self.config.enabled_skills.as_deref()
}
pub fn memory(&self) -> Option<bool> {
self.config.memory
}
pub fn set_skills_enabled(&mut self, value: Option<bool>) {
self.config.skills_enabled = value;
}
pub fn set_enabled_skills(&mut self, value: Option<Vec<String>>) {
self.config.enabled_skills = value;
}
pub fn conversation_starters(&self) -> Vec<String> {
self.config
.conversation_starters
@@ -441,6 +483,14 @@ impl Agent {
self.config.continuation_prompt.clone()
}
pub fn inject_skill_instructions(&self) -> bool {
self.config.inject_skill_instructions
}
pub fn skill_instructions_value(&self) -> Option<String> {
self.config.skill_instructions.clone()
}
pub fn can_spawn_agents(&self) -> bool {
self.config.can_spawn_agents
}
@@ -525,12 +575,12 @@ impl RoleLike for Agent {
self.config.top_p
}
fn enabled_tools(&self) -> Option<String> {
self.config.global_tools.clone().join(",").into()
fn enabled_tools(&self) -> Option<Vec<String>> {
None
}
fn enabled_mcp_servers(&self) -> Option<String> {
self.config.mcp_servers.clone().join(",").into()
fn enabled_mcp_servers(&self) -> Option<Vec<String>> {
Some(self.config.mcp_servers.clone())
}
fn set_model(&mut self, model: Model) {
@@ -546,15 +596,14 @@ impl RoleLike for Agent {
self.config.top_p = value;
}
fn set_enabled_tools(&mut self, value: Option<String>) {
fn set_enabled_tools(&mut self, value: Option<Vec<String>>) {
match value {
Some(tools) => {
let tools = tools
.split(',')
self.config.global_tools = tools
.into_iter()
.map(|v| v.trim().to_string())
.filter(|v| !v.is_empty())
.collect::<Vec<_>>();
self.config.global_tools = tools;
}
None => {
self.config.global_tools.clear();
@@ -562,15 +611,14 @@ impl RoleLike for Agent {
}
}
fn set_enabled_mcp_servers(&mut self, value: Option<String>) {
fn set_enabled_mcp_servers(&mut self, value: Option<Vec<String>>) {
match value {
Some(servers) => {
let servers = servers
.split(',')
self.config.mcp_servers = servers
.into_iter()
.map(|v| v.trim().to_string())
.filter(|v| !v.is_empty())
.collect::<Vec<_>>();
self.config.mcp_servers = servers;
}
None => {
self.config.mcp_servers.clear();
@@ -604,6 +652,12 @@ pub struct AgentConfig {
pub inject_todo_instructions: bool,
#[serde(default = "default_true")]
pub inject_spawn_instructions: bool,
#[serde(default = "default_true")]
pub inject_skill_instructions: bool,
#[serde(skip_serializing_if = "Option::is_none")]
pub skill_instructions: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
pub memory: Option<bool>,
#[serde(skip_serializing_if = "Option::is_none")]
pub compression_threshold: Option<usize>,
#[serde(default)]
@@ -615,6 +669,10 @@ pub struct AgentConfig {
#[serde(default)]
pub global_tools: Vec<String>,
#[serde(skip_serializing_if = "Option::is_none")]
pub skills_enabled: Option<bool>,
#[serde(skip_serializing_if = "Option::is_none")]
pub enabled_skills: Option<Vec<String>>,
#[serde(skip_serializing_if = "Option::is_none")]
pub continuation_prompt: Option<String>,
#[serde(default)]
pub instructions: String,
@@ -677,6 +735,10 @@ impl AgentConfig {
description: graph.description.clone(),
global_tools: graph.global_tools.clone(),
mcp_servers: graph.mcp_servers.clone(),
skills_enabled: graph.skills_enabled,
enabled_skills: graph.enabled_skills.clone(),
inject_skill_instructions: graph.inject_skill_instructions.unwrap_or(true),
skill_instructions: graph.skill_instructions.clone(),
conversation_starters: graph.conversation_starters.clone(),
variables: graph.variables.clone(),
can_spawn_agents: graph.has_agent_node(),
+128 -12
View File
@@ -3,7 +3,8 @@ use crate::render::{MarkdownRender, RenderOptions};
use crate::utils::{IS_STDOUT_TERMINAL, NO_COLOR, decode_bin, get_env_name};
use super::paths;
use anyhow::{Context, Result, anyhow};
use anyhow::{Context, Result, anyhow, bail};
use gman::providers::SupportedProvider;
use indexmap::IndexMap;
use serde::Deserialize;
use std::collections::HashMap;
@@ -29,20 +30,30 @@ pub struct AppConfig {
pub wrap: Option<String>,
pub wrap_code: bool,
pub(crate) vault_password_file: Option<PathBuf>,
pub(crate) secrets_provider: Option<SupportedProvider>,
pub function_calling_support: bool,
pub mapping_tools: IndexMap<String, String>,
pub enabled_tools: Option<String>,
#[serde(default, deserialize_with = "super::deserialize_csv_or_vec")]
pub enabled_tools: Option<Vec<String>>,
pub visible_tools: Option<Vec<String>>,
pub skills_enabled: bool,
#[serde(default, deserialize_with = "super::deserialize_csv_or_vec")]
pub enabled_skills: Option<Vec<String>>,
pub visible_skills: Option<Vec<String>>,
pub mcp_server_support: bool,
pub mapping_mcp_servers: IndexMap<String, String>,
pub enabled_mcp_servers: Option<String>,
#[serde(default, deserialize_with = "super::deserialize_csv_or_vec")]
pub enabled_mcp_servers: Option<Vec<String>>,
pub auto_continue: bool,
pub max_auto_continues: usize,
pub inject_todo_instructions: bool,
pub continuation_prompt: Option<String>,
pub inject_skill_instructions: bool,
pub skill_instructions: Option<String>,
pub repl_prelude: Option<String>,
pub cmd_prelude: Option<String>,
@@ -53,6 +64,10 @@ pub struct AppConfig {
pub summarization_prompt: Option<String>,
pub summary_context_prompt: Option<String>,
pub memory: Option<bool>,
pub memory_cap_with_tools: Option<usize>,
pub memory_cap_without_tools: Option<usize>,
pub rag_embedding_model: Option<String>,
pub rag_reranker_model: Option<String>,
pub rag_top_k: usize,
@@ -90,12 +105,17 @@ impl Default for AppConfig {
wrap: None,
wrap_code: false,
vault_password_file: None,
secrets_provider: None,
function_calling_support: true,
mapping_tools: Default::default(),
enabled_tools: None,
visible_tools: None,
skills_enabled: true,
enabled_skills: None,
visible_skills: None,
mcp_server_support: true,
mapping_mcp_servers: Default::default(),
enabled_mcp_servers: None,
@@ -104,6 +124,8 @@ impl Default for AppConfig {
max_auto_continues: 10,
inject_todo_instructions: true,
continuation_prompt: None,
inject_skill_instructions: true,
skill_instructions: None,
repl_prelude: None,
cmd_prelude: None,
@@ -114,6 +136,10 @@ impl Default for AppConfig {
summarization_prompt: None,
summary_context_prompt: None,
memory: None,
memory_cap_with_tools: None,
memory_cap_without_tools: None,
rag_embedding_model: None,
rag_reranker_model: None,
rag_top_k: 5,
@@ -152,12 +178,17 @@ impl AppConfig {
wrap: config.wrap,
wrap_code: config.wrap_code,
vault_password_file: config.vault_password_file,
secrets_provider: config.secrets_provider,
function_calling_support: config.function_calling_support,
mapping_tools: config.mapping_tools,
enabled_tools: config.enabled_tools,
visible_tools: config.visible_tools,
skills_enabled: config.skills_enabled,
enabled_skills: config.enabled_skills,
visible_skills: config.visible_skills,
mcp_server_support: config.mcp_server_support,
mapping_mcp_servers: config.mapping_mcp_servers,
enabled_mcp_servers: config.enabled_mcp_servers,
@@ -166,6 +197,8 @@ impl AppConfig {
max_auto_continues: config.max_auto_continues,
inject_todo_instructions: config.inject_todo_instructions,
continuation_prompt: config.continuation_prompt,
inject_skill_instructions: config.inject_skill_instructions,
skill_instructions: config.skill_instructions,
repl_prelude: config.repl_prelude,
cmd_prelude: config.cmd_prelude,
@@ -176,6 +209,10 @@ impl AppConfig {
summarization_prompt: config.summarization_prompt,
summary_context_prompt: config.summary_context_prompt,
memory: config.memory,
memory_cap_with_tools: config.memory_cap_with_tools,
memory_cap_without_tools: config.memory_cap_without_tools,
rag_embedding_model: config.rag_embedding_model,
rag_reranker_model: config.rag_reranker_model,
rag_top_k: config.rag_top_k,
@@ -197,6 +234,7 @@ impl AppConfig {
clients: config.clients,
};
app_config.load_envs();
app_config.validate_visible_skills()?;
if let Some(wrap) = app_config.wrap.clone() {
app_config.set_wrap(&wrap)?;
}
@@ -206,11 +244,28 @@ impl AppConfig {
Ok(app_config)
}
fn validate_visible_skills(&self) -> Result<()> {
let Some(skills) = self.visible_skills.as_ref() else {
return Ok(());
};
for name in skills {
paths::validate_skill_name(name)
.map_err(|e| anyhow!("invalid entry in visible_skills: {e}"))?;
if !paths::has_skill(name) {
bail!("visible_skills references skill '{name}' which is not installed");
}
}
Ok(())
}
pub fn resolve_model(&mut self) -> Result<()> {
if self.model_id.is_empty() {
let models = list_models(self, crate::client::ModelType::Chat);
if models.is_empty() {
anyhow::bail!("No available model");
bail!("No available model");
}
self.model_id = models[0].id();
}
@@ -219,10 +274,25 @@ impl AppConfig {
pub fn vault_password_file(&self) -> PathBuf {
match &self.vault_password_file {
Some(path) => match path.exists() {
true => path.clone(),
false => gman::config::Config::local_provider_password_file(),
},
Some(path) => {
if path.exists() {
return path.clone();
}
if let Some(translated) = paths::translate_sandboxed_home_path(path)
&& translated.exists()
{
info!(
"vault_password_file '{}' not found; resolved to sandboxed path '{}'",
path.display(),
translated.display()
);
return translated;
}
gman::config::Config::local_provider_password_file()
}
None => gman::config::Config::local_provider_password_file(),
}
}
@@ -376,7 +446,15 @@ impl AppConfig {
self.mapping_tools = v;
}
if let Some(v) = super::read_env_value::<String>(&get_env_name("enabled_tools")) {
self.enabled_tools = v;
self.enabled_tools = v.map(|raw| super::csv_to_vec(&raw));
}
if let Some(Some(v)) = super::read_env_bool(&get_env_name("skills_enabled")) {
self.skills_enabled = v;
}
if let Some(v) = super::read_env_value::<String>(&get_env_name("enabled_skills")) {
self.enabled_skills = v.map(|raw| super::csv_to_vec(&raw));
}
if let Some(Some(v)) = super::read_env_bool(&get_env_name("mcp_server_support")) {
@@ -388,7 +466,7 @@ impl AppConfig {
self.mapping_mcp_servers = v;
}
if let Some(v) = super::read_env_value::<String>(&get_env_name("enabled_mcp_servers")) {
self.enabled_mcp_servers = v;
self.enabled_mcp_servers = v.map(|raw| super::csv_to_vec(&raw));
}
if let Some(v) = super::read_env_value::<String>(&get_env_name("repl_prelude")) {
@@ -490,12 +568,12 @@ impl AppConfig {
}
#[allow(dead_code)]
pub fn set_enabled_tools_default(&mut self, value: Option<String>) {
pub fn set_enabled_tools_default(&mut self, value: Option<Vec<String>>) {
self.enabled_tools = value;
}
#[allow(dead_code)]
pub fn set_enabled_mcp_servers_default(&mut self, value: Option<String>) {
pub fn set_enabled_mcp_servers_default(&mut self, value: Option<Vec<String>>) {
self.enabled_mcp_servers = value;
}
@@ -752,4 +830,42 @@ mod tests {
app.resolve_model().unwrap();
assert_eq!(app.model_id, "provider:explicit");
}
#[test]
fn default_secrets_provider_is_none() {
let app = AppConfig::default();
assert!(app.secrets_provider.is_none());
}
#[test]
fn secrets_provider_can_hold_non_local_variant() {
let app = AppConfig {
secrets_provider: Some(SupportedProvider::Gopass {
provider_def: Default::default(),
}),
..AppConfig::default()
};
assert!(matches!(
app.secrets_provider,
Some(SupportedProvider::Gopass { .. })
));
}
#[test]
fn from_config_copies_secrets_provider() {
let cfg = Config {
model_id: "test-model".to_string(),
clients: vec![ClientConfig::default()],
secrets_provider: Some(SupportedProvider::Gopass {
provider_def: Default::default(),
}),
..Config::default()
};
let app = AppConfig::from_config(cfg).unwrap();
assert!(matches!(
app.secrets_provider,
Some(SupportedProvider::Gopass { .. })
));
}
}
+1 -1
View File
@@ -43,7 +43,7 @@ impl AppState {
start_mcp_servers: bool,
abort_signal: AbortSignal,
) -> Result<Self> {
let vault = Arc::new(Vault::init(&config));
let vault = Arc::new(Vault::init(&config)?);
let mcp_registry = McpRegistry::init(
log_path,
+33 -33
View File
@@ -38,10 +38,10 @@ pub struct Input {
}
impl Input {
pub fn from_str(ctx: &RequestContext, text: &str, role: Option<Role>) -> Self {
let (role, with_session, with_agent) = resolve_role(ctx, role);
pub fn from_str(ctx: &RequestContext, text: &str, role: Option<Role>) -> Result<Self> {
let (role, with_session, with_agent) = resolve_role(ctx, role)?;
let captured = capture_input_config(ctx, &role);
Self {
Ok(Self {
app_config: Arc::clone(&ctx.app.config),
stream_enabled: captured.stream_enabled,
session: captured.session,
@@ -60,7 +60,7 @@ impl Input {
rag_name: None,
with_session,
with_agent,
}
})
}
pub async fn from_files(
@@ -111,7 +111,7 @@ impl Input {
));
}
}
let (role, with_session, with_agent) = resolve_role(ctx, role);
let (role, with_session, with_agent) = resolve_role(ctx, role)?;
let captured = capture_input_config(ctx, &role);
Ok(Self {
app_config: Arc::clone(&ctx.app.config),
@@ -398,14 +398,14 @@ impl Input {
}
}
fn resolve_role(ctx: &RequestContext, role: Option<Role>) -> (Role, bool, bool) {
fn resolve_role(ctx: &RequestContext, role: Option<Role>) -> Result<(Role, bool, bool)> {
match role {
Some(v) => (v, false, false),
None => (
ctx.extract_role(ctx.app.config.as_ref()),
Some(v) => Ok((v, false, false)),
None => Ok((
ctx.extract_role(ctx.app.config.as_ref())?,
ctx.session.is_some(),
ctx.agent.is_some(),
),
)),
}
}
@@ -600,7 +600,7 @@ mod tests {
fn resolve_role_with_explicit_role() {
let ctx = create_test_ctx();
let role = Role::new("custom", "be helpful");
let (resolved, with_session, with_agent) = resolve_role(&ctx, Some(role));
let (resolved, with_session, with_agent) = resolve_role(&ctx, Some(role)).unwrap();
assert_eq!(resolved.name(), "custom");
assert!(!with_session);
assert!(!with_agent);
@@ -609,7 +609,7 @@ mod tests {
#[test]
fn resolve_role_without_role_no_session_no_agent() {
let ctx = create_test_ctx();
let (resolved, with_session, with_agent) = resolve_role(&ctx, None);
let (resolved, with_session, with_agent) = resolve_role(&ctx, None).unwrap();
assert_eq!(resolved.name(), "");
assert!(!with_session);
assert!(!with_agent);
@@ -619,7 +619,7 @@ mod tests {
fn resolve_role_without_role_with_session() {
let mut ctx = create_test_ctx();
ctx.session = Some(Session::default());
let (_resolved, with_session, with_agent) = resolve_role(&ctx, None);
let (_resolved, with_session, with_agent) = resolve_role(&ctx, None).unwrap();
assert!(with_session);
assert!(!with_agent);
}
@@ -629,7 +629,7 @@ mod tests {
let mut ctx = create_test_ctx();
ctx.session = Some(Session::default());
let role = Role::new("explicit", "prompt");
let (_resolved, with_session, _with_agent) = resolve_role(&ctx, Some(role));
let (_resolved, with_session, _with_agent) = resolve_role(&ctx, Some(role)).unwrap();
assert!(!with_session);
}
@@ -695,7 +695,7 @@ mod tests {
#[test]
fn input_from_str_captures_text() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "hello world", None);
let input = Input::from_str(&ctx, "hello world", None).unwrap();
assert_eq!(input.text(), "hello world");
}
@@ -703,7 +703,7 @@ mod tests {
fn input_from_str_with_explicit_role() {
let ctx = create_test_ctx();
let role = Role::new("pirate", "you are a pirate");
let input = Input::from_str(&ctx, "ahoy", Some(role));
let input = Input::from_str(&ctx, "ahoy", Some(role)).unwrap();
assert_eq!(input.role().name(), "pirate");
assert!(!input.with_agent());
}
@@ -715,28 +715,28 @@ mod tests {
config.stream = false;
state.config = Arc::new(config);
let ctx = RequestContext::new(Arc::new(state), WorkingMode::Cmd);
let input = Input::from_str(&ctx, "test", None);
let input = Input::from_str(&ctx, "test", None).unwrap();
assert!(!input.stream_enabled);
}
#[test]
fn input_is_empty_with_no_text_and_no_medias() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "", None);
let input = Input::from_str(&ctx, "", None).unwrap();
assert!(input.is_empty());
}
#[test]
fn input_is_not_empty_with_text() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "hello", None);
let input = Input::from_str(&ctx, "hello", None).unwrap();
assert!(!input.is_empty());
}
#[test]
fn input_set_text_changes_text() {
let ctx = create_test_ctx();
let mut input = Input::from_str(&ctx, "original", None);
let mut input = Input::from_str(&ctx, "original", None).unwrap();
input.set_text("modified".to_string());
assert_eq!(input.text(), "modified");
}
@@ -744,7 +744,7 @@ mod tests {
#[test]
fn input_text_returns_patched_when_set() {
let ctx = create_test_ctx();
let mut input = Input::from_str(&ctx, "original", None);
let mut input = Input::from_str(&ctx, "original", None).unwrap();
input.patched_text = Some("patched".to_string());
assert_eq!(input.text(), "patched");
}
@@ -752,7 +752,7 @@ mod tests {
#[test]
fn input_clear_patch_restores_original() {
let ctx = create_test_ctx();
let mut input = Input::from_str(&ctx, "original", None);
let mut input = Input::from_str(&ctx, "original", None).unwrap();
input.patched_text = Some("patched".to_string());
input.clear_patch();
assert_eq!(input.text(), "original");
@@ -761,7 +761,7 @@ mod tests {
#[test]
fn input_set_continue_output_accumulates() {
let ctx = create_test_ctx();
let mut input = Input::from_str(&ctx, "test", None);
let mut input = Input::from_str(&ctx, "test", None).unwrap();
assert!(input.continue_output().is_none());
input.set_continue_output("first ");
assert_eq!(input.continue_output(), Some("first "));
@@ -772,7 +772,7 @@ mod tests {
#[test]
fn input_set_regenerate_sets_flag_and_clears_tool_calls() {
let ctx = create_test_ctx();
let mut input = Input::from_str(&ctx, "test", None);
let mut input = Input::from_str(&ctx, "test", None).unwrap();
let role = input.role().clone();
assert!(!input.regenerate());
input.set_regenerate(role);
@@ -784,7 +784,7 @@ mod tests {
fn input_summary_truncates_long_text() {
let ctx = create_test_ctx();
let long_text = "a".repeat(200);
let input = Input::from_str(&ctx, &long_text, None);
let input = Input::from_str(&ctx, &long_text, None).unwrap();
let summary = input.summary();
assert!(summary.len() < 200);
assert!(summary.ends_with("..."));
@@ -793,35 +793,35 @@ mod tests {
#[test]
fn input_summary_preserves_short_text() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "short", None);
let input = Input::from_str(&ctx, "short", None).unwrap();
assert_eq!(input.summary(), "short");
}
#[test]
fn input_raw_with_no_files() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "hello", None);
let input = Input::from_str(&ctx, "hello", None).unwrap();
assert_eq!(input.raw(), "hello");
}
#[test]
fn input_render_with_no_medias() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "hello", None);
let input = Input::from_str(&ctx, "hello", None).unwrap();
assert_eq!(input.render(), "hello");
}
#[test]
fn input_with_agent_false_when_no_agent() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "test", None);
let input = Input::from_str(&ctx, "test", None).unwrap();
assert!(!input.with_agent());
}
#[test]
fn input_session_returns_none_when_with_session_false() {
let ctx = create_test_ctx();
let input = Input::from_str(&ctx, "test", Some(Role::new("r", "p")));
let input = Input::from_str(&ctx, "test", Some(Role::new("r", "p"))).unwrap();
let session = Some(Session::default());
assert!(input.session(&session).is_none());
}
@@ -830,7 +830,7 @@ mod tests {
fn input_session_returns_some_when_with_session_true() {
let mut ctx = create_test_ctx();
ctx.session = Some(Session::default());
let input = Input::from_str(&ctx, "test", None);
let input = Input::from_str(&ctx, "test", None).unwrap();
let session = Some(Session::default());
assert!(input.session(&session).is_some());
}
@@ -879,7 +879,7 @@ mod tests {
#[test]
fn from_files_loads_single_text_file() {
let dir = env::temp_dir().join(format!(
"loki-input-test-{}",
"coyote-input-test-{}",
SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.unwrap()
@@ -906,7 +906,7 @@ mod tests {
#[test]
fn from_files_loads_multiple_files() {
let dir = env::temp_dir().join(format!(
"loki-input-test-multi-{}",
"coyote-input-test-multi-{}",
SystemTime::now()
.duration_since(std::time::UNIX_EPOCH)
.unwrap()
+201 -21
View File
@@ -1,10 +1,3 @@
use anyhow::{Context, Result, bail};
use indexmap::IndexMap;
use inquire::{Confirm, Select};
use std::ffi::{OsStr, OsString};
use std::fs;
use std::path::{Path, PathBuf};
use crate::config::{InstallFilter, paths};
#[cfg(not(windows))]
use crate::function::Language;
@@ -12,6 +5,13 @@ use crate::mcp::{McpServer, McpServersConfig};
use crate::utils;
use crate::utils::IS_STDOUT_TERMINAL;
use crate::vault::{Vault, create_vault_password_file, interpolate_secrets};
use anyhow::{Context, Result, anyhow, bail};
use indexmap::IndexMap;
use indoc::formatdoc;
use inquire::{Confirm, Select};
use std::ffi::{OsStr, OsString};
use std::fs;
use std::path::{Path, PathBuf};
pub fn install_remote(git_url: &str, filter: Option<InstallFilter>, force: bool) -> Result<()> {
let (url, reference) = parse_url_with_ref(git_url)?;
@@ -24,7 +24,7 @@ pub fn install_remote(git_url: &str, filter: Option<InstallFilter>, force: bool)
if layout.is_empty() {
println!(
"No recognized assets found in {git_url}. Expected one or more of: \
agents/, roles/, macros/, functions/tools/, functions/mcp.json"
agents/, roles/, skills/, macros/, functions/tools/, functions/mcp.json"
);
return Ok(());
}
@@ -136,7 +136,7 @@ impl Drop for TempRepoDir {
}
fn clone_to_temp(url: &str, reference: Option<&str>) -> Result<TempRepoDir> {
let dest = utils::temp_file("loki-remote-install-", "");
let dest = utils::temp_file("coyote-remote-install-", "");
let dest_arg: OsString = dest.as_os_str().into();
let is_sha = reference
@@ -193,6 +193,7 @@ fn run_git(args: Vec<OsString>) -> Result<()> {
struct RemoteLayout {
agents: Option<PathBuf>,
roles: Option<PathBuf>,
skills: Option<PathBuf>,
macros: Option<PathBuf>,
functions_tools: Option<PathBuf>,
mcp_json: Option<PathBuf>,
@@ -202,6 +203,7 @@ impl RemoteLayout {
fn is_empty(&self) -> bool {
self.agents.is_none()
&& self.roles.is_none()
&& self.skills.is_none()
&& self.macros.is_none()
&& self.functions_tools.is_none()
&& self.mcp_json.is_none()
@@ -215,20 +217,29 @@ fn scan_remote_layout(root: &Path) -> Result<RemoteLayout> {
if agents.is_dir() {
layout.agents = Some(agents);
}
let roles = root.join("roles");
if roles.is_dir() {
layout.roles = Some(roles);
}
let skills = root.join("skills");
if skills.is_dir() {
layout.skills = Some(skills);
}
let macros = root.join("macros");
if macros.is_dir() {
layout.macros = Some(macros);
}
let functions = root.join("functions");
if functions.is_dir() {
let tools = functions.join("tools");
if tools.is_dir() {
layout.functions_tools = Some(tools);
}
let mcp = functions.join("mcp.json");
if mcp.is_file() {
layout.mcp_json = Some(mcp);
@@ -251,6 +262,10 @@ fn apply_filter(mut layout: RemoteLayout, filter: Option<InstallFilter>) -> Remo
roles: layout.roles.take(),
..RemoteLayout::default()
},
InstallFilter::Skills => RemoteLayout {
skills: layout.skills.take(),
..RemoteLayout::default()
},
InstallFilter::Macros => RemoteLayout {
macros: layout.macros.take(),
..RemoteLayout::default()
@@ -308,6 +323,7 @@ fn walk_files_inner(dir: &Path, out: &mut Vec<PathBuf>) -> Result<()> {
enum TopCategory {
Agents,
Roles,
Skills,
Macros,
FunctionsTools,
}
@@ -317,6 +333,7 @@ impl TopCategory {
match self {
TopCategory::Agents => "agents",
TopCategory::Roles => "roles",
TopCategory::Skills => "skills",
TopCategory::Macros => "macros",
TopCategory::FunctionsTools => "functions/tools",
}
@@ -356,6 +373,16 @@ fn plan_changes(layout: &RemoteLayout) -> Result<InstallPlan> {
if let Some(src_dir) = &layout.roles {
plan_dir_into(src_dir, &paths::roles_dir(), TopCategory::Roles, &mut files)?;
}
if let Some(src_dir) = &layout.skills {
plan_dir_into(
src_dir,
&paths::skills_dir(),
TopCategory::Skills,
&mut files,
)?;
}
if let Some(src_dir) = &layout.macros {
plan_dir_into(
src_dir,
@@ -391,6 +418,26 @@ fn plan_dir_into(
let rel = src
.strip_prefix(src_dir)
.expect("walk_files only returns paths under src_dir");
if category == TopCategory::Skills {
let skill_name = rel
.components()
.next()
.and_then(|c| c.as_os_str().to_str())
.ok_or_else(|| {
anyhow!(
"remote skill bundle has unparseable path component: {}",
rel.display()
)
})?;
paths::validate_skill_name(skill_name).with_context(|| {
format!(
"remote skill '{skill_name}' has an invalid name \
(skill names must contain only ASCII alphanumerics, '-', or '_')"
)
})?;
}
let dst = dst_dir.join(rel);
let kind = classify_file(&src, &dst)?;
out.push(PlannedFile {
@@ -457,6 +504,7 @@ fn print_plan_summary(plan: &InstallPlan) {
for cat in [
TopCategory::Agents,
TopCategory::Roles,
TopCategory::Skills,
TopCategory::Macros,
TopCategory::FunctionsTools,
] {
@@ -703,8 +751,21 @@ fn merge_mcp_json(
serde_json::to_string_pretty(&merged).context("failed to serialize merged mcp.json")?;
write_atomically(&final_path, &serialized)?;
let vault = Vault::init_bare();
let (_parsed, missing) = interpolate_secrets(&serialized, &vault);
let vault = Vault::init_bare()?;
let missing = match interpolate_secrets(&serialized, &vault) {
Ok((_, missing)) => missing,
Err(e) => {
eprintln!(
"{}",
formatdoc! {"
Skipping secret resolution for merged mcp.json: {e:#}
Continuing without resolving missing secrets
You may need to add any additional missing secrets to the vault manually.
"}
);
Vec::new()
}
};
let mut deduped: Vec<String> = Vec::new();
for s in missing {
if !deduped.contains(&s) {
@@ -832,7 +893,7 @@ fn handle_missing_secrets(missing: &[String]) -> Result<()> {
}
fn prompt_for_each_secret(missing: &[String]) -> Result<(Vec<String>, Vec<String>)> {
let mut vault = Vault::init_bare();
let mut vault = Vault::init_bare()?;
let mut password_file_ensured = false;
let mut added = Vec::new();
let mut deferred = Vec::new();
@@ -875,7 +936,7 @@ fn print_secret_summary(added: &[String], deferred: &[String]) {
if !deferred.is_empty() {
println!(
"\nThe following secrets are still required by your MCP servers. \
Add them with `loki --add-secret <NAME>` or `.vault add <NAME>` in the REPL:"
Add them with `coyote --add-secret <NAME>` or `.vault add <NAME>` in the REPL:"
);
for name in deferred {
println!(" {{{{ {name} }}}}");
@@ -886,6 +947,62 @@ fn print_secret_summary(added: &[String], deferred: &[String]) {
#[cfg(test)]
mod tests {
use super::*;
use crate::utils::get_env_name;
use serial_test::serial;
use std::env;
use std::time::{SystemTime, UNIX_EPOCH};
struct TestVaultConfigGuard {
dir_key: String,
file_key: String,
previous_dir: Option<OsString>,
previous_file: Option<OsString>,
path: PathBuf,
}
impl TestVaultConfigGuard {
fn new(label: &str) -> Self {
let dir_key = get_env_name("config_dir");
let file_key = get_env_name("config_file");
let previous_dir = env::var_os(&dir_key);
let previous_file = env::var_os(&file_key);
let unique = SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_nanos();
let path = env::temp_dir().join(format!("coyote-vault-test-{label}-{unique}"));
fs::create_dir_all(&path).unwrap();
let config_path = path.join("config.yaml");
fs::write(&config_path, "{}").unwrap();
unsafe {
env::set_var(&dir_key, &path);
env::set_var(&file_key, &config_path);
}
Self {
dir_key,
file_key,
previous_dir,
previous_file,
path,
}
}
}
impl Drop for TestVaultConfigGuard {
fn drop(&mut self) {
unsafe {
match &self.previous_dir {
Some(p) => env::set_var(&self.dir_key, p),
None => env::remove_var(&self.dir_key),
}
match &self.previous_file {
Some(p) => env::set_var(&self.file_key, p),
None => env::remove_var(&self.file_key),
}
}
let _ = fs::remove_dir_all(&self.path);
}
}
#[test]
fn parse_url_no_ref() {
@@ -982,6 +1099,7 @@ mod tests {
let l = RemoteLayout {
agents: Some(PathBuf::from("a")),
roles: Some(PathBuf::from("r")),
skills: Some(PathBuf::from("s")),
macros: Some(PathBuf::from("m")),
functions_tools: Some(PathBuf::from("f")),
mcp_json: Some(PathBuf::from("j")),
@@ -989,8 +1107,8 @@ mod tests {
let out = apply_filter(l, None);
assert!(out.agents.is_some() && out.roles.is_some() && out.macros.is_some());
assert!(out.functions_tools.is_some() && out.mcp_json.is_some());
assert!(out.agents.is_some() && out.roles.is_some() && out.skills.is_some());
assert!(out.macros.is_some() && out.functions_tools.is_some() && out.mcp_json.is_some());
}
#[test]
@@ -998,6 +1116,7 @@ mod tests {
let l = RemoteLayout {
agents: Some(PathBuf::from("a")),
roles: None,
skills: Some(PathBuf::from("s")),
macros: None,
functions_tools: Some(PathBuf::from("f")),
mcp_json: Some(PathBuf::from("j")),
@@ -1006,6 +1125,7 @@ mod tests {
let out = apply_filter(l, Some(InstallFilter::Functions));
assert!(out.agents.is_none());
assert!(out.skills.is_none());
assert_eq!(out.functions_tools, Some(PathBuf::from("f")));
assert!(out.mcp_json.is_none());
}
@@ -1015,6 +1135,7 @@ mod tests {
let l = RemoteLayout {
agents: Some(PathBuf::from("a")),
roles: None,
skills: Some(PathBuf::from("s")),
macros: None,
functions_tools: Some(PathBuf::from("f")),
mcp_json: Some(PathBuf::from("j")),
@@ -1022,7 +1143,7 @@ mod tests {
let out = apply_filter(l, Some(InstallFilter::McpConfig));
assert!(out.agents.is_none() && out.functions_tools.is_none());
assert!(out.agents.is_none() && out.skills.is_none() && out.functions_tools.is_none());
assert_eq!(out.mcp_json, Some(PathBuf::from("j")));
}
@@ -1031,6 +1152,7 @@ mod tests {
let l = RemoteLayout {
agents: Some(PathBuf::from("a")),
roles: Some(PathBuf::from("r")),
skills: Some(PathBuf::from("s")),
macros: Some(PathBuf::from("m")),
functions_tools: Some(PathBuf::from("f")),
mcp_json: Some(PathBuf::from("j")),
@@ -1039,7 +1161,25 @@ mod tests {
let out = apply_filter(l, Some(InstallFilter::Roles));
assert_eq!(out.roles, Some(PathBuf::from("r")));
assert!(out.agents.is_none() && out.macros.is_none());
assert!(out.agents.is_none() && out.skills.is_none() && out.macros.is_none());
assert!(out.functions_tools.is_none() && out.mcp_json.is_none());
}
#[test]
fn apply_filter_skills_keeps_only_skills() {
let l = RemoteLayout {
agents: Some(PathBuf::from("a")),
roles: Some(PathBuf::from("r")),
skills: Some(PathBuf::from("s")),
macros: Some(PathBuf::from("m")),
functions_tools: Some(PathBuf::from("f")),
mcp_json: Some(PathBuf::from("j")),
};
let out = apply_filter(l, Some(InstallFilter::Skills));
assert_eq!(out.skills, Some(PathBuf::from("s")));
assert!(out.agents.is_none() && out.roles.is_none() && out.macros.is_none());
assert!(out.functions_tools.is_none() && out.mcp_json.is_none());
}
@@ -1084,8 +1224,10 @@ mod tests {
#[test]
fn scan_remote_layout_finds_known_subdirs() {
let root = fresh_temp_dir("scan-test-");
fs::create_dir_all(root.join("agents/sample")).unwrap();
fs::create_dir_all(root.join("roles")).unwrap();
fs::create_dir_all(root.join("skills")).unwrap();
fs::create_dir_all(root.join("macros")).unwrap();
fs::create_dir_all(root.join("functions/tools")).unwrap();
touch(&root.join("functions/mcp.json"));
@@ -1094,12 +1236,30 @@ mod tests {
let layout = scan_remote_layout(&root).unwrap();
assert!(layout.agents.is_some());
assert!(layout.roles.is_some());
assert!(layout.skills.is_some());
assert!(layout.macros.is_some());
assert!(layout.functions_tools.is_some());
assert!(layout.mcp_json.is_some());
let _ = fs::remove_dir_all(&root);
}
#[test]
fn scan_remote_layout_finds_skills_only() {
let root = fresh_temp_dir("scan-skills-only-");
fs::create_dir_all(root.join("skills/git-master")).unwrap();
touch(&root.join("skills/git-master/SKILL.md"));
let layout = scan_remote_layout(&root).unwrap();
assert!(layout.skills.is_some());
assert!(layout.agents.is_none());
assert!(layout.roles.is_none());
assert!(layout.macros.is_none());
assert!(layout.functions_tools.is_none());
assert!(layout.mcp_json.is_none());
let _ = fs::remove_dir_all(&root);
}
#[test]
fn scan_remote_layout_ignores_unrelated_files() {
let root = fresh_temp_dir("scan-unrelated-");
@@ -1182,7 +1342,9 @@ mod tests {
}
#[test]
#[serial]
fn merge_into_empty_local_adds_all_remote_servers() {
let _guard = TestVaultConfigGuard::new("merge-empty");
let dir = fresh_temp_dir("merge-empty-");
let remote = dir.join("remote.json");
let target = dir.join("target.json");
@@ -1199,7 +1361,9 @@ mod tests {
}
#[test]
#[serial]
fn merge_force_replaces_local_on_conflict() {
let _guard = TestVaultConfigGuard::new("merge-force");
let dir = fresh_temp_dir("merge-force-");
let remote = dir.join("remote.json");
let target = dir.join("target.json");
@@ -1223,6 +1387,12 @@ mod tests {
#[test]
fn merge_non_tty_conflict_aborts_without_force() {
if *IS_STDOUT_TERMINAL {
eprintln!(
"Skipping merge_non_tty_conflict_aborts_without_force: requires non-TTY stdout"
);
return;
}
let dir = fresh_temp_dir("merge-non-tty-");
let remote = dir.join("remote.json");
let target = dir.join("target.json");
@@ -1259,23 +1429,27 @@ mod tests {
}
#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
#[serial]
async fn merge_detects_missing_secrets_in_output() {
let _guard = TestVaultConfigGuard::new("merge-secret");
let dir = fresh_temp_dir("merge-secret-");
let remote = dir.join("remote.json");
let target = dir.join("target.json");
write_mcp(
&remote,
r#"{"mcpServers": {"x": {"type":"stdio","command":"echo","env":{"K":"{{LOKI_TEST_MERGE_SECRET}}"}}}}"#,
r#"{"mcpServers": {"x": {"type":"stdio","command":"echo","env":{"K":"{{COYOTE_TEST_MERGE_SECRET}}"}}}}"#,
);
let report = merge_mcp_json(None, &remote, &target, false).unwrap();
assert_eq!(report.missing_secrets, vec!["LOKI_TEST_MERGE_SECRET"]);
assert_eq!(report.missing_secrets, vec!["COYOTE_TEST_MERGE_SECRET"]);
let _ = fs::remove_dir_all(&dir);
}
#[test]
#[serial]
fn merge_is_idempotent_on_re_run() {
let _guard = TestVaultConfigGuard::new("merge-idempotent");
let dir = fresh_temp_dir("merge-idempotent-");
let remote = dir.join("remote.json");
let target = dir.join("target.json");
@@ -1299,9 +1473,15 @@ mod tests {
#[test]
fn handle_missing_secrets_defers_all_in_non_tty() {
if *IS_STDOUT_TERMINAL {
eprintln!(
"Skipping handle_missing_secrets_defers_all_in_non_tty: requires non-TTY stdout"
);
return;
}
let missing = vec![
"LOKI_TEST_STEP4_A".to_string(),
"LOKI_TEST_STEP4_B".to_string(),
"COYOTE_TEST_STEP4_A".to_string(),
"COYOTE_TEST_STEP4_B".to_string(),
];
assert!(handle_missing_secrets(&missing).is_ok());

Some files were not shown because too many files have changed in this diff Show More