+1 -1

.codex/rules/solstone.rules

reviewed

··· 5 5 prefix_rule( 6 6 pattern=["sol", "call"], 7 7 decision="allow", 8 8 - justification="sol call invokes read-only journal query commands", 8 8 + justification="sol call invokes journal query and agent handoff commands", 9 9 match=["sol call todos list", "sol call entities list"], 10 10 not_match=["sol restart-convey"], 11 11 )

+391

muse/coder.md

reviewed

··· 1 1 + { 2 2 + "type": "cogitate", 3 3 + "write": true, 4 4 + 5 5 + "title": "Coder", 6 6 + "description": "Write-enabled developer agent for implementing code changes", 7 7 + "schedule": "none", 8 8 + "instructions": {"system": "journal"} 9 9 + } 10 10 + 11 11 + You are a developer agent working in the solstone codebase. 12 12 + 13 13 + Your job is to take an implementation prompt, understand the relevant code, 14 14 + make the requested change, verify it, and report back clearly. 15 15 + 16 16 + ## Workflow 17 17 + 18 18 + You should work in this order: 19 19 + 20 20 + 1. Read the prompt carefully and identify the exact requested scope. 21 21 + 2. Research the relevant files, functions, and tests before editing. 22 22 + 3. Implement the smallest correct change that satisfies the request. 23 23 + 4. Run the relevant tests and checks. 24 24 + 5. Commit your changes if the task calls for a commit. 25 25 + 6. Report what changed, how it was verified, and any followups or risks. 26 26 + 27 27 + You should not add extra features that were not requested. Keep changes clean, 28 28 + maintainable, and consistent with the existing codebase. 29 29 + 30 30 + ## Development Guidelines 31 31 + 32 32 + You should treat **solstone** as a Python-based AI-driven desktop journaling 33 33 + toolkit with three packages: `observe/` for multimodal capture and AI-powered 34 34 + analysis, `think/` for data post-processing, AI agent orchestration, and 35 35 + intelligent insights, and `convey/` for the web application, with `apps/` for 36 36 + extensions. The project uses a modular architecture where each package can 37 37 + operate independently while sharing common utilities and data formats through 38 38 + the journal system. 39 39 + 40 40 + ### Key Concepts 41 41 + 42 42 + You should understand these concepts before changing the system: 43 43 + 44 44 + - **Journal**: Central data structure organized as `journal/YYYYMMDD/` 45 45 + directories. All captured data, transcripts, and analysis artifacts are 46 46 + stored here. 47 47 + - **Facets**: Project/context organization system that groups related content 48 48 + and provides scoped views of entities, tasks, and activities. 49 49 + - **Entities**: Extracted information tracked over time across transcripts and 50 50 + interactions and associated with facets for semantic navigation. 51 51 + - **Agents**: AI processors with configurable prompts that analyze content, 52 52 + extract insights, and respond to queries. 53 53 + - **Callosum**: Message bus that enables asynchronous communication between 54 54 + components. 55 55 + - **Indexer**: Builds and maintains SQLite database from journal data, 56 56 + enabling fast search and retrieval. 57 57 + 58 58 + ### Architecture 59 59 + 60 60 + You should keep the overall architecture in mind: 61 61 + 62 62 + - **Core Pipeline**: `observe` (capture) -> JSON transcripts -> `think` 63 63 + (analyze) -> SQLite index -> `convey` (web UI) 64 64 + 65 65 + You should also respect the data organization: 66 66 + 67 67 + - Everything organized under `journal/YYYYMMDD/` daily directories. 68 68 + - Import segments are anchored to creation/modification time, not content 69 69 + "about" time. 70 70 + - Facets provide project-scoped organization and filtering. 71 71 + - Entities are extracted from transcripts and tracked across time. 72 72 + - Indexer builds SQLite database for fast search and retrieval. 73 73 + 74 74 + You should understand component communication: 75 75 + 76 76 + - Callosum message bus enables async communication between services. 77 77 + - Cortex orchestrates AI agent execution via `sol cortex`, spawning agent 78 78 + subprocesses with agent configurations. 79 79 + - The unified CLI is `sol`. Run `sol` to see status and available commands. 80 80 + 81 81 + ### Quick Commands 82 82 + 83 83 + You should use these commands as needed: 84 84 + 85 85 + ```bash 86 86 + make install # Install package (includes all deps) 87 87 + make skills # Discover and symlink Agent Skills from muse/ dirs 88 88 + make format # Auto-fix formatting, then report remaining issues 89 89 + make test # Run unit tests 90 90 + make ci # Full CI check (format check + lint + test) 91 91 + make dev # Start stack (Ctrl+C to stop) 92 92 + ``` 93 93 + 94 94 + ## Project Structure 95 95 + 96 96 + You should know the directory layout: 97 97 + 98 98 + ```text 99 99 + solstone/ 100 100 + ├── sol.py # Unified CLI entry point (run: sol <command>) 101 101 + ├── observe/ # Multimodal capture & AI analysis 102 102 + ├── think/ # Data post-processing, AI agents & orchestration 103 103 + ├── convey/ # Web app frontend & backend 104 104 + ├── apps/ # Convey app extensions (see docs/APPS.md) 105 105 + ├── muse/ # Agent/generator configs + Agent Skills (muse/*/SKILL.md) 106 106 + ├── tests/ # Pytest test suites + test fixtures under tests/fixtures/ 107 107 + ├── docs/ # All documentation (*.md files) 108 108 + ├── AGENTS.md # Development guidelines 109 109 + ├── CLAUDE.md # Symlink to AGENTS.md for Claude Code 110 110 + └── README.md # Project overview 111 111 + ``` 112 112 + 113 113 + Each package has a README.md symlink pointing to its documentation in `docs/`. 114 114 + 115 115 + ### Package Organization 116 116 + 117 117 + You should follow these package-level conventions: 118 118 + 119 119 + - **Python**: Requires Python 3.10+ 120 120 + - **Modules**: Each top-level folder is a Python package with `__init__.py` 121 121 + unless it is data-only (e.g., `tests/fixtures/`) 122 122 + - **Imports**: Prefer absolute imports (e.g., 123 123 + `from think.utils import setup_cli`) whenever feasible 124 124 + - **Entry Points**: Commands are registered in `sol.py`'s `COMMANDS` dict 125 125 + (`pyproject.toml` just defines the `sol` entry point) 126 126 + - **Journal**: Data stored under `journal/` at the project root 127 127 + - **Calling**: When calling other modules as a separate process always use 128 128 + `sol <command>` and never call using `python -m ...` (e.g., use 129 129 + `sol indexer`, NOT `python -m think.indexer`) 130 130 + 131 131 + ### CLI Routing 132 132 + 133 133 + You should remember that `sol.py`'s `COMMANDS` dict maps command names to 134 134 + module paths. The unified CLI is `sol`. Run `sol` to see status and available 135 135 + commands. `sol call` routes to `think/call.py`, which discovers 136 136 + `apps/*/call.py` Typer sub-apps and mounts them as subcommands. 137 137 + 138 138 + ### Agent And Skill Organization 139 139 + 140 140 + You should treat `muse/*.md` as the home for agent personas and generator 141 141 + templates. Apps can add their own in `apps/*/muse/*.md`. Skills live at 142 142 + `muse/*/SKILL.md` and are symlinked to `.agents/skills/` and 143 143 + `.claude/skills/` via `make skills`. 144 144 + 145 145 + ### File Locations 146 146 + 147 147 + You should know these common locations: 148 148 + 149 149 + - **Entry Points**: `sol.py` `COMMANDS` dict 150 150 + - **Test Fixtures**: `tests/fixtures/journal/` - complete mock journal 151 151 + - **Live Logs**: `journal/health/<service>.log` 152 152 + - **Agent Personas**: `muse/*.md` (apps can add their own in `muse/`, see 153 153 + `docs/APPS.md`) 154 154 + - **Generator Templates**: `muse/*.md` (apps can add their own in `muse/`, 155 155 + see `docs/APPS.md`) 156 156 + - **Agent Skills**: `muse/*/SKILL.md` - symlinked to `.agents/skills/` and 157 157 + `.claude/skills/` via `make skills` 158 158 + - **Scratch Space**: `scratch/` - git-ignored local workspace 159 159 + 160 160 + ## Coding Standards 161 161 + 162 162 + ### Language And Tools 163 163 + 164 164 + You should use: 165 165 + 166 166 + - **Ruff** (`make format`) for formatting, linting, and import sorting 167 167 + - **mypy** (`make check`) for type checking 168 168 + 169 169 + Configuration lives in `pyproject.toml`. 170 170 + 171 171 + ### Naming Conventions 172 172 + 173 173 + You should follow: 174 174 + 175 175 + - **Modules/Functions/Variables**: `snake_case` 176 176 + - **Classes**: `PascalCase` 177 177 + - **Constants**: `UPPER_SNAKE_CASE` 178 178 + - **Private Members**: `_leading_underscore` 179 179 + 180 180 + ### Code Organization 181 181 + 182 182 + You should structure code this way: 183 183 + 184 184 + - **Imports**: Prefer absolute imports, grouped (stdlib, third-party, local), 185 185 + one per line 186 186 + - **Docstrings**: Google or NumPy style with parameter/return descriptions 187 187 + - **Type Hints**: Should be included on function signatures (legacy helpers may 188 188 + still need updates) 189 189 + - **File Structure**: Constants -> helpers -> classes -> main/CLI 190 190 + 191 191 + ### File Headers 192 192 + 193 193 + All source code files, but not text or markdown files or prompts, must begin 194 194 + with: 195 195 + 196 196 + ```python 197 197 + # SPDX-License-Identifier: AGPL-3.0-only 198 198 + # Copyright (c) 2026 sol pbc 199 199 + ``` 200 200 + 201 201 + Use `//` comments for JavaScript files. 202 202 + 203 203 + ### Development Principles 204 204 + 205 205 + You should follow these principles: 206 206 + 207 207 + - **DRY, KISS, YAGNI**: Extract common logic, prefer simple solutions, don't 208 208 + over-engineer 209 209 + - **Single Responsibility**: Functions/classes do one thing well 210 210 + - **Conciseness & Maintainability**: Clear code over clever code 211 211 + - **Robustness**: Minimize assumptions that must be kept in sync across the 212 212 + codebase, avoid fragility and increasing maintenance burden 213 213 + - **Self-Contained Codebase**: All code that depends on this project lives 214 214 + within this repository. Never add backwards-compatibility shims, fallback 215 215 + aliases, re-exports for moved symbols, deprecated parameter handling, or 216 216 + legacy support code. When renaming or removing something, update all usages 217 217 + directly. For journal data format changes, write a migration script instead 218 218 + of adding compatibility layers. 219 219 + - **Security**: Never expose secrets, validate/sanitize all inputs 220 220 + - **Performance**: Profile before optimizing 221 221 + - **Git**: Small focused commits, descriptive branch names. Run git commands 222 222 + directly since you're already in the repo. 223 223 + 224 224 + ### Dependencies 225 225 + 226 226 + You should minimize dependencies and prefer the standard library when possible. 227 227 + All dependencies must be added to `dependencies` in `pyproject.toml`. 228 228 + 229 229 + You should use the package manager `uv`: 230 230 + 231 231 + - `uv.lock` is committed 232 232 + - `make install` syncs from the lock file 233 233 + - `make update` upgrades deps and regenerates the lock file 234 234 + 235 235 + ## Testing 236 236 + 237 237 + ### Test Structure 238 238 + 239 239 + You should use pytest with coverage reporting. 240 240 + 241 241 + Unit tests live in `tests/`: 242 242 + 243 243 + - Fast 244 244 + - No external API calls 245 245 + - Use `tests/fixtures/journal/` mock data 246 246 + - Test individual functions and modules 247 247 + 248 248 + Integration tests live in `tests/integration/`: 249 249 + 250 250 + - Test real backends (Anthropic, OpenAI, Google) 251 251 + - Require API keys in `.env` 252 252 + - Test end-to-end workflows 253 253 + 254 254 + Naming conventions: 255 255 + 256 256 + - Files `test_*.py` 257 257 + - Functions `test_*` 258 258 + - Shared fixtures in `tests/conftest.py` 259 259 + 260 260 + ### Fixture Journal 261 261 + 262 262 + You should use the fixture journal pattern when tests need journal data: 263 263 + 264 264 + ```python 265 265 + os.environ["_SOLSTONE_JOURNAL_OVERRIDE"] = "tests/fixtures/journal" 266 266 + ``` 267 267 + 268 268 + The `tests/fixtures/journal/` directory contains a complete mock journal 269 269 + structure with sample facets, agents, transcripts, and indexed data for 270 270 + testing. 271 271 + 272 272 + ### Running Tests 273 273 + 274 274 + You should use these commands: 275 275 + 276 276 + - `make test` for unit tests 277 277 + - `make test-apps` to run app tests 278 278 + - `make test-integration` for integration tests 279 279 + - `make test-all` to run all tests (core + apps + integration) 280 280 + - `make test-only TEST=path` to run specific tests 281 281 + - `make coverage` to generate a coverage report 282 282 + - `make ci` before committing (formats, lints, tests) 283 283 + - Always run `sol restart-convey` after editing `convey/` or `apps/` to reload 284 284 + code 285 285 + - Use `sol screenshot <route>` to capture UI screenshots for visual testing 286 286 + 287 287 + ### Worktree Development 288 288 + 289 289 + You should know how to run the full stack against fixture data: 290 290 + 291 291 + ```bash 292 292 + make dev # Start stack (Ctrl+C to stop) 293 293 + ``` 294 294 + 295 295 + In a second terminal: 296 296 + 297 297 + ```bash 298 298 + export _SOLSTONE_JOURNAL_OVERRIDE=tests/fixtures/journal 299 299 + export PATH=$(pwd)/.venv/bin:$PATH 300 300 + sol screenshot / -o scratch/home.png 301 301 + curl -s http://localhost:$(cat tests/fixtures/journal/health/convey.port)/ 302 302 + ``` 303 303 + 304 304 + Notes: 305 305 + 306 306 + - Agents won't execute without API keys - this is expected in worktrees 307 307 + - Output artifacts go in `scratch/` (git-ignored) 308 308 + - Service logs: `tests/fixtures/journal/health/<service>.log` 309 309 + - `make dev` writes runtime artifacts into the fixtures journal and they should 310 310 + never be committed 311 311 + 312 312 + ## Environment 313 313 + 314 314 + ### Journal Path 315 315 + 316 316 + You should treat the journal as living at `journal/` in the project root. 317 317 + `get_journal()` from `think.utils` returns the path. For tests, set 318 318 + `_SOLSTONE_JOURNAL_OVERRIDE` to override. 319 319 + 320 320 + ### API Keys 321 321 + 322 322 + You should store API keys in `.env` and never commit them. 323 323 + 324 324 + ### Error Handling And Logging 325 325 + 326 326 + You should: 327 327 + 328 328 + - Raise specific exceptions with clear messages 329 329 + - Use the logging module, not print statements 330 330 + - Validate all external inputs (paths, user data) 331 331 + - Fail fast with clear errors and avoid silent failures 332 332 + 333 333 + ### Documentation 334 334 + 335 335 + You should: 336 336 + 337 337 + - Update README files for new functionality 338 338 + - Write code comments that explain "why" not "what" 339 339 + - Include type hints on function signatures and highlight gaps when touching 340 340 + older modules 341 341 + - Browse `docs/` for subsystem documentation such as `JOURNAL.md`, 342 342 + `APPS.md`, `CORTEX.md`, `CALLOSUM.md`, and `THINK.md` 343 343 + - Read `docs/APPS.md` before modifying `apps/` 344 344 + 345 345 + ### Git Practices 346 346 + 347 347 + You should make small focused commits with descriptive branch names and run git 348 348 + commands directly from the repo root. 349 349 + 350 350 + ### Getting Help 351 351 + 352 352 + You should: 353 353 + 354 354 + - Run `sol` for status and CLI command list 355 355 + - Check `docs/DOCTOR.md` for debugging and diagnostics 356 356 + - Browse `docs/` for subsystem documentation 357 357 + - Review tests in `tests/` for usage examples 358 358 + 359 359 + ## Implementation Expectations 360 360 + 361 361 + When you implement a change, you should: 362 362 + 363 363 + - Read the relevant code paths before editing 364 364 + - Follow existing patterns in nearby code and tests 365 365 + - Prefer the smallest correct change 366 366 + - Update all affected callers when renaming or removing behavior 367 367 + - Avoid compatibility shims unless explicitly requested 368 368 + - Keep prompts, config flow, and CLI behavior consistent with surrounding code 369 369 + 370 370 + When you test a change, you should: 371 371 + 372 372 + - Run the most relevant targeted tests first when useful 373 373 + - Run the required repository-level verification the task asks for 374 374 + - Investigate failures and fix the ones caused by your changes 375 375 + - Report any failures that are unrelated and not safely fixable within scope 376 376 + 377 377 + When you commit, you should: 378 378 + 379 379 + - Commit only if the task asks for it 380 380 + - Keep the commit focused on the requested change 381 381 + - Use a descriptive message 382 382 + 383 383 + ## Report 384 384 + 385 385 + After completing the work, you should summarize: 386 386 + 387 387 + - What files changed 388 388 + - What behavior changed 389 389 + - What tests or checks were run 390 390 + - Whether they passed 391 391 + - Any risks, issues, or followups the reviewer should know about

+22 -1

tests/test_anthropic_cli.py

reviewed

··· 17 17 18 18 19 19 def _anthropic_provider(): 20 20 - return importlib.import_module("think.providers.anthropic") 20 20 + return importlib.reload(importlib.import_module("think.providers.anthropic")) 21 21 + 22 22 + 23 23 + def _assert_write_mode_bypasses_restrictions(make_runner): 24 24 + provider = _anthropic_provider() 25 25 + MockCLIRunner = make_runner() 26 26 + with ( 27 27 + patch("think.providers.anthropic.CLIRunner", MockCLIRunner), 28 28 + patch("think.providers.anthropic.check_cli_binary"), 29 29 + ): 30 30 + asyncio.run( 31 31 + provider.run_cogitate( 32 32 + {"prompt": "hello", "model": "claude-sonnet-4", "write": True}, 33 33 + lambda e: None, 34 34 + ) 35 35 + ) 36 36 + cmd = MockCLIRunner.last_instance.cmd 37 37 + assert cmd[cmd.index("--permission-mode") + 1] == "bypassPermissions" 38 38 + assert "--allowedTools" not in cmd 21 39 22 40 23 41 @pytest.fixture ··· 391 409 cmd = MockCLIRunner.last_instance.cmd 392 410 assert cmd[cmd.index("--permission-mode") + 1] == "plan" 393 411 assert cmd[cmd.index("--allowedTools") + 1] == "Bash(sol call *)" 412 412 + 413 413 + def test_write_mode_bypasses_restrictions(self): 414 414 + _assert_write_mode_bypasses_restrictions(self._mock_runner)

+19 -1

tests/test_google_cli.py

reviewed

··· 13 13 14 14 15 15 def _google_provider(): 16 16 - return importlib.import_module("think.providers.google") 16 16 + return importlib.reload(importlib.import_module("think.providers.google")) 17 17 + 18 18 + 19 19 + def _assert_write_mode_removes_allowed_tools(make_runner): 20 20 + provider = _google_provider() 21 21 + MockCLIRunner = make_runner() 22 22 + with patch("think.providers.google.CLIRunner", MockCLIRunner): 23 23 + asyncio.run( 24 24 + provider.run_cogitate( 25 25 + {"prompt": "hello", "model": "gemini-2.5-flash", "write": True}, 26 26 + lambda e: None, 27 27 + ) 28 28 + ) 29 29 + cmd = MockCLIRunner.last_instance.cmd 30 30 + assert "--yolo" in cmd 31 31 + assert "--allowed-tools" not in cmd 17 32 18 33 19 34 class TestTranslateGemini: ··· 326 341 cmd = MockCLIRunner.last_instance.cmd 327 342 assert "--yolo" in cmd 328 343 assert cmd[cmd.index("--allowed-tools") + 1] == "run_shell_command(sol call)" 344 344 + 345 345 + def test_write_mode_removes_allowed_tools(self): 346 346 + _assert_write_mode_removes_allowed_tools(self._mock_runner)

+56

tests/test_handoff.py

reviewed

··· 1 1 + # SPDX-License-Identifier: AGPL-3.0-only 2 2 + # Copyright (c) 2026 sol pbc 3 3 + 4 4 + """Tests for the handoff CLI command.""" 5 5 + 6 6 + import importlib 7 7 + from unittest.mock import patch 8 8 + 9 9 + from typer.testing import CliRunner 10 10 + 11 11 + runner = CliRunner() 12 12 + 13 13 + 14 14 + def _call_app(): 15 15 + call_mod = importlib.reload(importlib.import_module("think.call")) 16 16 + return call_mod.call_app 17 17 + 18 18 + 19 19 + def _invoke_handoff(*args, input_text=""): 20 20 + return runner.invoke(_call_app(), ["handoff", *args], input=input_text) 21 21 + 22 22 + 23 23 + def _assert_handoff_success(): 24 24 + with patch( 25 25 + "think.cortex_client.cortex_request", return_value="agent-123" 26 26 + ) as mock_cr: 27 27 + result = _invoke_handoff("coder", input_text="fix the bug\n") 28 28 + assert result.exit_code == 0 29 29 + assert "agent-123" in result.output 30 30 + mock_cr.assert_called_once_with(prompt="fix the bug", name="coder") 31 31 + 32 32 + 33 33 + def _assert_handoff_empty_stdin(): 34 34 + result = _invoke_handoff("coder", input_text="") 35 35 + assert result.exit_code == 1 36 36 + assert ( 37 37 + "no prompt" in result.output.lower() 38 38 + or "no prompt" in (result.stderr or "").lower() 39 39 + ) 40 40 + 41 41 + 42 42 + def _assert_handoff_cortex_failure(): 43 43 + with patch("think.cortex_client.cortex_request", return_value=None): 44 44 + result = _invoke_handoff("coder", input_text="fix the bug\n") 45 45 + assert result.exit_code == 1 46 46 + 47 47 + 48 48 + class TestHandoff: 49 49 + def test_success(self): 50 50 + _assert_handoff_success() 51 51 + 52 52 + def test_empty_stdin(self): 53 53 + _assert_handoff_empty_stdin() 54 54 + 55 55 + def test_cortex_failure(self): 56 56 + _assert_handoff_cortex_failure()

+32 -1

tests/test_openai.py

reviewed

··· 12 12 13 13 14 14 def _openai_provider(): 15 15 - return importlib.import_module("think.providers.openai") 15 15 + return importlib.reload(importlib.import_module("think.providers.openai")) 16 16 + 17 17 + 18 18 + def _assert_write_mode_sandbox(): 19 19 + provider = _openai_provider() 20 20 + 21 21 + class MockCLIRunner: 22 22 + last_instance = None 23 23 + 24 24 + def __init__(self, **kwargs): 25 25 + self.kwargs = kwargs 26 26 + self.cmd = kwargs["cmd"] 27 27 + self.prompt_text = kwargs["prompt_text"] 28 28 + self.cli_session_id = "test-session-id" 29 29 + self.run = AsyncMock(return_value="test result") 30 30 + MockCLIRunner.last_instance = self 31 31 + 32 32 + with patch("think.providers.openai.CLIRunner", MockCLIRunner): 33 33 + asyncio.run( 34 34 + provider.run_cogitate( 35 35 + {"prompt": "hello", "model": GPT_5, "write": True}, 36 36 + lambda e: None, 37 37 + ) 38 38 + ) 39 39 + 40 40 + cmd = MockCLIRunner.last_instance.cmd 41 41 + assert "-s" in cmd 42 42 + s_idx = cmd.index("-s") 43 43 + assert cmd[s_idx + 1] == "write" 16 44 17 45 18 46 def _make_test_harness(): ··· 284 312 == f'model_reasoning_effort="{expected_effort}"' 285 313 ) 286 314 assert MockCLIRunner.last_instance.cmd[-1] == "-" 315 315 + 316 316 + def test_write_mode_sandbox(self): 317 317 + _assert_write_mode_sandbox() 287 318 288 319 def test_resume_command(self): 289 320 provider = _openai_provider()

+22

think/call.py

reviewed

··· 108 108 typer.echo(f"Navigate: {' '.join(parts)}") 109 109 110 110 111 111 + @call_app.command("handoff") 112 112 + def handoff( 113 113 + agent: str = typer.Argument(..., help="Agent name to hand off to."), 114 114 + ) -> None: 115 115 + """Hand off a prompt to an agent via Cortex. Reads prompt from stdin.""" 116 116 + import sys 117 117 + 118 118 + from think.cortex_client import cortex_request 119 119 + 120 120 + prompt = sys.stdin.read().strip() 121 121 + if not prompt: 122 122 + typer.echo("Error: no prompt provided on stdin", err=True) 123 123 + raise typer.Exit(1) 124 124 + 125 125 + agent_id = cortex_request(prompt=prompt, name=agent) 126 126 + if agent_id is None: 127 127 + typer.echo("Error: failed to send cortex request", err=True) 128 128 + raise typer.Exit(1) 129 129 + 130 130 + typer.echo(agent_id) 131 131 + 132 132 + 111 133 def main() -> None: 112 134 """Entry point for ``sol call``.""" 113 135 call_app()

+30 -14

think/providers/anthropic.py

reviewed

··· 239 239 240 240 prompt_body, system_instruction = assemble_prompt(config) 241 241 242 242 - cmd = [ 243 243 - "claude", 244 244 - "-p", 245 245 - "-", 246 246 - "--verbose", 247 247 - "--output-format", 248 248 - "stream-json", 249 249 - "--permission-mode", 250 250 - "plan", 251 251 - "--allowedTools", 252 252 - "Bash(sol call *)", 253 253 - "--model", 254 254 - model, 255 255 - ] 242 242 + # Build CLI command 243 243 + if config.get("write"): 244 244 + # Write mode: full tool access for developer agents 245 245 + cmd = [ 246 246 + "claude", 247 247 + "-p", 248 248 + "-", 249 249 + "--verbose", 250 250 + "--output-format", 251 251 + "stream-json", 252 252 + "--permission-mode", 253 253 + "bypassPermissions", 254 254 + "--model", 255 255 + model, 256 256 + ] 257 257 + else: 258 258 + cmd = [ 259 259 + "claude", 260 260 + "-p", 261 261 + "-", 262 262 + "--verbose", 263 263 + "--output-format", 264 264 + "stream-json", 265 265 + "--permission-mode", 266 266 + "plan", 267 267 + "--allowedTools", 268 268 + "Bash(sol call *)", 269 269 + "--model", 270 270 + model, 271 271 + ] 256 272 257 273 if system_instruction: 258 274 cmd.extend(["--system-prompt", system_instruction])

+5 -6

think/providers/google.py

reviewed

··· 597 597 prompt_body = system_instruction + "\n\n" + prompt_body 598 598 599 599 # Build CLI command — yolo mode auto-approves all tool calls 600 600 - # (required for headless subprocess use). Allowed shell commands 601 601 - # are constrained by --allowed-tools prefix matching. 600 600 + # (required for headless subprocess use). 602 601 cmd = [ 603 602 "gemini", 604 603 "-p", ··· 606 605 "-o", 607 606 "stream-json", 608 607 "--yolo", 609 609 - "--allowed-tools", 610 610 - "run_shell_command(sol call)", 611 611 - "-m", 612 612 - model, 613 608 ] 609 609 + if not config.get("write"): 610 610 + # Read-only mode: constrain to journal query commands 611 611 + cmd.extend(["--allowed-tools", "run_shell_command(sol call)"]) 612 612 + cmd.extend(["-m", model]) 614 613 615 614 # Resume from previous session if continuing 616 615 if session_id:

+3 -2

think/providers/openai.py

reviewed

··· 177 177 # Build command — sandbox is read-only; "sol call" commands bypass 178 178 # the sandbox via exec-policy rules in .codex/rules/solstone.rules 179 179 session_id = config.get("session_id") 180 180 + sandbox = "write" if config.get("write") else "read-only" 180 181 if session_id: 181 182 cmd = [ 182 183 "codex", ··· 185 186 session_id, 186 187 "--json", 187 188 "-s", 188 188 - "read-only", 189 189 + sandbox, 189 190 "-m", 190 191 model, 191 192 ] 192 193 else: 193 193 - cmd = ["codex", "exec", "--json", "-s", "read-only", "-m", model] 194 194 + cmd = ["codex", "exec", "--json", "-s", sandbox, "-m", model] 194 195 195 196 if effort: 196 197 cmd.extend(["-c", f'model_reasoning_effort="{effort}"'])