diff --git a/documentation/TODO__Agents.md b/documentation/TODO__Agents.md index 879c7ef..26a5126 100644 --- a/documentation/TODO__Agents.md +++ b/documentation/TODO__Agents.md @@ -98,7 +98,7 @@ system prompt by `context_loader.py` at all tiers. - Params: `conversation_token: str` (optional, defaults to notification_room), `limit: int = 20` - Returns last N messages with sender + timestamp, chronological order - Admin-only; requires `nc_username` and `nc_app_password` in channels.json under `nextcloud` -- [ ] **`task_list` priority filter** — add `priority` param alongside existing `status` +- [x] **`task_list` priority filter** — add `priority` param alongside existing `status` — 2026-05-12 - [x] **`http_fetch` max_chars** — optional param, default 8192, cap at 32768 — 2026-05-09 - [x] **`web_read(url, max_chars=16000)`** — clean article extraction via trafilatura; strips ads/nav/boilerplate, returns markdown — 2026-05-09 - [x] **`session_read(date)`** — read a full session log by YYYY-MM-DD date; lists available dates if not found — 2026-05-09 @@ -128,22 +128,17 @@ ability to act on HA via the REST API. - [ ] **Richer payload template** — update `rest_command` in HA to include `trigger.to_state.attributes`, `area_name`, and `previous_state` so Inara gets full device context automatically. -- [ ] **HA API tools** — add dedicated orchestrator tools in `cortex/tools/homeassistant.py`: +- [x] **HA API tools** — `cortex/tools/homeassistant.py` — 2026-05-12 - `ha_get_state(entity_id)` — current state + attributes of any entity - `ha_call_service(domain, service, data)` — turn on lights, set HVAC, lock doors, etc. - `ha_get_states(area=None, domain=None)` — list states with optional filter - Auth via Long-Lived Access Token stored in `channels.json` under `homeassistant.token` - HA URL from `channels.json` under `homeassistant.url` -- [ ] **Store HA config in channels.json** — add `url` and `token` fields alongside - `webhook_id` so tools can reach the HA REST API (`https://ha.dgrzone.com`) -- [ ] **`ha_call_service` confirm-required** — destructive actions (locks, alarms) should - go through the confirmation gate +- [x] **Store HA config in channels.json** — `url`, `token`, `webhook_id` fields under `homeassistant`; managed via `/settings/notifications` — 2026-05-12 +- [x] **`ha_call_service` confirm-required** — 2026-05-12 ### [UX] Session delete confirmation -The session delete button in the sidebar needs a confirmation step before firing — currently -it deletes immediately on click with no undo. A simple `confirm()` dialog or an inline -"Are you sure? [Delete] [Cancel]" reveal would prevent accidental data loss. -- [ ] Add confirm step to session delete button click handler in `app.js` +- [x] Inline "Delete this session? [Delete] [Cancel]" reveal on `×` click in `app.js` — 2026-05-12 - [ ] Consider: also confirm for message-level delete (Edit/Delete hover controls) ### [UI] File attachments in chat @@ -484,7 +479,10 @@ other based on resources and specialisation. No central coordinator required. ### [Tools] Orchestrator tool expansions — Round 3 -- [ ] **`spawn_agent` tool restrictions** — add `allow_tools` and `deny_tools` optional params to `spawn_agent` so the spawning agent can restrict which tools a sub-agent has access to, independent of role config. - - Role config remains the authoritative max; spawner provides per-call restriction. +- [x] **`spawn_agent` tool restrictions** — `allow_tools` and `deny_tools` per-call params — 2026-05-12 + - Role config remains the authoritative ceiling; spawner can only restrict further + - `allow_tools`: intersected with role tool list; if role list is None, used directly (role gate still applies) + - `deny_tools`: removed from tool list; falls back to `confirm_deny` gate when tool list is unrestricted - Design spec: `ARCH__FUTURE.md` §12 - - Files to touch: `cortex/tools/agents.py` (filtering logic), Gemini `FunctionDeclaration` (new params) +- [x] **`file_diff`** — unified diff of two project-scoped files (`diff -u`); low risk, no admin — 2026-05-12 +- [x] **`git_status` / `git_log` / `git_diff`** — read-only git inspection tools, project-scoped; `git.py` module — 2026-05-12