feat: Scoped agent creation and ability execution for non-admin users #919
Description
Context
Data Machine has a comprehensive permission system already shipped (#597, #600, #601, #602):
- 6 granular capabilities registered on 4 roles (admin → subscriber)
- Agent bearer tokens with per-token capability restrictions
- Agent context system (
set_agent_context(),agent_can(), capability ceiling) - Scoped queries (
resolve_scoped_user_id(),resolve_scoped_agent_id(),owns_resource(),can_access_agent()) - Agent access table with role-based grants (viewer, operator, admin)
What's missing is the last mile: letting non-admin users create their own agent and having the artist platform wire up agent provisioning during onboarding.
Current capability map
| Role | Capabilities |
|---|---|
| Administrator | manage_settings, manage_agents, manage_flows, chat, use_tools, view_logs |
| Editor | chat, use_tools, view_logs |
| Author | chat, use_tools |
| Subscriber | chat |
Subscribers can already chat with agents they have access to. Authors can use tools. The ceiling system ensures an agent never exceeds its owner's WordPress capabilities.
Actual gaps
1. Self-service agent creation
datamachine/create-agent requires datamachine_manage_agents (admin only). Non-admin users cannot create their own agent.
Solution: Add a datamachine_create_own_agent capability (granted to Author+ or a custom role like artist). The create-agent ability should allow this cap with constraints:
- Owner is always the requesting user (can't create agents for others)
- Limit: 1 agent per non-admin user (configurable via filter)
- Full
manage_agentsstill allows unlimited creation for anyone
2. Agent provisioning in artist onboarding
When an artist joins the platform (via extrachill-artist-platform join flow), automatically provision a Data Machine agent for them:
- Agent slug derived from artist slug
- SOUL.md scaffolded with artist identity (name, genre, bio from artist profile)
- Agent scoped to the artist's content via owner_id
This is an extrachill-artist-platform change that calls datamachine/create-agent.
3. Content ownership enforcement in cross-site abilities
Artist platform abilities (8 shipped) need ownership checks:
get-artist-data/update-artist— verify requesting user owns this artist profilesave-link-page-*— verify the link page belongs to the requesting user's artist- Shop abilities — verify products belong to the requesting user
Some of this may already be enforced at the REST layer — needs audit.
Implementation plan
Phase 1: Self-service agent creation (data-machine)
- Add
datamachine_create_own_agentcapability to Author role - Update
datamachine/create-agentpermission callback to acceptdatamachine_create_own_agentwith self-only constraint - Add configurable agent-per-user limit (default: 1 for non-admins)
- Add
datamachine_agent_createdaction hook for downstream provisioning
Phase 2: Artist agent provisioning (extrachill-artist-platform)
- Hook into artist creation/onboarding flow
- Call
datamachine/create-agentwith artist identity context - Scaffold SOUL.md with artist-specific identity (name, bio, platform context)
- Grant artist user access to their agent
Phase 3: Ownership audit (extrachill-api + artist platform)
- Audit all artist platform abilities for ownership enforcement
- Audit shop abilities for owner-scoped access
- Audit community abilities for author-scoped access
- Document which abilities are safe for agent execution vs admin-only
Related
- Permissions & Multi-Agent Architecture: site/agent/user memory layers + WordPress capabilities #597 (closed) — Original multi-agent architecture (shipped)
- Custom WordPress capabilities for Data Machine #600 (closed) — Custom capabilities (shipped)
- extrachill-artist-platform#17 — Artist Agent Manager block
- extrachill-app#16 — Generic WordPress app vision