Skip to content

fix: restrict delegation scope, isolate test workspace, protect perstack.toml#793

Merged
FL4TLiN3 merged 3 commits intomainfrom
fix/delegation-scope-and-workspace-isolation
Mar 14, 2026
Merged

fix: restrict delegation scope, isolate test workspace, protect perstack.toml#793
FL4TLiN3 merged 3 commits intomainfrom
fix/delegation-scope-and-workspace-isolation

Conversation

@FL4TLiN3
Copy link
Contributor

@FL4TLiN3 FL4TLiN3 commented Mar 14, 2026

Summary

  • Delegation scope: coordinator delegates restricted to write + verify only (remove direct access to review/test)
  • perstack.toml protection: test explicitly instructs created expert not to touch perstack.toml
  • Workspace isolation: test creates a dedicated work directory per run, reports its path to verify
  • verify feedback target: CONTINUE fix recommendations must target perstack.toml (the expert definition), not the produced artifacts
  • Bump to 1.0.24

Context

Production run showed:

  1. create-expert delegated directly to test/review bypassing the write→verify flow
  2. Generated expert's scaffold ran rm -rf perstack.toml
  3. Test artifacts scattered across workspace root causing confusion
  4. verify suggested changes to produced artifacts instead of the expert definition

Test plan

  • Verify create-expert only delegates to write and verify
  • Confirm test creates isolated work directory and reports its path
  • Verify generated expert cannot delete perstack.toml
  • Check verify's CONTINUE feedback references perstack.toml, not artifact internals

🤖 Generated with Claude Code

FL4TLiN3 and others added 3 commits March 14, 2026 11:01
@FL4TLiN3 @claude
fix: restrict delegation scope, isolate test workspace, protect perst…
dd205d7 
…ack.toml

Issues observed in production:
1. create-expert could directly delegate to review/test (bypassing write/verify)
2. Generated expert's scaffold deleted perstack.toml (rm -rf)
3. Test artifacts scattered across workspace root
4. verify feedback targeted produced artifacts instead of perstack.toml

Fixes:
- Coordinator delegates restricted to write + verify only
- test: creates dedicated work directory per run, instructs expert to
  work inside it, explicitly prohibits perstack.toml deletion
- verify: runs signals in test's work directory, fix feedback must
  target perstack.toml (the iterated deliverable), not produced artifacts
- Bump to 1.0.24

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@FL4TLiN3 @claude
fix: isolate test by directory separation instead of explicit instruc…
c8c77ac 
…tion

Telling the expert not to touch perstack.toml alters the test query.
Instead, run the expert in a subdirectory so perstack.toml in the parent
is naturally isolated from file operations.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@FL4TLiN3 @claude
fix: remove unnecessary cd step from test instruction
44336b6 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@FL4TLiN3 FL4TLiN3 merged commit d256e20 into main Mar 14, 2026
11 checks passed
@FL4TLiN3 FL4TLiN3 deleted the fix/delegation-scope-and-workspace-isolation branch March 14, 2026 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@FL4TLiN3