Conversation
There was a problem hiding this comment.
Pull request overview
Clarifies the trust boundary for /autoresearch --resume, ensuring docs consistently state that executable commands are sourced from the current invocation (not from autoresearch-state.json).
Changes:
- Document that
Verify:must be re-supplied on--resumeand that state-file command fields are not executed. - Add/expand resume behavior notes in the wiki Configuration and Safety pages.
- Update README and architecture docs to reflect the same resume semantics.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| wiki/Safety.md | Adds an explicit safety guarantee and non-guarantee around command sourcing on resume / tampered state files. |
| wiki/Configuration.md | Updates --resume docs and adds a dedicated “Resume Behavior” section clarifying command execution semantics. |
| docs/ARCHITECTURE.md | Updates state machine description to clarify command sourcing on resume and adds a note about command fields being record-only. |
| README.md | Aligns safety/config/docs sections to state commands on resume come from the current invocation and Verify: is re-supplied. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| State is checkpointed to `autoresearch-state.json` after every phase. This enables `--resume` after crashes. On resume, executable commands come from the current invocation; the state file only restores non-executable loop metadata. | ||
|
|
||
| Schema fields: `run_id`, `schema_version`, `branch`, `iteration`, `max_iterations`, `best_metric`, `direction`, `goal`, `scope`, `verify_cmd`, `guard_cmd`, `start_time`, `duration_limit`, `discarded_descriptions`. | ||
| Schema fields: `run_id`, `schema_version`, `branch`, `iteration`, `max_iterations`, `best_metric`, `direction`, `goal`, `scope`, `verify_cmd`, `guard_cmd`, `start_time`, `duration_limit`, `discarded_descriptions`. `verify_cmd` and `guard_cmd` are record-only metadata and are not executed from the state file on resume. |
There was a problem hiding this comment.
The state file schema field list here appears inconsistent with the authoritative schema described in plugins/autoresearch/skills/autoresearch/references/state-management.md (e.g., that document uses previous_best/baseline/consecutive_*/last_phase_completed rather than best_metric/discarded_descriptions). To avoid confusing implementers/readers, update this field list to match the state-management reference (or explicitly label it as a non-exhaustive/illustrative subset).
| Schema fields: `run_id`, `schema_version`, `branch`, `iteration`, `max_iterations`, `best_metric`, `direction`, `goal`, `scope`, `verify_cmd`, `guard_cmd`, `start_time`, `duration_limit`, `discarded_descriptions`. `verify_cmd` and `guard_cmd` are record-only metadata and are not executed from the state file on resume. | |
| The authoritative state schema is defined in `plugins/autoresearch/skills/autoresearch/references/state-management.md`. At a high level, the checkpoint includes run identity, loop counters, branch/goal/scope metadata, metric-tracking state, phase progress, timing/limit information, and record-only command metadata such as `verify_cmd` and `guard_cmd`; these command fields are not executed from the state file on resume. |
Summary
Verification