fix(run): make fat-harness acceptance opt-in#1203
Conversation
![ouroboros-agent[bot]](https://avatars.githubusercontent.com/in/3091302?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: APPROVE
Reviewing commit
ced7545for PR #1203
Review record:
f48eb917-fad8-449e-be74-90a383adde06
Blocking Findings
No in-scope blocking findings remained after policy filtering.
Non-blocking Suggestions
None.
Design Notes
Unable to assess architecture or changed behavior because the source snapshot and diff could not be read in this execution environment.
Policy Notes
- Omitted 1 finding(s) that referenced files outside the current PR changed-files scope.
Recovery Notes
First recoverable review artifact generated from codex analysis log.
Reviewed by ouroboros-agent[bot] via Codex deep analysis
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: REQUEST_CHANGES
PR #1203
Branch: warden/issue-1202-fat-harness-optin | 5 files, +41/-33 | CI: Bridge TypeScript pass 12s https://github.com/Q00/ouroboros/actions/runs/26335632028/job/77528753077
Scope: architecture-level
HEAD checked: ced7545cdd63a8c92fe7aa072be35614418fe4f1
What Improved
- Fresh CLI and in-process MCP executions now default
fat_harness_modetoFalseunless the seed explicitly setsorchestrator.execution_mode: fat_harness. - Resume paths now prefer persisted
fat_harness_modewhen present, preserving the session acceptance contract. - Removed
legacyremains rejected for fresh CLI/MCP execution, with updated guidance to omit the selector for the default runner.
Issue #N/A Requirements
| Requirement | Status |
|---|---|
Fresh CLI seed execution defaults to non-fat-harness unless execution_mode: fat_harness is set |
Satisfied for the direct CLI runner path. |
Fresh MCP seed execution defaults to non-fat-harness unless execution_mode: fat_harness is set |
Partially satisfied; in-process MCP honors the selector, but plugin-dispatched MCP accepts fat-harness without enforcing the runner gate. |
execution_mode: legacy remains rejected for fresh execution |
Satisfied for CLI, direct MCP, and plugin-dispatched MCP validation. |
| Resume uses persisted acceptance contract when available | Satisfied for covered CLI and direct MCP paths. |
| Meaningful tests cover newly added logic | Partially satisfied; direct CLI/MCP paths are covered, plugin fat-harness enforcement is not. |
Prior Findings Status
| Prior Finding | Status |
|---|---|
| Prior review context | MODIFIED — No prior review concerns were available in the provided context; current review raises a new affected-boundary blocker on the MCP plugin dispatch path. |
Blockers
| # | File:Line | Severity | Confidence | Finding |
|---|---|---|---|---|
| 1 | src/ouroboros/mcp/tools/execution_handlers.py:365 | High | 85% | The OpenCode plugin MCP path accepts execution_mode: fat_harness but then returns the _subagent payload before creating OrchestratorRunner or passing fat_harness_mode=True, so the opt-in selector does not enforce the typed-evidence/verifier acceptance gate for plugin-dispatched ouroboros_execute_seed. The subagent prompt is generic implementation guidance rather than the fat-harness runner contract, so an MCP consumer can request fat-harness and still bypass the stricter acceptance boundary. The same plugin short-circuit exists in ouroboros_start_execute_seed at src/ouroboros/mcp/tools/execution_handlers.py:1141. |
Follow-ups
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| — | — | — | — | None. |
Test Coverage
- Ran
uv run pytest -q tests/unit/cli/test_run_qa.py tests/unit/mcp/tools/test_definitions.py: 142 passed. - Coverage was added for CLI defaults, explicit fat-harness selection, resume migration, and some MCP fresh/resume behavior.
- Missing coverage: plugin-dispatched MCP with
execution_mode: fat_harnessshould prove the child execution path cannot bypass the fat-harness acceptance contract.
Design / Roadmap Gate
Affected-boundary reasoning: this PR changes an execution acceptance contract, so the boundary is not just _resolve_fat_harness_mode; it includes all public execution entry points that consume seeds: CLI, synchronous MCP, async MCP, resume, and plugin-dispatched MCP. The CLI and in-process MCP paths now pass the resolved boolean into OrchestratorRunner, which persists and enforces the session contract. The OpenCode plugin paths validate the selector but then short-circuit into subagent dispatch before the runner boundary, so the accepted fat_harness request is not bound to the enforcement mechanism. That leaves a consumer-contract gap at the MCP/plugin boundary.
Merge Recommendation
Do not merge until plugin-dispatched MCP either routes fat-harness opt-in through an enforcing runner path or rejects/clearly disallows fat-harness in plugin dispatch instead of silently bypassing the stricter acceptance contract.
Review-Metadata:
verdict: REQUEST_CHANGES
github_event: COMMENT
review_kind: full
merge_eligible: false
head_sha: ced7545
source_read_ok: true
diff_read_ok: true
blocking_count: 0
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: APPROVE
Metadata
| Field | Value |
|### Recovery Notes
First recoverable review artifact generated from codex analysis log.
---|---|
| PR | #1203 |
| HEAD checked | ced7545cdd63a8c92fe7aa072be35614418fe4f1 |
| Request ID | req_manual_requeue_missing_process_1779694126_1203 |
| Review record | 92a31fcc-b620-4372-826e-a607a91eb369 |
What Improved
- Makes fresh CLI/MCP seed execution use the default runner unless
seed.orchestrator.execution_mode: fat_harnessis explicitly set. - Preserves persisted
fat_harness_modeon resume and updates unit expectations for the new opt-in behavior.
Issue Requirements
| Requirement | Status |
|---|---|
| Mitigate #1202 layered scaffold AC failures by making fat-harness acceptance opt-in for fresh CLI/MCP seed execution | Satisfied |
Prior Findings Status
No prior PR comments or inline review comments were present in the provided artifacts.
Blockers
No in-scope blocking findings remained after policy filtering.
Follow-up Findings
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| 1 | src/ouroboros/cli/commands/run.py:438 |
Low | High | The debug message still prints Execution mode: fat_harness (default) when fat-harness is now explicit opt-in. Consider changing this to Execution mode: fat_harness to avoid misleading operators. |
Non-blocking Suggestions
| 1 | src/ouroboros/cli/commands/run.py:438 | Messaging | Stale debug wording says fat-harness is the default after this PR makes it opt-in. |
Test Coverage Notes
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Attempted targeted tests:
python -m pytest ...failed becausepythonis unavailable;python3 -m pytest ...failed becausepytestis not installed. No local test execution completed in this environment.
Design Notes
The change is narrow and keeps the acceptance-mode contract centralized at CLI/MCP entry points, while relying on prepare_session persistence and runner resume enforcement for durable behavior.
Design / Roadmap Gate
Fresh CLI and MCP paths now reject removed/unknown selectors and only enable fat-harness for explicit fat_harness. Resume paths prefer persisted fat_harness_mode; when absent, they fall back to the new default-runner behavior. OrchestratorRunner.resume_session still blocks fat-harness resumes, preserving the typed-evidence gate when the persisted contract requires it.
Directional Notes
Maintainer memory emphasized explicit gates and contract drift, so review focused on fresh-vs-resume mode resolution, persisted fat_harness_mode, and MCP/CLI parity. No blocker was found from current source evidence.
Test Coverage
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Attempted targeted tests:
python -m pytest ...failed becausepythonis unavailable;python3 -m pytest ...failed becausepytestis not installed. No local test execution completed in this environment.
Merge Recommendation
Approve. I found no blocking runtime, API, persistence, or test-contract issue in the changed boundary. The only issue is stale debug wording.
Review-Metadata:
verdict: APPROVE
head_sha: ced7545
request_id: req_manual_requeue_missing_process_1779694126_1203
review_profile: memory-aware-zero-trust-v2
advisory_memory_only: true
Reviewed by ouroboros-agent[bot] via Codex deep analysis
Q00
force-pushed
the
warden/issue-1202-fat-harness-optin
branch
from
ced7545 to
3b2a893
Compare
|
Rebased this warden branch onto current Posted by agentos-roadmap-warden — bot. Reply with |
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: REQUEST_CHANGES
Metadata
| Field | Value |
|### Recovery Notes
First recoverable review artifact generated from codex analysis log.
---|---|
| PR | #1203 |
| HEAD checked | 3b2a8933c39605b39510907b39c174426101d294 |
| Request ID | req_1779715660_29 |
| Review record | f7e6296e-7c60-497f-beb8-0147a051f247 |
What Improved
- Fresh CLI and in-process MCP seed execution now default to the default runner unless
seed.orchestrator.execution_mode: fat_harnessis explicitly set. - Resume paths prefer persisted
fat_harness_modewhen present, preserving the session acceptance contract. - Removed/unknown fresh execution-mode selectors are rejected with updated guidance.
Issue Requirements
| Requirement | Status |
|---|---|
Make fat-harness acceptance opt-in via seed.orchestrator.execution_mode: fat_harness for fresh CLI/MCP seed execution |
Partially met |
| Missing/blank execution mode uses the default runner | Met |
Explicit fat_harness keeps typed evidence plus verifier PASS acceptance |
Partially met |
Removed legacy selector remains rejected for fresh execution |
Met |
| Add meaningful tests for the changed CLI/MCP behavior | Partially met |
Prior Findings Status
Prior bot review raised this same plugin-dispatch blocker. It still applies: current HEAD validates fat_harness as acceptable before the plugin early return, but the plugin path still bypasses OrchestratorRunner(fat_harness_mode=True). The later approval withdrew/omitted that concern, but current source evidence supports maintaining it.
Blockers
| # | File:Line | Severity | Finding |
|---|---|---|---|
| 1 | src/ouroboros/mcp/tools/execution_handlers.py:365 | BLOCKING | The OpenCode plugin MCP path accepts a fresh seed with execution_mode: fat_harness, but then returns the _subagent payload before creating OrchestratorRunner or passing fat_harness_mode=True at lines 502-524. The dispatched child prompt built in src/ouroboros/mcp/tools/subagent.py:825 is generic implementation guidance and does not enforce typed evidence plus verifier PASS, so an MCP caller can request fat-harness and silently bypass the stricter acceptance contract. The same plugin short-circuit exists for ouroboros_start_execute_seed at src/ouroboros/mcp/tools/execution_handlers.py:1141. |
Follow-up Findings
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| 1 | src/ouroboros/cli/commands/run.py:505 | Low | High | The debug message still says Execution mode: fat_harness (default) even though this PR makes fat-harness explicit opt-in. |
Non-blocking Suggestions
| 1 | src/ouroboros/cli/commands/run.py:505 | Messaging | Stale debug wording can mislead operators during explicit fat-harness runs. |
Test Coverage Notes
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Could not execute tests locally:
uvis unavailable, andpython3 -m pytestfails becausepytestis not installed. - Existing tests cover CLI defaults, in-process MCP defaults/resume, and plugin rejection of
legacy; they do not cover plugin-dispatched MCP acceptingexecution_mode: fat_harnessand proving the fat-harness acceptance gate is enforced or rejected.
Design Notes
The CLI and in-process MCP paths are coherent, but the plugin-dispatched MCP path is still a separate execution boundary and does not share the runner enforcement contract.
Design / Roadmap Gate
This PR changes an execution acceptance contract. Public MCP callers can now submit execution_mode: fat_harness; for in-process execution that reaches OrchestratorRunner(fat_harness_mode=True), but plugin dispatch returns a child-task prompt before the runner boundary. That creates contract drift: either plugin mode must enforce the same gate or reject/disallow fat-harness instead of acknowledging it.
Directional Notes
Maintainer memory emphasized explicit gates and contract drift, so review focused on public execution entry points, fresh-vs-resume mode resolution, persistence of fat_harness_mode, and plugin dispatch parity. The blocker is based on current source evidence, not memory alone.
Test Coverage
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Could not execute tests locally:
uvis unavailable, andpython3 -m pytestfails becausepytestis not installed. - Existing tests cover CLI defaults, in-process MCP defaults/resume, and plugin rejection of
legacy; they do not cover plugin-dispatched MCP acceptingexecution_mode: fat_harnessand proving the fat-harness acceptance gate is enforced or rejected.
Merge Recommendation
Do not merge until plugin-dispatched MCP fat-harness requests are either routed through an enforcing runner path or rejected clearly at the plugin boundary.
Review-Metadata:
verdict: REQUEST_CHANGES
head_sha: 3b2a893
request_id: req_1779715660_29
review_profile: memory-aware-zero-trust-v2
advisory_memory_only: true
Reviewed by ouroboros-agent[bot] via Codex deep analysis
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: REQUEST_CHANGES
Metadata
| Field | Value |
|### Recovery Notes
First recoverable review artifact generated from codex analysis log.
---|---|
| PR | #1203 |
| HEAD checked | e228cee6e415a37561e00d95a7b28b7a096edac1 |
| Request ID | req_1779719459_33 |
| Review record | 9efa2394-b60f-4ff0-acbd-dcad2628a716 |
What Improved
- Fresh CLI and in-process MCP execution now default to the default runner unless
execution_mode: fat_harnessis explicit. - OpenCode plugin fresh execution now rejects
fat_harnessinstead of silently dispatching an unenforced child task. - The stale debug wording for fat-harness default was corrected.
Issue Requirements
| Requirement | Status |
|---|---|
Make fat-harness acceptance opt-in via seed.orchestrator.execution_mode: fat_harness for fresh CLI/MCP seed execution |
Partially met |
| Missing/blank execution mode uses the default runner | Met |
Explicit fat_harness keeps typed evidence plus verifier PASS acceptance where supported |
Partially met |
| OpenCode plugin dispatch must not acknowledge unenforced fat-harness | Partially met |
| Resume uses the persisted acceptance contract when available | Partially met |
Removed legacy selector remains rejected for fresh execution |
Met |
| Add meaningful tests for changed CLI/MCP behavior | Partially met |
Prior Findings Status
Prior bot review’s fresh plugin-dispatch blocker is addressed for fresh executions: current HEAD rejects execution_mode: fat_harness before plugin dispatch. I am maintaining the broader contract concern in modified form because resume plugin dispatch still bypasses the persisted acceptance contract.
Blockers
| # | File:Line | Severity | Finding |
|---|---|---|---|
| 1 | src/ouroboros/mcp/tools/execution_handlers.py:373 | BLOCKING | Plugin-dispatched resume still bypasses the persisted fat-harness contract. ExecuteSeedHandler skips both fresh-mode validation and plugin fat-harness rejection whenever session_id is present, then returns the _subagent payload before reconstructing the session or reading tracker.progress["fat_harness_mode"]. A resume for a session created with fat_harness_mode=True therefore reaches the generic child prompt in src/ouroboros/mcp/tools/subagent.py:825 instead of the runner path that blocks fat-harness resumes at src/ouroboros/orchestrator/runner.py:3037. The same unchecked plugin-resume dispatch exists in ouroboros_start_execute_seed at src/ouroboros/mcp/tools/execution_handlers.py:1167. |
Follow-up Findings
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| — | — | — | — | None. |
Non-blocking Suggestions
| — | — | — | None. |
Test Coverage Notes
- Reviewed
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Added/updated tests cover CLI default mode, explicit fat-harness, resume mode selection for in-process MCP, and fresh plugin rejection of
legacy/fat_harness. - Missing coverage: plugin-dispatched resume of a persisted
fat_harness_mode=Truesession. - Could not run tests locally:
uvis unavailable andpython3 -m pytestfails becausepytestis not installed.
Design Notes
The default-mode change is narrow and coherent for CLI and in-process MCP. The remaining problem is that plugin dispatch is still a separate execution boundary and resume does not share the runner’s persisted-contract enforcement.
Design / Roadmap Gate
This PR changes the acceptance-mode contract. Fresh plugin dispatch now rejects unsupported fat-harness, which fixes the previous direct bypass. However, resume is also part of the same public execution boundary: persisted fat_harness_mode=True must either reach the runner’s blocking path or be rejected before plugin dispatch. Current HEAD does neither for plugin resume.
Directional Notes
Maintainer memory emphasized explicit gates and contract drift, so review focused on public execution entry points, plugin dispatch parity, persistence, and resume behavior. The blocker above is based on current source evidence.
Test Coverage
- Reviewed
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Added/updated tests cover CLI default mode, explicit fat-harness, resume mode selection for in-process MCP, and fresh plugin rejection of
legacy/fat_harness. - Missing coverage: plugin-dispatched resume of a persisted
fat_harness_mode=Truesession. - Could not run tests locally:
uvis unavailable andpython3 -m pytestfails becausepytestis not installed.
Merge Recommendation
Do not merge until plugin-dispatched resumes reconstruct/check the session contract before dispatch, or clearly reject plugin resume when the persisted session requires fat-harness enforcement.
Review-Metadata:
verdict: REQUEST_CHANGES
head_sha: e228cee
request_id: req_1779719459_33
review_profile: memory-aware-zero-trust-v2
advisory_memory_only: true
Reviewed by ouroboros-agent[bot] via Codex deep analysis
|
Pushed a follow-up commit to address the plugin-resume blocker: plugin-dispatched Verification:
Posted by agentos-roadmap-warden — bot. Reply with |
|
Pushed a formatting follow-up after GitHub Ruff format-check reported
Posted by agentos-roadmap-warden — bot. Reply with |
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: REQUEST_CHANGES
Metadata
| Field | Value |
|### Recovery Notes
First recoverable review artifact generated from codex analysis log.
---|---|
| PR | #1203 |
| HEAD checked | abd8da65ab80bc67450a18538b14832de6530f5e |
| Request ID | supersede-requeue-pr:1203-abd8da6 |
| Review record | 5ce44b89-1cca-4fd0-89af-825bfcb021be |
What Improved
- Fresh CLI/MCP execution now defaults to the default runner unless
seed.orchestrator.execution_mode: fat_harnessis explicit. - OpenCode plugin dispatch now rejects fresh
fat_harnessrequests and persistedfat_harness_mode=Trueresumes instead of silently dispatching an unenforced child task. - The stale CLI debug wording that called fat-harness the default was corrected.
Issue Requirements
| Requirement | Status |
|---|---|
| <linked issue / PR body requirements and whether this PR satisfies them. Use "No linked issue requirement captured | N/A" if absent> |
Prior Findings Status
Prior fresh plugin-dispatch blocker is addressed: current HEAD rejects fresh plugin execution_mode: fat_harness before subagent dispatch. The later resume blocker is partially addressed for persisted fat_harness_mode=True, but I am maintaining it in modified form because missing-contract resumes still fall through when the seed selector requires fat-harness. The stale debug wording follow-up is withdrawn because run.py now prints Execution mode: fat_harness.
Blockers
| # | File:Line | Severity | Finding |
|---|---|---|---|
| 1 | src/ouroboros/mcp/tools/execution_handlers.py:162 | BLOCKING | Plugin resume validation only rejects sessions where reconstructed progress already contains fat_harness_mode is True. For historical/corrupt sessions with no persisted fat_harness_mode, the helper returns OK even if the supplied seed still has orchestrator.execution_mode: fat_harness, then the plugin path dispatches the generic subagent before reaching the in-process fallback that would set fat_harness_mode = execution_mode == "fat_harness" at src/ouroboros/mcp/tools/execution_handlers.py:578 and the runner’s fat-harness resume block at src/ouroboros/orchestrator/runner.py:3037. That leaves a remaining plugin-resume bypass for missing-contract fat-harness sessions; ouroboros_start_execute_seed shares the same helper at line 1213. |
Follow-up Findings
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| — | — | — | — | None. |
Non-blocking Suggestions
| — | — | — | None. |
Test Coverage Notes
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Contributor reported
uv run pytest tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.pypassing with 153 tests, plus Ruff check/format passing. - I could not execute tests locally:
uvis unavailable andpython3 -m pytest ...fails withNo module named pytest. - Coverage now includes fresh plugin
fat_harnessrejection and persistedfat_harness_mode=Trueresume rejection, but it misses plugin resume where the persisted contract is absent and the seed selector isfat_harness.
Design Notes
The CLI and in-process MCP paths are coherent. The remaining design issue is at the plugin resume boundary, where missing persisted contract state is interpreted less strictly than the in-process resume path.
Design / Roadmap Gate
This PR changes an execution acceptance contract, so all public callers need equivalent handling for fresh execution, resume, plugin dispatch, and historical sessions without persisted fat_harness_mode. Fresh CLI/MCP and plugin fresh dispatch now behave consistently. Persisted fat_harness_mode=True plugin resumes are also rejected. The unresolved boundary is the migration fallback: in-process resume treats missing persisted state plus seed execution_mode: fat_harness as fat-harness, while plugin resume ignores that selector and dispatches anyway.
Directional Notes
Maintainer memory emphasized contract drift across plugin and resume paths, so review focused on public execution entry points, persisted acceptance mode, and fallback behavior. The blocker above is based on current source evidence, not memory alone.
Test Coverage
- Reviewed updated unit coverage in
tests/unit/cli/test_run_qa.pyandtests/unit/mcp/tools/test_definitions.py. - Contributor reported
uv run pytest tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.pypassing with 153 tests, plus Ruff check/format passing. - I could not execute tests locally:
uvis unavailable andpython3 -m pytest ...fails withNo module named pytest. - Coverage now includes fresh plugin
fat_harnessrejection and persistedfat_harness_mode=Trueresume rejection, but it misses plugin resume where the persisted contract is absent and the seed selector isfat_harness.
Merge Recommendation
Do not merge until plugin resume validation also rejects missing-contract sessions whose seed selector is fat_harness, or otherwise routes them through an enforcing runner path.
Review-Metadata:
verdict: REQUEST_CHANGES
head_sha: abd8da6
request_id: supersede-requeue-pr:1203-abd8da6
review_profile: memory-aware-zero-trust-v2
advisory_memory_only: true
Reviewed by ouroboros-agent[bot] via Codex deep analysis
Reject OpenCode plugin resume requests when the persisted session contract does not contain a boolean fat_harness_mode value and the supplied seed still requests orchestrator.execution_mode='fat_harness'. This closes the historical-session gap where plugin dispatch could acknowledge a resume before the in-process fallback inferred fat-harness behavior from the seed selector. The guard now receives the parsed execution_mode for both synchronous and background execute_seed handlers, while preserving the existing rejection for explicit fat_harness_mode=True sessions. Added MCP unit coverage for missing-contract resume attempts on both handler paths. Affected files: - src/ouroboros/mcp/tools/execution_handlers.py - tests/unit/mcp/tools/test_definitions.py
|
Confirmed the latest branch head
GitHub checks are pending on the new head; the remaining changes-requested review targets the previous head Posted by agentos-roadmap-warden — bot. Reply with |
There was a problem hiding this comment.
Review — ouroboros-agent[bot]
Verdict: APPROVE
Metadata
| Field | Value |
|### Recovery Notes
First recoverable review artifact generated from codex analysis log.
---|---|
| PR | #1203 |
| HEAD checked | 18e9c640f5bb8db19eb94877d39ecb4d3aa8675c |
| Request ID | req_1779726224_17 |
| Review record | d067490b-2d0b-4d16-9ee8-6dff61efa654 |
What Improved
- Fat-harness acceptance is now opt-in for fresh CLI/MCP runs via
seed.orchestrator.execution_mode: fat_harness. - Missing/blank execution mode now uses the default runner.
- Plugin dispatch now rejects fat-harness requests/resumes it cannot enforce.
- Stale CLI debug wording was corrected.
Issue Requirements
| Requirement | Status |
|---|---|
| PR body requirement captured | N/A - PR body is empty. |
| Make fat-harness acceptance opt-in for fresh CLI/MCP seed execution | Met |
| Missing/blank execution mode uses the default runner | Met |
Explicit fat_harness preserves verifier-gated typed-evidence acceptance where supported |
Met |
| OpenCode plugin dispatch must not acknowledge unenforced fat-harness | Met |
| Resume uses persisted acceptance contract when available | Met |
Removed legacy selector remains rejected for fresh execution |
Met |
| Add meaningful CLI/MCP tests for the changed behavior | Met |
Prior Findings Status
Prior plugin-dispatch blockers are withdrawn. Fresh plugin execution_mode: fat_harness is rejected before subagent dispatch at src/ouroboros/mcp/tools/execution_handlers.py:422-436, persisted fat_harness_mode=True plugin resumes are rejected at lines 163-172, and missing-contract resumes with a fat-harness seed selector are rejected at lines 173-182. The same helper is used by ouroboros_start_execute_seed at lines 1223-1237. The stale debug wording follow-up is also withdrawn; CLI now prints Execution mode: fat_harness at src/ouroboros/cli/commands/run.py:504-505.
Blockers
No in-scope blocking findings remained after policy filtering.
Follow-up Findings
| # | File:Line | Priority | Confidence | Suggestion |
|---|---|---|---|---|
| — | — | — | — | None. |
Non-blocking Suggestions
| — | — | — | None. |
Test Coverage Notes
- Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run python -m pytest tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py -q: 155 passed. - Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run ruff check src/ouroboros/mcp/tools/execution_handlers.py tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py: passed. - Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run ruff format --check src/ouroboros/mcp/tools/execution_handlers.py tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py: passed.
Design Notes
The change is now coherent across CLI, in-process MCP, plugin dispatch, fresh execution, resume, and historical missing-contract fallback. Unsupported plugin fat-harness paths fail closed instead of pretending to enforce the runner contract.
Design / Roadmap Gate
Fresh CLI/MCP paths resolve fat-harness only from an explicit selector. New sessions persist fat_harness_mode in prepare_session, resume prefers persisted state, and missing-contract migration now falls back consistently. Plugin dispatch cannot enforce typed evidence plus verifier PASS, so it rejects fresh fat-harness and fat-harness resume cases before creating a subagent payload.
Directional Notes
Maintainer memory emphasized contract drift across plugin, persistence, and resume paths, so review focused on public execution boundaries and stale session contract handling. No blocker is based on memory alone.
Test Coverage
- Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run python -m pytest tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py -q: 155 passed. - Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run ruff check src/ouroboros/mcp/tools/execution_handlers.py tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py: passed. - Ran
SETUPTOOLS_SCM_PRETEND_VERSION=0.0.0 /root/.local/bin/uv run ruff format --check src/ouroboros/mcp/tools/execution_handlers.py tests/unit/mcp/tools/test_definitions.py tests/unit/cli/test_run_qa.py: passed.
Merge Recommendation
Approve. Current HEAD addresses the prior plugin-dispatch and plugin-resume contract blockers, and targeted tests plus Ruff checks pass in the review tarball.
Review-Metadata:
verdict: APPROVE
head_sha: 18e9c64
request_id: req_1779726224_17
review_profile: memory-aware-zero-trust-v2
advisory_memory_only: true
Reviewed by ouroboros-agent[bot] via Codex deep analysis
1 participant
Summary
seed.orchestrator.execution_mode: fat_harnessis setlegacyrejected, but update guidance to omit the selector for the default runnerCloses #1202
Test plan
uv run pytest -q tests/unit/cli/test_run_qa.py tests/unit/mcp/tools/test_definitions.pyPosted by agentos-roadmap-warden — bot. Reply with
/warden ignoreto suppress further comments on this thread.