You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/ANTIGRAVITY_CLI_INTEGRATION.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -11,8 +11,8 @@ CompText operates under a strict separation of concerns between agent execution
11
11
-**Antigravity CLI is the Agent Execution Surface**: Handles task orchestration, command execution, tool invocations, and subagent lifecycle management.
12
12
-**CompText CLI (`ctxt`) is the Context, Policy, and Evidence Control Plane**: Manages deterministic context packaging, proposal audits, file-write validation gates, and safety constraints.
13
13
-**Skills are progressive context-loading capsules**: Bounded guidelines designed to prevent context bloat and restrict agent operations.
14
-
-**Hooks are policy-interceptor targets**: Structural interception points allowing verification before, during, and after agent activities.
15
-
-**Permissions are defense-in-depth, not the source of truth**: Hard platform sandboxing boundaries that back up (but do not replace) the repository safety constitution.
14
+
-**Hooks are policy-interceptor targets (target architecture)**: Planned structural interception points designed for verifying before, during, and after agent activities, not locally active in the current implementation.
15
+
-**Permissions are defense-in-depth, not the source of truth**: Runtime/orchestrator permission boundaries that back up (but do not replace) the repository safety constitution.
16
16
-**Subagents are bounded specialist reviewers**: Highly targeted, read-only assistants delegated for review rather than autonomous development.
17
17
-**The source of truth remains the code repository**: Safety constitution (`AGENTS.md`), project tracker (`PROJEKT.md`), CompText configurations, the Proposal/Apply Gate, and local validation commands.
18
18
@@ -46,4 +46,4 @@ flowchart TD
46
46
47
47
1.**Context Harvesting**: Before launching a task, the Antigravity Orchestrator executes `ctxt context pack --task "<task_description>"`. This harvest sanitizes the repository state, redacting secrets and building a deterministic Context Pack under `.comptext/context_pack.latest.json`.
48
48
2.**Proposal Generation**: When proposing changes, the agent runs `ctxt propose --provider dummy "<prompt>"`. This creates a structured JSON patch proposal under `proposals/` without mutating source files. Note that `proposals/` contains ignored/generated runtime state and is excluded from Git tracking in the release package baseline.
49
-
3.**Apply and Verification**: To modify the codebase, the agent calls `ctxt apply <proposal_path>`. The CompText control plane intercepts the request, validates that target files lie within allowed write boundaries, prompts for user confirmation (or validation suite success), applies the patches, and runs local tests.
49
+
3.**Apply and Verification**: To modify the codebase, the agent calls `ctxt apply <proposal_path>`. The CompText CLI validates write boundaries and runs local verification (checking path-traversal safety, prompting for user confirmation, applying the patches, and executing validation tests). Interceptor hook checks (such as PreToolUse or PostToolUse) represent planned target architecture only and do not execute during runtime apply operations.
The active execution environment is partitioned into narrow permission scopes:
21
+
The target host policy baseline for the runtime environment is partitioned into the following intended permission scopes:
22
22
23
-
-**Read Access**: Restricted to the repository workspace directory. Reading files under `/etc`, `C:\Windows`, system temp directories, or user home directories (outside the workspace) is denied by default.
24
-
-**Write Access**: Restricted to allowed targets within the workspace. Writing to system folders or configuration targets outside the project root is denied.
25
-
-**Network Access**: Denied by default. Enforces blockades on remote socket connections.
26
-
-**Provider Access**: Denied by default. Enforces blockades on calling external LLM providers or remote endpoints unless the phase explicitly authorizes mock or local integrations.
23
+
-**Read Access**: Restricted to the repository workspace directory. The intended permission baseline is that reading system paths (such as `/etc`, `C:\Windows`, system temp directories, or user home directories outside the workspace) should be denied by default. CompText treats this as a required orchestrator constraint, not a Rust-level guarantee.
24
+
-**Write Access**: Restricted to allowed targets within the workspace. Target host policy should deny writing to system folders or configuration targets outside the project root.
25
+
-**Network Access**: Denied by default. The intended permission baseline is that remote socket connections should be blocked by the orchestrator unless network access is explicitly authorized for the active phase.
26
+
-**Provider Access**: Denied by default. Target host policy should block calling external LLM providers or remote endpoints unless the phase explicitly authorizes mock or local integrations.
- Defined target permissions boundaries and subagent review constraints.
49
+
-**RISKS**: Hook and permission documents are design targets until implemented/enforced by the host. All new documents conform strictly to honest claims policies.
0 commit comments