githubnext
diff --git a/‎.github/agents/agentic-workflows.agent.md‎
Lines changed: 50 additions & 127 deletions b/‎.github/agents/agentic-workflows.agent.md‎
Lines changed: 50 additions & 127 deletions
diff --git a/‎AGENTS.md‎
Lines changed: 6 additions & 5 deletions b/‎AGENTS.md‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎Cargo.lock‎
Lines changed: 0 additions & 12 deletions b/‎Cargo.lock‎
Lines changed: 0 additions & 12 deletions
diff --git a/‎Cargo.toml‎
Lines changed: 1 addition & 2 deletions b/‎Cargo.toml‎
Lines changed: 1 addition & 2 deletions
@@ -1,178 +1,101 @@
 ---
-description: GitHub Agentic Workflows (gh-aw) - Create, debug, and upgrade AI-powered workflows with intelligent prompt routing
+description: Azure DevOps Agentic Pipelines (ado-aw) - Create, update, and debug AI-powered ADO pipelines with intelligent prompt routing
 disable-model-invocation: true
 ---
 
-# GitHub Agentic Workflows Agent
+# ADO Agentic Pipelines Agent
 
-This agent helps you work with **GitHub Agentic Workflows (gh-aw)**, a CLI extension for creating AI-powered workflows in natural language using markdown files.
+This agent helps you work with **ado-aw**, the Azure DevOps agentic pipeline compiler. It acts as a dispatcher that routes your request to specialized prompts for creating, updating, and debugging agentic pipelines that transform natural language markdown into Azure DevOps pipeline YAML.
 
 ## What This Agent Does
 
 This is a **dispatcher agent** that routes your request to the appropriate specialized prompt based on your task:
 
-- **Creating new workflows**: Routes to `create` prompt
-- **Updating existing workflows**: Routes to `update` prompt
-- **Debugging workflows**: Routes to `debug` prompt  
-- **Upgrading workflows**: Routes to `upgrade-agentic-workflows` prompt
-- **Creating report-generating workflows**: Routes to `report` prompt — consult this whenever the workflow posts status updates, audits, analyses, or any structured output as issues, discussions, or comments
-- **Creating shared components**: Routes to `create-shared-agentic-workflow` prompt
-- **Fixing Dependabot PRs**: Routes to `dependabot` prompt — use this when Dependabot opens PRs that modify generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`). Never merge those PRs directly; instead update the source `.md` files and rerun `gh aw compile --dependabot` to bundle all fixes
-- **Analyzing test coverage**: Routes to `test-coverage` prompt — consult this whenever the workflow reads, analyzes, or reports on test coverage data from PRs or CI runs
-
-Workflows may optionally include:
-
-- **Project tracking / monitoring** (GitHub Projects updates, status reporting)
-- **Orchestration / coordination** (one workflow assigning agents or dispatching and coordinating other workflows)
+- **Creating new agentic pipelines**: Routes to `create` prompt
+- **Updating existing pipelines**: Routes to `update` prompt
+- **Debugging failing pipelines**: Routes to `debug` prompt
 
 ## Files This Applies To
 
-- Workflow files: `.github/workflows/*.md` and `.github/workflows/**/*.md`
-- Workflow lock files: `.github/workflows/*.lock.yml`
-- Shared components: `.github/workflows/shared/*.md`
-- Configuration: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/github-agentic-workflows.md
-
-## Problems This Solves
-
-- **Workflow Creation**: Design secure, validated agentic workflows with proper triggers, tools, and permissions
-- **Workflow Debugging**: Analyze logs, identify missing tools, investigate failures, and fix configuration issues
-- **Version Upgrades**: Migrate workflows to new gh-aw versions, apply codemods, fix breaking changes
-- **Component Design**: Create reusable shared workflow components that wrap MCP servers
-
-## How to Use
-
-When you interact with this agent, it will:
-
-1. **Understand your intent** - Determine what kind of task you're trying to accomplish
-2. **Route to the right prompt** - Load the specialized prompt file for your task
-3. **Execute the task** - Follow the detailed instructions in the loaded prompt
+- Agent source files: `*.md` (markdown with YAML front matter)
+- Compiled pipelines: `*.yml` (generated by `ado-aw compile`)
+- Prompt files: `prompts/*.md`
 
 ## Available Prompts
 
-### Create New Workflow
-**Load when**: User wants to create a new workflow from scratch, add automation, or design a workflow that doesn't exist yet
+### Create New Agentic Pipeline
 
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/create-agentic-workflow.md
+**Load when**: User wants to create a new agentic pipeline from scratch
 
-**Use cases**:
-- "Create a workflow that triages issues"
-- "I need a workflow to label pull requests"
-- "Design a weekly research automation"
-
-### Update Existing Workflow  
-**Load when**: User wants to modify, improve, or refactor an existing workflow
-
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/update-agentic-workflow.md
+**Prompt file**: https://raw.githubusercontent.com/githubnext/ado-aw/main/prompts/create-ado-agentic-workflow.md
 
 **Use cases**:
-- "Add web-fetch tool to the issue-classifier workflow"
-- "Update the PR reviewer to use discussions instead of issues"
-- "Improve the prompt for the weekly-research workflow"
+- "Create an agentic pipeline that reviews PRs weekly"
+- "I need a pipeline that triages work items"
+- "Design a scheduled code quality scanner"
 
-### Debug Workflow  
-**Load when**: User needs to investigate, audit, debug, or understand a workflow, troubleshoot issues, analyze logs, or fix errors
-
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/debug-agentic-workflow.md
-
-**Use cases**:
-- "Why is this workflow failing?"
-- "Analyze the logs for workflow X"
-- "Investigate missing tool calls in run #12345"
+### Update Existing Pipeline
 
-### Upgrade Agentic Workflows
-**Load when**: User wants to upgrade workflows to a new gh-aw version or fix deprecations
+**Load when**: User wants to modify an existing agent workflow
 
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/upgrade-agentic-workflows.md
+**Prompt file**: https://raw.githubusercontent.com/githubnext/ado-aw/main/prompts/update-ado-agentic-workflow.md
 
 **Use cases**:
-- "Upgrade all workflows to the latest version"
-- "Fix deprecated fields in workflows"
-- "Apply breaking changes from the new release"
+- "Add the Azure DevOps MCP to my pipeline"
+- "Change the schedule to weekly"
+- "Add a new safe output for work item creation"
 
-### Create a Report-Generating Workflow
-**Load when**: The workflow being created or updated produces reports — recurring status updates, audit summaries, analyses, or any structured output posted as a GitHub issue, discussion, or comment
+### Debug Failing Pipeline
 
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/report.md
+**Load when**: User needs to troubleshoot a failing pipeline
 
-**Use cases**:
-- "Create a weekly CI health report"
-- "Post a daily security audit to Discussions"
-- "Add a status update comment to open PRs"
-
-### Create Shared Agentic Workflow
-**Load when**: User wants to create a reusable workflow component or wrap an MCP server
-
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/create-shared-agentic-workflow.md
-
-**Use cases**:
-- "Create a shared component for Notion integration"
-- "Wrap the Slack MCP server as a reusable component"
-- "Design a shared workflow for database queries"
-
-### Fix Dependabot PRs
-**Load when**: User needs to close or fix open Dependabot PRs that update dependencies in generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`)
-
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/dependabot.md
-
-**Use cases**:
-- "Fix the open Dependabot PRs for npm dependencies"
-- "Bundle and close the Dependabot PRs for workflow dependencies"
-- "Update @playwright/test to fix the Dependabot PR"
-
-### Analyze Test Coverage
-**Load when**: The workflow reads, analyzes, or reports test coverage — whether triggered by a PR, a schedule, or a slash command. Always consult this prompt before designing the coverage data strategy.
-
-**Prompt file**: https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/test-coverage.md
+**Prompt file**: https://raw.githubusercontent.com/githubnext/ado-aw/main/prompts/debug-ado-agentic-workflow.md
 
 **Use cases**:
-- "Create a workflow that comments coverage on PRs"
-- "Analyze coverage trends over time"
-- "Add a coverage gate that blocks PRs below a threshold"
+- "Why is my agentic pipeline failing?"
+- "The agent can't reach the MCP server"
+- "Safe outputs aren't being processed"
 
 ## Instructions
 
 When a user interacts with you:
 
 1. **Identify the task type** from the user's request
-2. **Load the appropriate prompt** from the GitHub repository URLs listed above
+2. **Load the appropriate prompt** from the URLs listed above
 3. **Follow the loaded prompt's instructions** exactly
 4. **If uncertain**, ask clarifying questions to determine the right prompt
 
 ## Quick Reference
 
 ```bash
-# Initialize repository for agentic workflows
-gh aw init
+# Initialize a repo for AI-first pipeline authoring
+ado-aw init
+
+# Compile an agent file to pipeline YAML (output alongside the source)
+ado-aw compile my-agent.md
 
-# Generate the lock file for a workflow
-gh aw compile [workflow-name]
+# Compile with a custom output path
+ado-aw compile my-agent.md -o path/to/my-agent.yml
 
-# Debug workflow runs
-gh aw logs [workflow-name]
-gh aw audit <run-id>
+# Recompile all detected pipelines
+ado-aw compile
 
-# Upgrade workflows
-gh aw fix --write
-gh aw compile --validate
+# Verify pipeline matches source
+ado-aw check my-agent.yml
 ```
 
-## Key Features of gh-aw
+## Key Features of ado-aw
 
-- **Natural Language Workflows**: Write workflows in markdown with YAML frontmatter
-- **AI Engine Support**: Copilot, Claude, Codex, or custom engines
-- **MCP Server Integration**: Connect to Model Context Protocol servers for tools
-- **Safe Outputs**: Structured communication between AI and GitHub API
-- **Strict Mode**: Security-first validation and sandboxing
-- **Shared Components**: Reusable workflow building blocks
-- **Repo Memory**: Persistent git-backed storage for agents
-- **Sandboxed Execution**: All workflows run in the Agent Workflow Firewall (AWF) sandbox, enabling full `bash` and `edit` tools by default
+- **Natural Language Pipelines**: Write pipelines in markdown with YAML frontmatter
+- **3-Stage Pipeline**: Agent → Threat Analysis → Safe Output Execution
+- **Network Isolation**: AWF (Agentic Workflow Firewall) provides L7 domain whitelisting
+- **MCP Gateway**: Tool routing via MCPG for SafeOutputs and custom MCP servers
+- **Safe Outputs**: Controlled write operations (create PRs, work items, wiki pages, etc.)
+- **Persistent Agent Memory**: Cache memory across pipeline runs via artifacts
 
 ## Important Notes
 
-- Always reference the instructions file at https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/github-agentic-workflows.md for complete documentation
-- Use the MCP tool `agentic-workflows` when running in GitHub Copilot Cloud
-- Workflows must be compiled to `.lock.yml` files before running in GitHub Actions
-- **Bash tools are enabled by default** - Don't restrict bash commands unnecessarily since workflows are sandboxed by the AWF
-- Follow security best practices: minimal permissions, explicit network access, no template injection
-- **Network configuration**: Use ecosystem identifiers (`node`, `python`, `go`, etc.) or explicit FQDNs in `network.allowed`. Bare shorthands like `npm` or `pypi` are **not** valid. See https://github.com/github/gh-aw/blob/v0.68.1/.github/aw/network.md for the full list of valid ecosystem identifiers and domain patterns.
-- **Single-file output**: When creating a workflow, produce exactly **one** workflow `.md` file. Do not create separate documentation files (architecture docs, runbooks, usage guides, etc.). If documentation is needed, add a brief `## Usage` section inside the workflow file itself.
+- Agent files must be compiled with `ado-aw compile` after frontmatter changes
+- Markdown body changes don't require recompilation
+- Follow security best practices: minimal permissions, explicit `network.allow`, scoped service connections
+- Reference full docs at the [AGENTS.md](../../AGENTS.md) in this repo
@@ -27,7 +27,7 @@ Alongside the correctly generated pipeline yaml, an agent file is generated from
 │   │   ├── standalone.rs # Standalone pipeline compiler
 │   │   ├── onees.rs      # 1ES Pipeline Template compiler
 │   │   └── types.rs      # Front matter grammar and types
-│   ├── create.rs         # Interactive agent creation wizard
+│   ├── init.rs           # Repository initialization for AI-first authoring
 │   ├── execute.rs        # Stage 2 safe output execution
 │   ├── fuzzy_schedule.rs # Fuzzy schedule parsing
 │   ├── logging.rs        # File-based logging infrastructure
@@ -907,10 +907,11 @@ Reserved for future use. Currently replaced with an empty string.
 
 Global flags (apply to all subcommands): `--verbose, -v` (enable info-level logging), `--debug, -d` (enable debug-level logging, implies verbose)
 
-- `create` - Interactively create a new agent markdown file
-  - `--output, -o <path>` - Output directory for the generated file (defaults to current directory)
-  - Guides you through: name, description, engine selection, schedule, workspace, repositories, checkout, and MCPs
-  - The generated file includes a placeholder for agent instructions that you edit directly
+- `init` - Initialize a repository for AI-first agentic pipeline authoring
+  - `--path <path>` - Target directory (defaults to current directory)
+  - `--force` - Overwrite existing agent file
+  - Creates `.github/agents/ado-aw.agent.md` — a Copilot dispatcher agent that routes to specialized prompts for creating, updating, and debugging agentic pipelines
+  - The agent auto-downloads the ado-aw compiler and handles the full lifecycle (create → compile → check)
 - `compile [<path>]` - Compile a markdown file to Azure DevOps pipeline YAML. If no path is given, auto-discovers and recompiles all detected agentic pipelines in the current directory.
   - `--output, -o <path>` - Optional output path for generated YAML (only valid when a path is provided)
 - `check <pipeline>` - Verify that a compiled pipeline matches its source markdown
 
@@ -25,8 +25,7 @@ tokio = { version = "1.43", features = ["full"] }
 log = "0.4"
 env_logger = "0.11"
 regex-lite = "0.1"
-inquire = { version = "0.9.2", features = ["editor"] }
-terminal_size = "0.4.3"
+inquire = "0.9.2"  # Used by configure command (Password prompts)
 url = "2.5.8"
 axum = { version = "0.8.8", features = ["tokio"] }
 subtle = "2.6.1"