1010authored source fans out to every coding harness (Cursor, Claude Code,
1111Codex, OpenCode) and stays legible across model tiers (frontier models down
1212to 7B local models). The repo now covers the full loop: build portable
13- harness files, route models, replay evals, parse production traces, audit
14- runtime policy, validate artifact contracts, and persist local workflow
15- truth. The only narrower surface is ` iso-trace model-score ` , which still
13+ harness files, route models, replay evals, parse production traces, scope
14+ role capabilities, audit runtime policy, validate artifact contracts, and
15+ persist local workflow truth. The only narrower surface is ` iso-trace model-score ` , which still
1616depends on transcripts exposing stable model metadata.
1717
1818Today, agent workflow reliability is fragmented on three axes:
@@ -27,11 +27,11 @@ Today, agent workflow reliability is fragmented on three axes:
2727 unstructured rationale all drop silently at 7B. You don't find out
2828 until the agent misbehaves in production.
29293 . ** Runtime fragmentation.** Workflows rely on fragile prompt prose for
30- fan-out limits, output shape, duplicate checks, and "what already
31- happened." Those invariants belong in deterministic local packages,
30+ fan-out limits, role permissions, output shape, duplicate checks, and
31+ "what already happened." Those invariants belong in deterministic local packages,
3232 not in repeatedly re-tokenized instructions.
3333
34- Eleven packages solve that in one pipeline with runtime control and a
34+ Twelve packages solve that in one pipeline with runtime control and a
3535feedback loop:
3636
3737- ** Four build-time tools** turn your authored source into every harness's file layout:
@@ -41,9 +41,11 @@ feedback loop:
4141 [ ` @razroo/iso-route ` ] ( ./packages/iso-route ) compiles * one model policy* into each harness's config.
4242- ** One wrapper** runs the whole build chain:
4343 [ ` @razroo/iso ` ] ( ./packages/iso ) chains the above into a single ` iso build ` .
44- - ** Three runtime-control libraries** handle durable execution, artifact shape, and operational truth:
44+ - ** Four runtime-control libraries** handle durable execution, role capabilities , artifact shape, and operational truth:
4545 [ ` @razroo/iso-orchestrator ` ] ( ./packages/iso-orchestrator ) provides resumable
4646 steps, keyed mutexes, and bounded fan-out for side-effectful agent workflows,
47+ [ ` @razroo/iso-capabilities ` ] ( ./packages/iso-capabilities ) resolves,
48+ checks, and renders role-level tool/MCP/command/filesystem/network policy,
4749 [ ` @razroo/iso-contract ` ] ( ./packages/iso-contract ) validates, parses, and
4850 renders structured workflow artifacts, and [ ` @razroo/iso-ledger ` ] ( ./packages/iso-ledger )
4951 records append-only domain events with idempotency keys, queries,
@@ -62,6 +64,7 @@ feedback loop:
6264 └────────────────────┘ └───────────────────┘ └─────────────────┘ │ .opencode/agents/* │ which rules ever fired,
6365 │ settings.json │ regression-fixture mining
6466 │ │ iso-guard ─▶ policy pass / fail
67+ │ │ iso-capabilities ─▶ role permission policy
6568 ┌────────────────────┐ │ .codex/config.toml │
6669 │ models.yaml │ ───────────────────── iso-route build ─────────────────────────────────────▶│ opencode.json │
6770 │ (roles + fallback) │ │ .mcp.json │
@@ -108,6 +111,8 @@ the repo now supports a tighter loop:
108111
109112- ` isolint ` rewrites authored prose into smaller-model-safe instructions.
110113- ` iso-route ` lets you pin cheaper or local roles without forking prompts.
114+ - ` iso-capabilities check/render ` keeps role permission matrices local
115+ instead of repeating tool/MCP/filesystem boundaries in prompts.
111116- ` iso-trace model-score ` catches tool-schema failures that weaker routes
112117 tend to surface first on Claude Code, Codex, and OpenCode.
113118- ` iso-trace export-fixture --runner <name> ` turns a real failure into an
@@ -127,6 +132,10 @@ of the prompt:
127132
128133- ` iso-orchestrator ` persists resumable ` step() ` results, mutexes work by
129134 entity key, and bounds fan-out for side-effectful workflows.
135+ - ` iso-capabilities ` makes role boundaries executable: resolve inherited
136+ tool/MCP/command/filesystem/network policy, check proposed actions, and
137+ render compact harness guidance without asking a model to remember a
138+ permission matrix.
130139- ` iso-contract ` makes artifact shape executable: validate records, parse
131140 existing TSV/markdown/JSON, and render canonical output without asking a
132141 model to remember delimiters.
@@ -213,6 +222,12 @@ of the prompt:
213222 and markdown table rows so domain packages can keep artifact formats
214223 out of prompt prose.
215224
225+ - ** [ ` packages/iso-capabilities ` ] ( ./packages/iso-capabilities ) ** — [ ` @razroo/iso-capabilities ` ] ( https://www.npmjs.com/package/@razroo/iso-capabilities )
226+ Deterministic role capability policies for agent workflows. Loads JSON
227+ role catalogs, resolves inheritance, checks proposed tool/MCP/command/
228+ filesystem/network access, and renders compact target guidance so
229+ domain packages can keep permission matrices out of prompt prose.
230+
216231- ** [ ` packages/iso-orchestrator ` ] ( ./packages/iso-orchestrator ) ** — [ ` @razroo/iso-orchestrator ` ] ( https://www.npmjs.com/package/@razroo/iso-orchestrator )
217232 Durable orchestration primitives for the runtime layer above a single
218233 agent session. Persists workflow state to local disk, memoizes
@@ -346,6 +361,15 @@ iso-contract render jobforge.tracker-row --contracts contracts.json --input @row
346361iso-contract parse jobforge.tracker-row --contracts contracts.json --format tsv --input " 812 2026-04-26 Example Labs Staff Agent Engineer Applied 4.2/5 yes [812](reports/812-example-labs-2026-04-26.md) Submitted"
347362```
348363
364+ ### ` @razroo/iso-capabilities ` — what may this role do?
365+
366+ ``` bash
367+ iso-capabilities list --policy capabilities.json
368+ iso-capabilities explain applicant --policy capabilities.json
369+ iso-capabilities check applicant --policy capabilities.json --tool browser --mcp geometra --command " npx job-forge merge" --filesystem write --network restricted
370+ iso-capabilities render applicant --policy capabilities.json --target opencode
371+ ```
372+
349373## Layout
350374
351375```
363387 ├── iso-trace/ # parse + query real agent transcripts (observability)
364388 ├── iso-guard/ # deterministic runtime policy checks over events
365389 ├── iso-ledger/ # append-only operational event/state ledger
366- └── iso-contract/ # deterministic artifact contracts
390+ ├── iso-contract/ # deterministic artifact contracts
391+ └── iso-capabilities/ # deterministic role capability policy
367392```
368393
369394## Build & test
@@ -381,6 +406,7 @@ npm --workspace @razroo/iso-trace run example # iso-trace stats on the bundled
381406npm --workspace @razroo/iso-guard run test # iso-guard policy engine tests
382407npm --workspace @razroo/iso-ledger run test # iso-ledger event/state tests
383408npm --workspace @razroo/iso-contract run test # iso-contract artifact contract tests
409+ npm --workspace @razroo/iso-capabilities run test # iso-capabilities policy tests
384410
385411# Target a single package
386412npm run build --workspace @razroo/isolint
@@ -416,7 +442,7 @@ build, and `npm publish --provenance`.
416442## End-to-end example
417443
418444[ ` examples/pipeline/ ` ] ( ./examples/pipeline ) is an executable demonstration
419- that exercises ** seven of the eleven packages end-to-end** in one `npm run
445+ that exercises ** seven of the twelve packages end-to-end** in one `npm run
420446test: pipeline ` invocation: ` agentmd lint` + ` render` → ` isolint lint` →
421447` iso-route build ` (from a bundled ` models.yaml ` that extends the
422448` standard ` preset) → ` iso-harness build ` (which consumes iso-route's
@@ -435,7 +461,7 @@ downstream repo would use.
435461
436462` npm run test:pack ` goes one level further: it packs the local workspaces into
437463tarballs, installs them into fresh temp projects, and smoke-tests the packaged
438- ` iso-harness ` , ` iso ` , ` iso-eval ` , ` iso-trace ` , ` iso-route ` , ` iso-guard ` , ` iso-ledger ` , and ` iso-contract `
464+ ` iso-harness ` , ` iso ` , ` iso-eval ` , ` iso-trace ` , ` iso-route ` , ` iso-guard ` , ` iso-ledger ` , ` iso-contract ` , and ` iso-capabilities `
439465CLIs. This guards against packaging regressions that workspace-only tests can
440466miss.
441467
0 commit comments