Skip to content

Commit 435fa1a

Browse files
committed
Add iso-capabilities
1 parent 5dd1da6 commit 435fa1a

22 files changed

Lines changed: 1564 additions & 13 deletions

.github/workflows/ci.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,9 @@ jobs:
5959
- workspace: "@razroo/iso-contract"
6060
node: "20.6.0"
6161
extra: ""
62+
- workspace: "@razroo/iso-capabilities"
63+
node: "20.6.0"
64+
extra: ""
6265
- workspace: "@razroo/iso-trace"
6366
node: "20.6.0"
6467
extra: ""
@@ -179,6 +182,12 @@ jobs:
179182
node packages/iso-contract/dist/cli.js validate jobforge.tracker-row --contracts packages/iso-contract/examples/jobforge-contracts.json --input @packages/iso-contract/examples/tracker-row.json
180183
node packages/iso-contract/dist/cli.js render jobforge.tracker-row --contracts packages/iso-contract/examples/jobforge-contracts.json --input @packages/iso-contract/examples/tracker-row.json --format tsv
181184
185+
- name: iso-capabilities example check/render
186+
run: |
187+
node packages/iso-capabilities/dist/cli.js list --policy packages/iso-capabilities/examples/jobforge-capabilities.json
188+
node packages/iso-capabilities/dist/cli.js check applicant --policy packages/iso-capabilities/examples/jobforge-capabilities.json --tool browser --mcp geometra --command "npx job-forge merge" --filesystem write --network restricted
189+
node packages/iso-capabilities/dist/cli.js render applicant --policy packages/iso-capabilities/examples/jobforge-capabilities.json --target opencode
190+
182191
- name: iso-route example build (dry-run + verify)
183192
run: node packages/iso-route/dist/cli.js build packages/iso-route/examples/models.yaml --out /tmp/iso-route-smoke --dry-run --verify-models
184193

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
name: iso-capabilities Release to npm
2+
3+
on:
4+
release:
5+
types: [published]
6+
7+
defaults:
8+
run:
9+
working-directory: packages/iso-capabilities
10+
11+
jobs:
12+
publish:
13+
if: startsWith(github.ref_name, 'iso-capabilities-v')
14+
runs-on: ubuntu-latest
15+
permissions:
16+
contents: read
17+
checks: read
18+
id-token: write
19+
steps:
20+
- uses: actions/checkout@v6
21+
22+
- uses: actions/setup-node@v6
23+
with:
24+
node-version: '22'
25+
registry-url: 'https://registry.npmjs.org'
26+
cache: 'npm'
27+
28+
- name: Set version from release tag
29+
run: |
30+
VERSION="${GITHUB_REF_NAME#iso-capabilities-v}"
31+
echo "VERSION=$VERSION" >> $GITHUB_ENV
32+
33+
- name: Verify required CI passed for release commit
34+
uses: ./.github/actions/verify-release-gate
35+
env:
36+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37+
38+
- name: Verify package.json version matches release tag
39+
run: npm run release:check-source -- "$VERSION"
40+
41+
- name: Install (workspace root)
42+
run: npm ci
43+
working-directory: .
44+
45+
- name: Publish to npm (with provenance)
46+
run: npm publish --provenance --access public
47+
env:
48+
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

CLAUDE.md

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# iso — monorepo
22

3-
Workspaces monorepo (npm) housing eleven Razroo tools that together make
3+
Workspaces monorepo (npm) housing twelve Razroo tools that together make
44
AI-agent harnesses *isomorphic* — the same authored source producing the
55
same behavior across every coding harness (Cursor, Claude Code, Codex,
66
OpenCode) and every model tier (frontier → 7B local).
@@ -61,6 +61,11 @@ cross-package compositions and the decouplings that are deliberate.
6161
artifact contracts for agent workflows: validate, parse, and render
6262
JSON/TSV/markdown records without model calls. TypeScript, `tsc`
6363
`dist/`. Tests via `node --test --import tsx tests/*.test.ts`.
64+
- `packages/iso-capabilities``@razroo/iso-capabilities`.
65+
Deterministic role capability policies for agent workflows: resolve,
66+
check, and render tool/MCP/command/filesystem/network permissions
67+
without model calls. TypeScript, `tsc``dist/`. Tests via
68+
`node --test --import tsx tests/*.test.ts`.
6469

6570
## Conventions
6671

INTEGRATIONS.md

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Integrations
22

3-
This repo ships eleven packages that **work on their own** but are **designed
3+
This repo ships twelve packages that **work on their own** but are **designed
44
to compose**. The planned cross-package compositions listed here are already
55
shipped, so this file now serves as:
66

@@ -139,6 +139,18 @@ asking the model to remember exact column order.
139139

140140
---
141141

142+
## 9. `iso-capabilities` ← deterministic role capability policy for domain packages — **DONE**
143+
144+
Introduced as a standalone package. `iso-capabilities` does not import
145+
JobForge, `iso-harness`, or any other domain package; it provides the
146+
on-disk JSON role catalog format and checker that domain packages can
147+
share. JobForge-style examples cover orchestrator, applicant, and
148+
verifier roles, but the package remains generic: resolve inheritance,
149+
check tool/MCP/command/filesystem/network requests, and render compact
150+
target guidance without asking the model to remember a permission matrix.
151+
152+
---
153+
142154
## Design questions that are *not* open integrations
143155

144156
The following look like integrations but are deliberately decoupled —
@@ -170,3 +182,8 @@ don't "fix" them without a conversation first.
170182
wants in-loop preflight, it should call the CLI and feed only the
171183
concise result back to the agent, not load the whole policy into the
172184
prompt prefix.
185+
- **`iso-capabilities` does not mutate harness permissions directly.**
186+
It emits an executable policy/checker plus compact target guidance.
187+
Native enforcement should stay additive and harness-specific; where a
188+
harness cannot enforce a field, pair the policy with `iso-trace` /
189+
`iso-guard` audits instead of implying a stronger guarantee.

README.md

Lines changed: 36 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,9 @@
1010
authored source fans out to every coding harness (Cursor, Claude Code,
1111
Codex, OpenCode) and stays legible across model tiers (frontier models down
1212
to 7B local models). The repo now covers the full loop: build portable
13-
harness files, route models, replay evals, parse production traces, audit
14-
runtime policy, validate artifact contracts, and persist local workflow
15-
truth. The only narrower surface is `iso-trace model-score`, which still
13+
harness files, route models, replay evals, parse production traces, scope
14+
role capabilities, audit runtime policy, validate artifact contracts, and
15+
persist local workflow truth. The only narrower surface is `iso-trace model-score`, which still
1616
depends on transcripts exposing stable model metadata.
1717

1818
Today, agent workflow reliability is fragmented on three axes:
@@ -27,11 +27,11 @@ Today, agent workflow reliability is fragmented on three axes:
2727
unstructured rationale all drop silently at 7B. You don't find out
2828
until the agent misbehaves in production.
2929
3. **Runtime fragmentation.** Workflows rely on fragile prompt prose for
30-
fan-out limits, output shape, duplicate checks, and "what already
31-
happened." Those invariants belong in deterministic local packages,
30+
fan-out limits, role permissions, output shape, duplicate checks, and
31+
"what already happened." Those invariants belong in deterministic local packages,
3232
not in repeatedly re-tokenized instructions.
3333

34-
Eleven packages solve that in one pipeline with runtime control and a
34+
Twelve packages solve that in one pipeline with runtime control and a
3535
feedback loop:
3636

3737
- **Four build-time tools** turn your authored source into every harness's file layout:
@@ -41,9 +41,11 @@ feedback loop:
4141
[`@razroo/iso-route`](./packages/iso-route) compiles *one model policy* into each harness's config.
4242
- **One wrapper** runs the whole build chain:
4343
[`@razroo/iso`](./packages/iso) chains the above into a single `iso build`.
44-
- **Three runtime-control libraries** handle durable execution, artifact shape, and operational truth:
44+
- **Four runtime-control libraries** handle durable execution, role capabilities, artifact shape, and operational truth:
4545
[`@razroo/iso-orchestrator`](./packages/iso-orchestrator) provides resumable
4646
steps, keyed mutexes, and bounded fan-out for side-effectful agent workflows,
47+
[`@razroo/iso-capabilities`](./packages/iso-capabilities) resolves,
48+
checks, and renders role-level tool/MCP/command/filesystem/network policy,
4749
[`@razroo/iso-contract`](./packages/iso-contract) validates, parses, and
4850
renders structured workflow artifacts, and [`@razroo/iso-ledger`](./packages/iso-ledger)
4951
records append-only domain events with idempotency keys, queries,
@@ -62,6 +64,7 @@ feedback loop:
6264
└────────────────────┘ └───────────────────┘ └─────────────────┘ │ .opencode/agents/* │ which rules ever fired,
6365
│ settings.json │ regression-fixture mining
6466
│ │ iso-guard ─▶ policy pass / fail
67+
│ │ iso-capabilities ─▶ role permission policy
6568
┌────────────────────┐ │ .codex/config.toml │
6669
│ models.yaml │ ───────────────────── iso-route build ─────────────────────────────────────▶│ opencode.json │
6770
│ (roles + fallback) │ │ .mcp.json │
@@ -108,6 +111,8 @@ the repo now supports a tighter loop:
108111

109112
- `isolint` rewrites authored prose into smaller-model-safe instructions.
110113
- `iso-route` lets you pin cheaper or local roles without forking prompts.
114+
- `iso-capabilities check/render` keeps role permission matrices local
115+
instead of repeating tool/MCP/filesystem boundaries in prompts.
111116
- `iso-trace model-score` catches tool-schema failures that weaker routes
112117
tend to surface first on Claude Code, Codex, and OpenCode.
113118
- `iso-trace export-fixture --runner <name>` turns a real failure into an
@@ -127,6 +132,10 @@ of the prompt:
127132

128133
- `iso-orchestrator` persists resumable `step()` results, mutexes work by
129134
entity key, and bounds fan-out for side-effectful workflows.
135+
- `iso-capabilities` makes role boundaries executable: resolve inherited
136+
tool/MCP/command/filesystem/network policy, check proposed actions, and
137+
render compact harness guidance without asking a model to remember a
138+
permission matrix.
130139
- `iso-contract` makes artifact shape executable: validate records, parse
131140
existing TSV/markdown/JSON, and render canonical output without asking a
132141
model to remember delimiters.
@@ -213,6 +222,12 @@ of the prompt:
213222
and markdown table rows so domain packages can keep artifact formats
214223
out of prompt prose.
215224

225+
- **[`packages/iso-capabilities`](./packages/iso-capabilities)**[`@razroo/iso-capabilities`](https://www.npmjs.com/package/@razroo/iso-capabilities)
226+
Deterministic role capability policies for agent workflows. Loads JSON
227+
role catalogs, resolves inheritance, checks proposed tool/MCP/command/
228+
filesystem/network access, and renders compact target guidance so
229+
domain packages can keep permission matrices out of prompt prose.
230+
216231
- **[`packages/iso-orchestrator`](./packages/iso-orchestrator)**[`@razroo/iso-orchestrator`](https://www.npmjs.com/package/@razroo/iso-orchestrator)
217232
Durable orchestration primitives for the runtime layer above a single
218233
agent session. Persists workflow state to local disk, memoizes
@@ -346,6 +361,15 @@ iso-contract render jobforge.tracker-row --contracts contracts.json --input @row
346361
iso-contract parse jobforge.tracker-row --contracts contracts.json --format tsv --input "812 2026-04-26 Example Labs Staff Agent Engineer Applied 4.2/5 yes [812](reports/812-example-labs-2026-04-26.md) Submitted"
347362
```
348363

364+
### `@razroo/iso-capabilities` — what may this role do?
365+
366+
```bash
367+
iso-capabilities list --policy capabilities.json
368+
iso-capabilities explain applicant --policy capabilities.json
369+
iso-capabilities check applicant --policy capabilities.json --tool browser --mcp geometra --command "npx job-forge merge" --filesystem write --network restricted
370+
iso-capabilities render applicant --policy capabilities.json --target opencode
371+
```
372+
349373
## Layout
350374

351375
```
@@ -363,7 +387,8 @@ iso/
363387
├── iso-trace/ # parse + query real agent transcripts (observability)
364388
├── iso-guard/ # deterministic runtime policy checks over events
365389
├── iso-ledger/ # append-only operational event/state ledger
366-
└── iso-contract/ # deterministic artifact contracts
390+
├── iso-contract/ # deterministic artifact contracts
391+
└── iso-capabilities/ # deterministic role capability policy
367392
```
368393

369394
## Build & test
@@ -381,6 +406,7 @@ npm --workspace @razroo/iso-trace run example # iso-trace stats on the bundled
381406
npm --workspace @razroo/iso-guard run test # iso-guard policy engine tests
382407
npm --workspace @razroo/iso-ledger run test # iso-ledger event/state tests
383408
npm --workspace @razroo/iso-contract run test # iso-contract artifact contract tests
409+
npm --workspace @razroo/iso-capabilities run test # iso-capabilities policy tests
384410

385411
# Target a single package
386412
npm run build --workspace @razroo/isolint
@@ -416,7 +442,7 @@ build, and `npm publish --provenance`.
416442
## End-to-end example
417443

418444
[`examples/pipeline/`](./examples/pipeline) is an executable demonstration
419-
that exercises **seven of the eleven packages end-to-end** in one `npm run
445+
that exercises **seven of the twelve packages end-to-end** in one `npm run
420446
test:pipeline` invocation: `agentmd lint` + `render``isolint lint` →
421447
`iso-route build` (from a bundled `models.yaml` that extends the
422448
`standard` preset) → `iso-harness build` (which consumes iso-route's
@@ -435,7 +461,7 @@ downstream repo would use.
435461

436462
`npm run test:pack` goes one level further: it packs the local workspaces into
437463
tarballs, installs them into fresh temp projects, and smoke-tests the packaged
438-
`iso-harness`, `iso`, `iso-eval`, `iso-trace`, `iso-route`, `iso-guard`, `iso-ledger`, and `iso-contract`
464+
`iso-harness`, `iso`, `iso-eval`, `iso-trace`, `iso-route`, `iso-guard`, `iso-ledger`, `iso-contract`, and `iso-capabilities`
439465
CLIs. This guards against packaging regressions that workspace-only tests can
440466
miss.
441467

package-lock.json

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
# @razroo/iso-capabilities
2+
3+
## 0.1.0
4+
5+
### Minor Changes
6+
7+
- Add iso-capabilities for deterministic role capability policies, checks, and target render output.
8+
9+
## 0.0.0
10+
11+
- Initial unreleased scaffold.

packages/iso-capabilities/LICENSE

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
MIT License
2+
3+
Copyright (c) Razroo
4+
5+
Permission is hereby granted, free of charge, to any person obtaining a copy
6+
of this software and associated documentation files (the "Software"), to deal
7+
in the Software without restriction, including without limitation the rights
8+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9+
copies of the Software, and to permit persons to whom the Software is
10+
furnished to do so, subject to the following conditions:
11+
12+
The above copyright notice and this permission notice shall be included in all
13+
copies or substantial portions of the Software.
14+
15+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21+
SOFTWARE.

0 commit comments

Comments
 (0)