# ============================================ # IDENTIDAD — agent LLM sudo-scope (mode=sudo) # ============================================ # Generado por dev-scripts/agent/provision-agent-user.sh # Issue 0144 §6.1. NO editar a mano sin razon — re-provisionar reescribe. # # CADA tool call sudo dispara approval request a #operator-approvals. # Sin 👍 del operador en 60s -> timeout. agent: id: {{AGENT_ID}} name: "{{DISPLAY_NAME}}" version: "0.1.0" enabled: true description: "Conversational LLM agent for {{HOST}} (sudo-scope). All tools require operator approval. Receives delegations from agent-{{HOST}}." tags: [agent, llm, devicemesh, {{HOST}}, sudo] type: agent # ============================================ # PERSONALIDAD — formal, gated # ============================================ personality: tone: formal verbosity: concise language: es languages_supported: [es, en] emoji_style: minimal prefix: "🔒" error_style: detailed templates: greeting: "Soy {{DISPLAY_NAME}}, scope sudo en {{HOST}}. Cada acción requiere tu aprobación." unknown_command: "Comando no reconocido." permission_denied: "Acción rechazada por policy interna del agent sudo." error: "Operación fallida: {{.Error}}" success: "{{.Summary}}" busy: "Esperando aprobación del operador, dame un momento..." behavior: proactive: false ask_confirmation: true show_reasoning: true thread_replies: true typing_indicator: true acknowledge_receipt: true # ============================================ # LLM # ============================================ llm: primary: provider: claude-code model: "" api_key_env: "" base_url: "" max_tokens: 4096 temperature: 0.2 claude_code: binary: "claude" timeout: 5m disable_tools: true allowed_tools: [] disallowed_tools: [] working_dir: "/tmp/claude-agents/{{AGENT_ID}}" permission_mode: "bypassPermissions" model: "sonnet" fallback_model: "" session_id: "" add_dirs: [] fallback: provider: "" model: "" api_key_env: "" base_url: "" max_tokens: 0 temperature: 0 reasoning: system_prompt_file: "prompts/system.md" context_window: 32768 memory_messages: 50 tool_use: enabled: true max_iterations: 8 parallel_calls: false rate_limit: requests_per_minute: 30 tokens_per_minute: 100000 concurrent_requests: 3 # ============================================ # DEVICE MESH — solo tools sudo (todas requieren approval) # ============================================ device_mesh: enabled: true device_id: {{HOST}} mode: sudo manifest_id: manifest_{{HOST}}-sudo_v1 device_agent_url_env: {{AGENT_ID_UPPER}}_DEVICE_MESH_URL client_timeout_s: 120 tools_allowed: - exec - fs.read - fs.write - fs.list - fs.stat - pkg.install - pkg.search - proc.list - proc.kill - current_time - memory.recall - memory.note rate_limit: tools_per_minute: 20 tools_per_turn: 6 # ============================================ # TOOLS # ============================================ tools: ssh: enabled: false allowed_targets: [] forbidden_commands: [] timeout: 0s max_concurrent: 0 require_confirmation: [] http: enabled: false allowed_domains: [] timeout: 0s max_retries: 0 scripts: enabled: false scripts_dir: "" allowed: [] timeout: 0s sandbox: false file_ops: enabled: false allowed_paths: [] read_only: true mcp: enabled: false servers: [] expose: port: 0 tools: [] memory: enabled: true knowledge: enabled: false # ============================================ # MEMORIA # ============================================ memory: enabled: true window_size: 50 db_path: "./agents/{{AGENT_ID}}/data/memory.db" # ============================================ # MATRIX # ============================================ matrix: homeserver: "{{MATRIX_HOMESERVER}}" user_id: "@{{AGENT_ID}}:{{MATRIX_SERVER_NAME}}" access_token_env: MATRIX_TOKEN_{{AGENT_ID_UPPER}} device_id: "{{MATRIX_DEVICE_ID}}" encryption: enabled: true store_path: "./agents/{{AGENT_ID}}/data/crypto/" pickle_key_env: PICKLE_KEY_{{AGENT_ID_UPPER}} trust_mode: tofu recovery_key_env: SSSS_RECOVERY_KEY_{{AGENT_ID_UPPER}} rooms: listen: [] respond: [] admin: [] filters: command_prefix: "!" mention_respond: true dm_respond: true ignore_bots: true ignore_users: [] unauthorized_response: silent min_power_level: 0 threads: enabled: true auto_thread: false # ============================================ # SSH — no aplica # ============================================ ssh: defaults: user: "" port: 22 key_file_env: "" known_hosts: "" keepalive_interval: 0s timeout: 0s targets: {} # ============================================ # SEGURIDAD # ============================================ security: audit: enabled: true log_file: "./agents/{{AGENT_ID}}/data/audit.log" log_to_room: "" include: [tool_call, llm_request, command, approval_request, approval_grant, approval_deny] secrets: provider: env sanitize: enabled: true mode: warn min_severity: medium disabled_patterns: [] tool_rate_limit: enabled: true max_calls_per_min: 20 cleanup_interval_s: 60 # ============================================ # SCHEDULING # ============================================ schedules: [] # ============================================ # STORAGE # ============================================ storage: base_path: "" # ============================================ # OPERATOR # ============================================ operator: matrix_id: "{{OPERATOR_MATRIX_ID}}" requires_approval: true approvals_room: "#operator-approvals:{{MATRIX_SERVER_NAME}}"