# ============================================ # IDENTIDAD — agent LLM user-scope (mode=user) # ============================================ # Generado por dev-scripts/agent/provision-agent-user.sh # Issue 0144 §6.1. NO editar a mano sin razon — re-provisionar reescribe. agent: id: {{AGENT_ID}} name: "{{DISPLAY_NAME}}" version: "0.1.0" enabled: true description: "Conversational LLM agent for {{HOST}} (user-scope). Tools allowed: user|both. Delegates sudo to agent-{{HOST}}-sudo." tags: [agent, llm, devicemesh, {{HOST}}, user] type: agent # ============================================ # PERSONALIDAD # ============================================ personality: tone: pragmatic verbosity: concise language: es languages_supported: [es, en] emoji_style: minimal prefix: "🖥️" error_style: helpful templates: greeting: "Hola, soy {{DISPLAY_NAME}}. Operativo en {{HOST}} con scope user. ¿En qué te ayudo?" unknown_command: "Comando no reconocido. Escríbeme directamente lo que necesitas." permission_denied: "No tengo permiso para esa acción en scope user. Considera delegar a sudo." error: "Algo salió mal: {{.Error}}" success: "{{.Summary}}" busy: "Procesando, dame un momento..." behavior: proactive: false ask_confirmation: false show_reasoning: false thread_replies: true typing_indicator: true acknowledge_receipt: false # ============================================ # LLM — claude-code subprocess (sonnet) # ============================================ llm: primary: provider: claude-code model: "" api_key_env: "" base_url: "" max_tokens: 4096 temperature: 0.4 claude_code: binary: "claude" timeout: 5m disable_tools: true allowed_tools: [] disallowed_tools: [] working_dir: "/tmp/claude-agents/{{AGENT_ID}}" permission_mode: "bypassPermissions" model: "sonnet" fallback_model: "" session_id: "" add_dirs: [] fallback: provider: "" model: "" api_key_env: "" base_url: "" max_tokens: 0 temperature: 0 reasoning: system_prompt_file: "prompts/system.md" context_window: 32768 memory_messages: 50 tool_use: enabled: true max_iterations: 12 parallel_calls: false rate_limit: requests_per_minute: 60 tokens_per_minute: 200000 concurrent_requests: 5 # ============================================ # DEVICE MESH — tools que el LLM puede invocar # ============================================ # Cada tool name mapea a una capability del device_agent remoto via mesh WG. # Issue 0144 §2.1. Subset user|both. NO incluye scope=sudo. device_mesh: enabled: true device_id: {{HOST}} mode: user manifest_id: manifest_{{HOST}}_v1 device_agent_url_env: {{AGENT_ID_UPPER}}_DEVICE_MESH_URL client_timeout_s: 60 tools_allowed: - exec - fs.read - fs.write - fs.list - fs.stat - git.clone - git.commit - git.push - git.status - pkg.search - proc.list - proc.kill - docker.list - docker.exec - docker.logs - project.create - project.list - screenshot - clipboard.read - clipboard.write - delegate_sudo - current_time - memory.recall - memory.note rate_limit: tools_per_minute: 60 tools_per_turn: 12 # ============================================ # TOOLS — built-in (current_time, memory, knowledge) # ============================================ tools: ssh: enabled: false allowed_targets: [] forbidden_commands: [] timeout: 0s max_concurrent: 0 require_confirmation: [] http: enabled: false allowed_domains: [] timeout: 0s max_retries: 0 scripts: enabled: false scripts_dir: "" allowed: [] timeout: 0s sandbox: false file_ops: enabled: false allowed_paths: [] read_only: true mcp: enabled: false servers: [] expose: port: 0 tools: [] memory: enabled: true knowledge: enabled: false # ============================================ # MEMORIA — rolling window + facts (issue 0144d) # ============================================ memory: enabled: true window_size: 50 db_path: "./agents/{{AGENT_ID}}/data/memory.db" # ============================================ # MATRIX # ============================================ matrix: homeserver: "{{MATRIX_HOMESERVER}}" user_id: "@{{AGENT_ID}}:{{MATRIX_SERVER_NAME}}" access_token_env: MATRIX_TOKEN_{{AGENT_ID_UPPER}} device_id: "{{MATRIX_DEVICE_ID}}" encryption: enabled: true store_path: "./agents/{{AGENT_ID}}/data/crypto/" pickle_key_env: PICKLE_KEY_{{AGENT_ID_UPPER}} trust_mode: tofu recovery_key_env: SSSS_RECOVERY_KEY_{{AGENT_ID_UPPER}} rooms: listen: [] respond: [] admin: [] filters: command_prefix: "!" mention_respond: true dm_respond: true ignore_bots: true ignore_users: [] unauthorized_response: silent min_power_level: 0 threads: enabled: true auto_thread: false # ============================================ # SSH — no aplica (tools sudo via mesh) # ============================================ ssh: defaults: user: "" port: 22 key_file_env: "" known_hosts: "" keepalive_interval: 0s timeout: 0s targets: {} # ============================================ # SEGURIDAD # ============================================ security: audit: enabled: true log_file: "./agents/{{AGENT_ID}}/data/audit.log" log_to_room: "" include: [tool_call, llm_request, command] secrets: provider: env sanitize: enabled: true mode: warn min_severity: medium disabled_patterns: [] tool_rate_limit: enabled: true max_calls_per_min: 60 cleanup_interval_s: 60 # ============================================ # SCHEDULING # ============================================ schedules: [] # ============================================ # STORAGE # ============================================ storage: base_path: "" # ============================================ # OPERATOR (humano dueño de este device) # ============================================ operator: matrix_id: "{{OPERATOR_MATRIX_ID}}" requires_approval: false