Agent-oriented task metadata

Add optional metadata to task definitions so AI agents can reason about task safety and decide what they can run autonomously vs. what requires user approval.

## Proposed schema

```yaml
tasks:
  test:
    cmd: go test ./...
    agent:
      safe: true           # idempotent, no side effects
      reads: ["./..."]     # paths/globs read
      writes: []           # paths/globs written
      description: "Run unit tests"
  deploy:
    cmd: ./scripts/deploy.sh
    agent:
      safe: false          # has side effects — agent should prompt
      description: "Deploy to production"
```

## Behavior

- Agents (via MCP) check `agent.safe` before auto-executing
- Unsafe tasks require explicit user confirmation in agent clients that respect the hint
- Metadata mirrors Claude Code's permission model for consistency

## Requirements

- Add to JSON Schema (Issue #4)
- MCP server (Issue #1) surfaces the metadata in tool descriptions
- Backwards compatible — tasks without `agent` block default to requiring confirmation

## Acceptance criteria

- Schema updated
- MCP tool descriptions include safety metadata
- Documentation explains the safety model
- Example `raid.yaml` files demonstrate usage
- Tasks lacking an `agent:` block are surfaced to MCP clients as `safe: false` by default


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Agent-oriented task metadata #51

Proposed schema

Behavior

Requirements

Acceptance criteria

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Agent-oriented task metadata #51

Description

Proposed schema

Behavior

Requirements

Acceptance criteria

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions