feat(index): auto-ship + protect the mandatory escurel meta-skill#116
Merged
Conversation
Every tenant must ship the `escurel` meta-skill — the agent's in-corpus
documentation of the tool surface and navigation model (locked decision
3, docs/contract/agent-interface.md). The audit found it was never
seeded and was unprotected.
- Embed the canonical meta-skill markdown (meta_skill.md) + protection
rules (meta_skill.rs).
- `Indexer::ensure_meta_skill()` idempotently writes + indexes it; wired
at indexer open (binary boot via config.rs and the test harness) so
every served tenant exposes it. No-op when the tenant already carries
an `escurel` skill (operators may ship their own extended version).
- Protect it on write: `update_page` on the meta-skill page rejects a
rewrite that drops the skill identity or removes an established
section (operators append, never remove). MCP + gRPC return the
`{ok:false, issues:[meta_skill_protected]}` contract shape.
Test plan:
- crates/escurel-index/src/meta_skill.rs unit tests (section retention,
identity, first-write establishment).
- crates/escurel-server/tests/meta_skill.rs: fresh tenant ships it;
removing a section is rejected; appending guidance is accepted.
- Updated existing skill-count assertions across the suite for the +1.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes audit finding #1 (spec→impl): the mandatory
escurelmeta-skill — the agent's in-corpus documentation of the tool surface,
discovery policy and navigation model (locked decision 3,
docs/contract/agent-interface.md) — was never seeded into tenants andwas unprotected from removal.
meta_skill.md) and theprotection rules (
meta_skill.rs).Indexer::ensure_meta_skill()— idempotent, wiredat indexer open (binary boot through
config.rsand the testharness) so every served tenant exposes it. No-op when the tenant
already carries an
escurelskill, so operators may ship their ownextended version (e.g. the crm-demo's CRM-specific one).
update_pageon the meta-skill page rejects arewrite that drops the skill identity (
id: escurel,type: skill)or removes a section the established meta-skill already carries —
operators append, never remove. MCP and gRPC return the contract
{ok:false, issues:[{code:"meta_skill_protected"}]}shape rather thana transport error.
Design note: the guard's protected baseline is whatever sections the
established meta-skill has (empty on first write), not a hardcoded
canonical list — so a tenant that legitimately ships a customized
meta-skill (the crm-demo) keeps its own sections protected.
createon the admin
TenantStorestays "empty at create time"; the meta-skillis guaranteed at first serve, which keeps tenant export/import
deterministic.
Test plan
crates/escurel-index/src/meta_skill.rsunit tests — sectionretention, identity, first-write establishment, append accepted.
crates/escurel-server/tests/meta_skill.rs(new, no-mock) — a freshtenant ships the meta-skill and its body is expandable; removing a
standard section is rejected with a
meta_skill_protectedissue;appending tenant guidance is accepted.
for the +1 (
grpc_read_tools,mcp,client_roundtrip,grpc_admin_streamingrebuild,facade).cargo fmt --check,cargo clippy --workspace --all-targets -D warnings,cargo test --workspace --all-targets,cargo build --workspace --release.🤖 Generated with Claude Code