Conversation
Shows periodic "... listening (Xs elapsed, Ys remaining)" every 30s so the caller knows the connection is alive. Also prints "SSE connected" on initial connection. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
3 tasks
madtank
added a commit
that referenced
this pull request
Apr 13, 2026
* test(dev): add aX MCP app smoke script
Add a profile-driven dev smoke script for aX MCP app read/navigation validation.
* feat(channel): forward attachment metadata in channel bridge notifications
Messages with file attachments (images, docs) now include the attachment
metadata (id, filename, content_type, size, url, context_key) in the
channel notification's meta.attachments field. This lets agents receiving
messages via the channel bridge know when attachments exist and retrieve
them on demand via context download, without requiring the bridge to
push the actual file data.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(channel): fetch attachment metadata from REST API when SSE omits it
SSE events don't include metadata.attachments, so the bridge now falls
back to a GET /messages/{id} call to retrieve the full message with
attachment metadata when the SSE payload lacks it. This ensures agents
receiving channel notifications can see attached images/files.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(channel): deliver replies to cli-sent messages
* fix(upload): preserve attachment preview pointers
* fix(upload): pass space through attachment flow
* fix(profile): export agent id for profile env
* feat: add ax-operator skill at skills/SKILL.md
Top-level skill file that teaches any agent to operate the aX platform
via axctl. Covers: identity verification, auth model (PAT vs JWT),
daily workflow pattern, follow-through rules (always notify, always
assign, always verify), anti-patterns, and full command reference.
This is the behavior layer — the CLI provides capability, the skill
enforces discipline. An agent that loads this skill should be a
competent aX operator immediately.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat(skill): rewrite as self-onboarding decision tree
The skill is the product. Rewrote from reference card to autonomous
onboarding flow:
1. Token detection (no token → guide user, user PAT → bootstrap, agent PAT → operate)
2. Identity verification (whoami, environment check, profile switching)
3. Access confirmation (auto-exchange, test send)
4. Team bootstrap (create agents, mint PATs, set up profiles, swarm pattern)
5. Daily operations (golden path with follow-through rules)
6. Agent mesh connectivity (channel bridge, BYOA, shared context)
7. Follow-through rules + anti-patterns
8. Command reference + troubleshooting
An agent that loads this skill can go from raw token to fully operational
autonomously — verify itself, bootstrap a team, connect everyone into a
shared context mesh. The user doesn't need to read docs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* docs(cli): capture workflow flag spec
* feat: ax token mint — single command to create agent PATs
New command that handles the full bootstrap flow:
1. Detect user PAT (clear error on agent PAT)
2. Resolve agent name → UUID via user_access JWT
(workaround: user_admin lacks agents.list scope)
3. Exchange for user_admin JWT
4. Issue agent-bound PAT via /credentials/agent-pat
5. Optionally save token + config to target directory (--save-to)
6. Optionally create a named profile (--profile)
Usage:
ax token mint backend_sentinel
ax token mint backend_sentinel --save-to /path --profile prod-backend
ax token mint backend_sentinel --audience both --expires 30 --json
Tested on staging: agent PAT resolve, mint, save, profile creation
all verified end-to-end.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: user token guardrail — warn on routine operations with user PAT
When a user PAT (axp_u_) is used for non-management operations (sending
messages, uploading files, listing tasks, etc.), the CLI now emits a
warning to stderr:
⚠ User token (axp_u_) used for: user_access exchange
User tokens are management keys — use an agent token for daily work.
Suppress: AX_I_KNOW_WHAT_IM_DOING=1
Behavior:
- Warns once per session (not per request)
- Suppress via AX_I_KNOW_WHAT_IM_DOING=1 env var
- Management commands (ax token mint, ax credentials) suppress automatically
- Agent tokens (axp_a_) never trigger the warning
Implementation: check fires in _get_jwt() when exchanging for user_access
with a user PAT, since all request paths converge there.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: config resolution cleanup — kill git dependency, warn on global creds
Three changes to make config resolution workspace-based:
1. _find_project_root() no longer stops at .git boundaries. Only .ax/
directories are recognized. Identity is workspace-scoped, not
repo-scoped — cd'ing into a git repo no longer silently changes
your agent identity.
2. Global config (~/.ax/config.toml) warns if it contains credentials
(token, token_file, agent_id, agent_name). These should live in
profiles or workspace config. Global config is for defaults only
(base_url, etc).
3. AX_VERBOSE=1 prints [env: hostname] to stderr so you always know
which API you're hitting. No more silent localhost vs prod confusion.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: mint fallback to direct agent lookup + skill uses ax token mint
- mint: if agent isn't found in list, try direct get_agent() lookup
before failing. Handles agents hidden from list endpoint.
- skill: Step 4 now leads with `ax token mint` instead of raw curl.
Shows one-command mint, mint+save+profile, and swarm bootstrap.
Addresses night_owl QA items #5 and #6.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: user token guardrail is now a hard block, not a warning
User PATs (axp_u_) on routine operations (messages, uploads, tasks)
now EXIT 1 with a clear error instead of just warning. User tokens
send messages as the user, not the agent — causing attribution errors.
The block message tells you exactly what to do:
ax token mint <agent-name>
ax credentials issue-enrollment
Override: AX_I_KNOW_WHAT_IM_DOING=1 (not recommended)
Management commands (ax token mint, ax credentials) auto-suppress.
Addresses night_owl QA feedback on PR #43.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* feat: ax token mint --create creates agent if not found
When the agent doesn't exist:
- --create flag: creates it automatically, then mints
- Interactive TTY: prompts "Create it? [y/N]"
- Non-interactive: fails with "Use --create to create it"
This makes mint the single entry point for the entire bootstrap:
ax token mint new-agent --create --save-to /path --profile name
One command: create agent + mint PAT + save token + create profile.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix: rename AX_I_KNOW_WHAT_IM_DOING to AX_ALLOW_USER_TOKEN
Unprofessional env var name for a production CLI. Renamed to
AX_ALLOW_USER_TOKEN=1 which is clear and descriptive.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* docs: clarify user PAT exchange guardrails
* fix: remove user token guardrail bypass
* fix: route agent registration through api v1
* fix(channel): deliver thread replies to listeners
* feat: replace orchestration verbs with handoff
* style: format cli files
* feat: add context artifact loader
* feat: attach sent files to context
* fix: promote context after storing it
* fix: surface handoff progress replies
* feat: add interactive handoff follow-up
* fix: show short message IDs in table (#44)
* fix: show short message IDs in table to prevent truncation
UUIDs were being silently truncated by Rich table auto-sizing,
making them unusable for `ax messages get`. Now displays first
8 chars (like git short hashes). Full IDs available via --json.
Co-Authored-By: Cinder <noreply@anthropic.com>
* fix: resolve short message IDs
---------
Co-authored-by: Cinder <noreply@anthropic.com>
Co-authored-by: anvil <anvil@ax-platform.com>
* ci: build package in pull requests
* ci: automate release versioning and pypi publish
* fix: polish operator qa friction
---------
Co-authored-by: anvil <anvil@ax-platform.com>
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds heartbeat output to
ax watchso the caller knows the SSE connection is alive while waiting.The ax watch Pattern
ax watchis designed for automation loops — send a task to agents, wait for their response, act on it, repeat.Basic Usage
The Supervisor Pattern
Escalating Backoff
Start checking frequently, back off as things settle:
Flags
--mention--from AGENT--contains TEXT--event TYPE--timeout SECS--count N--json--quietExit codes: 0=matched, 1=timeout, 2=error
Future
--backofffor auto-escalating intervals--exclude-axto filter concierge echoes--sincefor time-bounded watch