Releases: hxddh/storage-agent-workbench
Release list
v0.20.9
What's changed
Added
preview_object— the agent can now read a bounded preview of an object's
content. Previously the agent could enumerate keys and read metadata
(head_object) but could not look inside an object. It now has a read-only
preview_object(provider_id, bucket, key)tool: a single bounded Range GET
(hard cap 1 MiB/call), text-only (binary/oversized objects are reported, not
decoded), redaction-passed, never persisted, and bounded per turn (a few
objects / a few MiB) so it can't be looped into a bulk download. This makes
"what's inside this manifest / config / log object?" answerable inline.- Agent-native by bounds, not a gate: no per-call confirmation (that would
ossify the loop) — safety is code-enforced caps + sanitization + audit, the
same model as the other read-only probes. - Security rule #11 updated accordingly: from "no object bodies by default"
to "no bulk body downloads, withpreview_objectas the one bounded,
audited, per-turn-capped exception." Bulk/recursive/full-object downloads
remain prohibited; evidence import (GB-scale) still requires confirmation.
- Agent-native by bounds, not a gate: no per-call confirmation (that would
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.9-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.7
What's changed
Fixed
- Clicking a suggested next-step no longer drops the literal text "None" into
the composer. A proposal with an explicit nulltitle/reasonwas stringified
as Pythonstr(None)→"None"innormalize_proposal(theget(k, "")
default only applies to absent keys, not present-but-null ones), which then
surfaced as theask_user_for_contextcomposer prefill. Null/None now coerces
to"", sotitlefalls back to the action-type label andreasonbecomes
None(and the prefilled question is always a real sentence).
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.7-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.6
What's changed
Added
- Two StorageOps skills for gaps the tools already supported (catalog now 18):
storageops-inventory-analysis— how to read an inventory for capacity and
object-shape (size/count, size histogram, prefix and storage-class
distribution, small-object ratio, largest objects) viaanalyze_uploaded_file
(attached file) or a confirmedplan_inventory_import(+read_run_result).
The fact layer beneath the lifecycle/cost decision.storageops-account-posture— how to usesurvey_accountfor an account-wide
landscape + config posture (logging / inventory / lifecycle / public-access-
block per bucket) and where to look first, withread_run_resultfor a
backgrounded survey. The no-error audit entry point (vs triage's error path).- Both are written agent-native: on-demand knowledge with adaptive decision
trees and capability hints, not fixed pipelines (account-posture explicitly
says not to reflexively review every bucket); app-native tool names only;
guidance-only.eval-golden-casesgains a "coverage honesty" check (don't
assert a feature absent whenaccess_denied; snapshot ≠ trend; visible vs
total buckets). Routing relies on the distinct catalog descriptions.
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.6-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.4
What's changed
Fixed
- A step-budget (
max_turns) limit no longer breaks the session. Previously
a complex investigation that exhausted the turn budget surfaced a hard
"Max turns (16) exceeded" error, lost the whole turn, showed a misleading "open
settings" action, and (because the failed stream fell back to the blocking
turn) re-ran the entire agent a second time. Now, when the budget is reached,
the agent makes one tool-less finalize call that synthesizes a grounded
best-effort answer from the investigation so far (explicitly marked as possibly
incomplete, with an offer to continue). The turn budget is unchanged and still
bounded (N tool-loop turns + 1 tool-less finalize); the client never sees a
max-turns error and never double-runs. The agent is also instructed to converge
and checkpoint findings (record_finding/note_fact) as it works, so a
"continue" follow-up resumes from real context. - The model chip refreshes after first-run configuration. Adding the first
model provider through the Settings drawer (e.g. via the first-run wizard)
changed neither sidecar-readiness nor the active session, so the composer chip
stayed on "Add model" until a session switch — even though chat already worked.
The chip now re-fetches when the Settings drawer closes.
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.4-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.3
What's changed
Fixed
- The thread no longer looks frozen while the agent is generating. After the
tool trace appears, the post-tools / between-rounds wait (often the longest,
with no streamed text yet) showed only a lone blinking caret. It now shows an
explicit animated "Working… (still running)" indicator until the answer starts
streaming. - Error-triage next-step chips survive a reload / session-switch. The
deterministicsafe_next_actionswere only on the POST response, so reopening
a session showed empty chips.GET /error-triage/{id}and
GET /sessions/{id}/error-triagenow re-derive them deterministically from the
stored (already redacted) input — no new storage, no migration.
Changed
- Tool-name consistency (
§2.4). The error-triage playbooks,docs/tools.md,
and theCLAUDE.mdwhitelist now use the agent-facing tool names
(test_addressing_style,inspect_endpoint_tls) that the SKILL.md bodies and
agent instructions already use — so guidance never names a tool the agent
can't call. (The underlying S3-layer functions keep their names:
test_path_style_vs_virtual_host,inspect_tls.) read_run_resultis now listed in the agent's main tool instructions, not
only in the survey-timeout note — so the agent knows it can re-read a
backgrounded survey/review/import result in a later turn instead of re-running.- Stale docs/docstrings aligned to the single-agent model:
architecture.md
(removed "analysis narrators"; skill context is catalog +read_skill
progressive disclosure, not eager 1–3 selection; triage flow has no "optional
Agent interpretation");skills/__init__.py,skills/context.py,
skills/contract.py(no "triage Agent" / eager-injection framing);
pyproject.toml(no "agent planner mode");summary_builder.pycomment
(proposals are free-form, not a fixed allowlist).
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.3-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.2
What's changed
Post-v0.20 review cleanup — no behavior change beyond stronger redaction.
Security
- Shared redactor now scrubs model API keys (
sk-…). Defense-in-depth: a
model key pasted into the chat or echoed in a provider error is masked
everywhere the shared redactor runs (session messages, audit logs, reports),
not just on the triage path. Aligns with security rule #15.
Removed (dead code from the v0.20 single-agent migration)
analysis/drilldown.py+ its test — the bounded-aggregate tools whose only
consumer (the deleted in-run analysis narrator) is gone.runs/analysis_report.py:agent_analysis_md+render_agent_report(the
"Agent Interpretation" / "Agent mode" report sections) and the now-empty
agent_sectionparameter on the dataset-report renderers.- Frontend dead API:
uploadDataset(run-scoped upload) andlistDatasets. next_actions.ALLOWED_ACTION_TYPESdead back-compat alias.
Changed (stale docs / comments)
docs/architecture.md:account_discoverydescription no longer claims an
"Agent mode 422 / future phase" — it's the agent'ssurvey_accounttool.CLAUDE.md: dropped the deadoptimization_reportcapability bullet.agent_runtime/__init__.py,guardrails.py,main.py: docstrings no longer
describe an "agent planner mode" (there is one conversational agent).next_actions.normalize_proposaldocstring: clarified it accepts any safe
free-form action_type (not a fixed allowlist).- Frontend
RunEvent: removed the never-emittedplan/tool_selectedtypes. - Stripped historical "(Phase NN)" provenance tags from module docstrings
(migration provenance comments kept).
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.2-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.1
What's changed
Fixed
- Empty-state subtitle no longer overpromises. "Read-only by default — I'll
ask before running anything" became "Read-only and never destructive — I'll
ask before moving any data" (zh equivalent): the agent runs read-only checks
itself; only cloud data-moving work is confirmation-gated. - Backgrounded survey/review now resumes via
read_run_result. When an
inline survey/review exceeds the time budget, the timeout note and the agent
instructions now tell the agent to callread_run_result(run_id)in a later
turn instead of re-running the survey. - Triage
safe_next_actionsare now clickable.TriageCardrenders the
deterministic next-check proposals as one-click chips (same handoff as agent
proposals), instead of dropping a field the API already returned. - Doc residual:
docs/security.md"Graded execution" no longer references
the removedautonomous_readonly/assistedautonomy policy.
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.1-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.20.0
What's changed
Single-agent architecture. This release finishes the agent-native migration
by eliminating the dual-track design: there is now exactly one LLM in the
product — the conversational session agent. Everything under runs/ is pure
deterministic compute the agent invokes as a tool or saves as an auditable
report artifact. No second "run-planner" LLM, no in-run interpretation
narrators, no planner_mode switch. The deterministic engines, DuckDB, the S3
read-only whitelist, output sanitization, and the confirm gate on data-moving
work are all kept — they are the security floor.
Removed
- The run-planner agent. Deleted
agent_runtime/tool_registry.py,
prompts.py,context_builder.py,result_parser.py, and the
agent_service.run_agent/ToolInvokermachinery.agent_service.pynow
keeps onlybuild_agent/get_model_credentialsfor the conversational
agent. - In-run interpretation narrators. Deleted
agent_runtime/analysis_agent.py(theaccess_log_analysis/
inventory_analysisnarrator +analysis/drilldown.pyaggregate tools) and
error_triage/triage_agent.py. Analysis and triage are deterministic-only;
the conversational agent narrates the sanitized result if asked. planner_mode. Dropped from the API (RunCreate/RunSummary/RunDetail,
ErrorTriageRequest), the run SSErun_startedevent, the frontend types, and
the run-detail UI.run_service.run_syncalways dispatches a run to its
deterministic executor; theruns.planner_modeSQLite column is retained
(defaulting to'deterministic') only because the schema is append-only and is
no longer read or written.- The
optimization_reportrun type (never implemented as a real executor);
an unknownrun_typeis now a clean 422.
Changed
- Runs expose only their real tool trace, findings, and summary — no canned
step "plan" event and no agent-authored prose section in reports. - Evidence import is reached through the agent, not a separate panel —
AccountProfilePanelis now a read-only profile view.
Added
read_run_result(run_id)tool — lets the agent pick up a backgrounded
survey/review/import result in a later turn (status + sanitized summary; only
runs linked to the current session) instead of re-running.
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.20.0-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.19.29
What's changed
Cleanup pass resolving the verified-true items from a code/skills review — no
new behavior, all agent-native consistency, dead-code removal, and small fixes.
Fixed
- Slash
/logsand/inventorynow open the file picker (like the
empty-state chips), instead of seeding a prompt the agent has no file to act on. - The model chip recovers from a transient sidecar blip —
refreshModel
retries a few times instead of getting stuck on "Add model" until a refresh. - Sending an ambiguous-type attachment gives feedback (a "choose a type"
hint) rather than a silent no-op.
Changed
skills_usedis bound to skills actually loaded viaread_skillthis turn
— the model can no longer claim a skill it never opened (keeps the report
honest).- Skill selection is robust to spacing/punctuation — a keyword like
SignatureDoesNotMatchmatches"Signature Does Not Match"/"access-denied"
without a hard-coded error→skill map (still metadata-driven). read_skillhas a per-turn budget (max 6 loads) so a loop can't pull every
skill body into context.- The deterministic session report labels its "next actions" as rule-derived
suggestions, distinct from the agent's own proposals. - Refreshed stale
SKILL.mdguidance (access-log, lifecycle-cost, performance,
security-iam, migration, replication) to the current tools: local files →
analyze_uploaded_fileinline; config/account →review_bucket_config/
survey_account; only cloud imports stay confirmed.
Removed
- Dead
/sessions/{id}/actions/previewendpoint +preview()+ the frontend
ActionPreviewResulttype.
Docs
- Rewrote
docs/architecture.mdto the agent-native model (no autonomy toggle,
nonew_runform, free-form proposals,origin='agent'runs hidden from the
thread); fixed thesession_agentmodule header (attached files analyzed
inline) and the inline-survey timeout note.
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.19.29-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.
v0.19.28
What's changed
Completes the agent-native rebuild: the conversational agent is the sole
operating surface, and no rigid/ossified pipeline remains. Deterministic engines
survive only as the security/reproducibility floor the agent invokes (and as
opt-in auditable reports) — never a UI-fired flow or a card mid-conversation.
Changed
- No run card ever appears from a conversation. The agent's own read-only
survey/review tools (survey_account,review_bucket_config) now record runs
withorigin='agent'(migration 15) that the thread filters out — the agent
narrates the result inline instead. This removes the stray deterministic
account_discoverycard that could fire mid-chat (e.g. while analyzing an
uploaded log). - Retired the agent-autonomy toggle entirely. The agent is always a fully
autonomous read-only investigator; theassisted/autonomous_readonlysetting,
its endpoint, and its Settings UI are gone. Read-only investigation always runs;
cloud data-moving work still always requires confirmation. - The agent stays on the user's request. New instructions stop it from firing
cloud probes (credentials, account survey) for a local-file task — it analyzes
the attached file and answers, touching the cloud only when asked. - Removed the retired
new_runform handoff from next-action proposals:
investigation/diagnosis/config/account/analysis proposals route back to the
agent conversationally; only evidence import, the saved report, and a context
question get a purpose-built flow.
Fixed
- Uploading a file no longer loses it if the upload fails (the composer is
cleared only after success). - Forking a session now copies its uploaded datasets and their files on disk.
- Re-uploading the same filename reuses the dataset row instead of leaving
duplicate records pointing at one overwritten file. - A streamed turn that ends without a completion event now reconciles via the
blocking fallback instead of showing an empty next-steps list. - Empty-state "Analyze access logs" / "Inventory" chips open the file picker.
Removed
- Dead code:
agent_runtime/autonomy.py, the/settings/autonomyendpoint, the
frontendpreviewSessionAction, and stale docs/comments (README confirmation
wording, composer "two modes", the M012 "OS keychain" note, the "Phase 17
allowlist" comment).
Install
Builds are unsigned / ad-hoc (no Apple notarization, no Windows Authenticode). Verify downloads against the SHA256SUMS-*.txt files.
- macOS (arm64): open the .dmg, drag to Applications. First launch shows a Gatekeeper prompt — right-click the app → Open, or run
xattr -dr com.apple.quarantine "/Applications/Storage Agent Workbench.app". It starts in a few seconds. - Linux (x64):
sudo apt install ./storage-agent-workbench-v0.19.28-linux-x64.deb - Windows (x64): run the
-setup.exe; if SmartScreen warns, choose More info → Run anyway.
Prompt-free signed builds: see docs/signing.md.