v0.31.0 — Agent Safety & Discoverability
This release transforms fabio into a fully safety-hardened, agent-native CLI with defense-in-depth controls and runtime discoverability that achieves 90% correctness with coding agents.
Agent Safety (New)
Three independent safety boundaries for agent deployments:
--readonly — Blocks all mutations (POST/PUT/PATCH/DELETE) at the HTTP transport layer before network dispatch. Read operations pass through normally.
FABIO_READONLY=1 fabio workspace list # works
FABIO_READONLY=1 fabio workspace create # BLOCKED (READONLY_MODE error)--enable-commands / --disable-commands — Runtime command allowlists/denylists. Operators constrain which command groups an agent can access.
FABIO_ENABLE_COMMANDS=workspace,lakehouse fabio workspace list # works
FABIO_ENABLE_COMMANDS=workspace,lakehouse fabio deploy plan # BLOCKED (FORBIDDEN)--wrap-untrusted — Wraps user-authored fields (displayName, description) with <<<UNTRUSTED>>>...<<<END_UNTRUSTED>>> markers to prevent prompt injection when agent processes fabio output.
All three support environment variables for operator-controlled enforcement.
MCP Server Safety (New)
The MCP server is now read-only by default:
fabio mcp serve # 366 read-only tools
fabio mcp serve --allow-write # 810 tools (all)
fabio mcp serve --allow-write --allow-tool "workspace,lakehouse" # scoped
fabio mcp serve --list-tools # inspect without startingStable Exit Codes (New)
Agents can branch on $? without JSON parsing:
| Code | Meaning |
|---|---|
| 0 | Success |
| 1 | Generic error |
| 2 | Usage error |
| 3 | AUTH_REQUIRED |
| 4 | FORBIDDEN / READONLY_MODE |
| 5 | NOT_FOUND |
| 6 | CONFLICT |
| 7 | RATE_LIMITED |
| 8 | TIMEOUT |
| 9 | NETWORK_ERROR |
Runtime Discoverability (Enhanced)
--budget flag — Token-aware schema output that returns the richest subset within a token limit:
fabio context agent --budget 4000 # full detail for priority groups, compact for rest222 inline examples — Every major command now has CLI usage examples accessible via fabio context describe <group> <cmd>.
56 output shape examples — Agents can see response shapes via fabio context examples <group> <cmd>.
Safety state introspection — fabio context agent now includes a safety field showing effective restrictions.
Agent Skill (Moved In-Repo)
The agent skill now ships at .agents/skills/fabio/ in the main repository. No more separate fabio-skills repo (archived). Install via:
npx skills add https://github.com/iemejia/fabioEval results: 90% pass rate (69/77 tests) with gpt-4o-mini in CI.
Documentation Simplified
- Deleted
COMMANDS.mdandEXAMPLES.md— the binary is the documentation - All agent knowledge lives in
commands.json(auto-generated + examples preserved) fabio context agent/describe/find/workflowprovides runtime discovery
Stats
- 22 E2E safety tests covering all new features
- 77-case promptfoo eval running in CI via Azure OpenAI
- 749 unit tests passing
- Binary size: 19 MB (656 KB embedded context data = 3.5%)
Full Changelog: v0.30.0...v0.31.0
Full Changelog: v0.30.0...v0.31.0