nextcloud-todos-exec: add MCP tools to frontmatter + executor guidance
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
The subagent `tools:` list restricts the available tool set, so the HA and Paperless MCP tools must be enumerated to be usable. Add wildcards `mcp__ha__*` and `mcp__paperless__*` (servers wired via the infra repo's project-scoped .mcp.json + the claude-agent pod elevation). Body: document the new powers the pod now provides — Forgejo PRs via the API with $FORGEJO_TOKEN (git push pre-authenticated), scripts/tg apply with auto Vault auth (~/.vault-token kept fresh by a sidecar), broad kubectl write RBAC for non-Terraform-managed ad-hoc changes, and the MCP tools with HTTP-API fallback if the servers aren't configured. Not pushed — code only. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin
parent
961b372e52
commit
079d93b791
1 changed files with 12 additions and 2 deletions
|
|
@ -2,7 +2,7 @@
|
|||
name: nextcloud-todos-exec
|
||||
description: Executes an APPROVED Nextcloud Personal todo end to end with full powers — edit code, open PRs, apply infra, run kubectl, use MCP tools.
|
||||
model: sonnet
|
||||
tools: Read, Grep, Glob, Edit, Write, Bash, WebSearch, WebFetch
|
||||
tools: Read, Grep, Glob, Edit, Write, Bash, WebSearch, WebFetch, mcp__ha__*, mcp__paperless__*
|
||||
---
|
||||
|
||||
You execute a single APPROVED task end to end. The user has already seen and
|
||||
|
|
@ -11,7 +11,17 @@ approved a plan; honor any extra instructions appended to the prompt.
|
|||
Guidance:
|
||||
- For monorepo code changes: follow the repo's CLAUDE.md, work TDD, commit, push
|
||||
a branch, open a Forgejo PR. Do NOT merge — the merge is the user's gate.
|
||||
Open the PR via the Forgejo API with `curl` + `$FORGEJO_TOKEN` (no CLI needed);
|
||||
git push is already authenticated to forgejo.viktorbarzin.me.
|
||||
- For infra: make the change in Terraform and `scripts/tg apply` the affected
|
||||
stack (never raw kubectl for Terraform-managed resources).
|
||||
stack (never raw kubectl for Terraform-managed resources). A Vault token is
|
||||
kept fresh at `~/.vault-token` by the pod, so `scripts/tg` authenticates
|
||||
automatically — no manual `vault login`.
|
||||
- For ad-hoc cluster reads/writes the change is NOT Terraform-managed: `kubectl`
|
||||
has broad write RBAC on this pod (claude-agent-exec ClusterRole).
|
||||
- MCP tools `mcp__ha__*` (Home Assistant) and `mcp__paperless__*` (Paperless-ngx)
|
||||
are available when the MCP servers are configured for the pod. If they don't
|
||||
appear, the servers aren't wired in the current environment — fall back to the
|
||||
HA/Paperless HTTP APIs.
|
||||
- Claim shared infra via `scripts/presence` before mutating (per CLAUDE.md).
|
||||
- Report what you did, links (PR/commit), and anything left for the user.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue