The portal-assistant voice gateway needs a Claude that is conversational, free
(on the cluster subscription, no metered API), and safe to sit behind a public
edge. Add POST /v1/conversational: it drives a new no-tools `conversational`
agent with per-conversation --resume so a voice turn keeps context, and is lean
on purpose — no workspace clone, no tools, and crucially NO
--dangerously-skip-permissions (so even a leaked agent can't execute anything).
This is deliberately NOT /v1/chat/completions, which clones the git-crypt infra
repo and runs a Bash-enabled agent per turn (portal-assistant ADR-0002).
The conversational agent replies in the speaker's language (Bulgarian/English),
short and TTS-friendly. Tests cover the argv builder (new vs resume), the happy
path, multi-turn resume across calls, auth, and failure → 503. Full suite green.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Viktor wanted a web UI on the claude service to act as his breakglass when
the devvm is down: open it, have Claude SSH in to diagnose/repair, and
power-cycle the VM via the Proxmox host if needed. This is the app half
(the infra stack + host bootstrap live in the infra repo).
New, ISOLATED ASGI app under app/breakglass/ (never imports app.main, so the
untrusted-input agents — recruiter-triage, nextcloud-todos — can't share a
process with the root-on-devvm / PVE-reset SSH key):
- pve.py: the LLM-independent power-verb path (status|forensics|reset|stop|
start|cycle on VM 102), whitelist-validated client-side, executed over the
forced-command SSH key (list argv, no shell).
- agent_session.py: multi-turn streamed chat — claude -p --session-id /
--resume with --output-format stream-json, translated to a small SSE
vocabulary (session/text/tool/result/error/done).
- auth.py: edge Authentik header OR bearer; fail-closed.
- server.py: FastAPI (session/chat-SSE/pve-verb routes) + serves the Svelte UI.
- Svelte SPA (frontend/, built into app/breakglass/static/ and committed — no
in-cluster build, per ADR-0002): streamed chat + danger-styled manual VM
controls with confirm-on-mutate.
- agents/breakglass.md: narrow tools (Bash/Read/Grep/Glob, no web), taught the
ssh devvm / ssh pve aliases and cycle-vs-reset.
- docker-entrypoint-breakglass.sh: ssh-agent bootstrap from the mounted key +
ssh aliases, then uvicorn app.breakglass.server. The breakglass Deployment
overrides the image CMD with this; the existing service is untouched.
26 new tests (verb whitelist incl. injection attempts, stream-json→SSE
translation, auth gating, route behaviour); full suite 58 green.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
System prompt instructs the agent to take trip inputs, candidate pool,
and optional prior draft + change request, perform web research, then
return ONLY a JSON object matching ItineraryDraft schema (destination,
start_date, end_date, items[] with name/category/lat/lng/address/day_index/why/est_cost).
Mirrors recruiter-triage file format/structure.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The subagent `tools:` list restricts the available tool set, so the HA
and Paperless MCP tools must be enumerated to be usable. Add wildcards
`mcp__ha__*` and `mcp__paperless__*` (servers wired via the infra repo's
project-scoped .mcp.json + the claude-agent pod elevation).
Body: document the new powers the pod now provides — Forgejo PRs via the
API with $FORGEJO_TOKEN (git push pre-authenticated), scripts/tg apply
with auto Vault auth (~/.vault-token kept fresh by a sidecar), broad
kubectl write RBAC for non-Terraform-managed ad-hoc changes, and the MCP
tools with HTTP-API fallback if the servers aren't configured.
Not pushed — code only.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Add the read-only planner and full-powers exec agent definitions for the
nextcloud-todos service (Phase 3, tasks 3.1/3.2). COPY both into
/usr/share/agent-seed/ so the seed-beads-agent init-container can drop them
into ~/.claude/agents/ at pod start (task 3.3).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
New section between Remote and Perks. Covers:
- Leadership stance (last-12mo public statements on internal AI use)
- Approved tools (Cursor / Copilot / Claude Code / ChatGPT Enterprise
/ internal LLM gateway)
- Per-seat usage limits, quotas, model whitelist/blacklist, DLP
blocks on source-to-external-models
- Code-gen safety policy (review of AI-generated code, disclosure)
- Whether the company ships AI features and at what depth
- If the web is silent: explicit follow-up questions to ask the
recruiter in writing
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
New mandatory block in the markdown output template between Remote and
Recent news. Covers: meals (free vs stipend vs none), health (medical
dental mental), pension contribution %, equity refresh cadence,
PTO/sabbatical/parental, equipment + WFH stipend, learning budget,
gym/wellness, office amenities (game room, rooftop, pet-friendly, EV
charging), commuter benefits.
Bumped word cap 800→1200 to fit the new section. Agent system prompt
explicitly says 'say not found' rather than guess for sub-items.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Web-first deep-research agent that recruiter-responder calls on demand.
Output is a structured markdown report (≤800 words): comp vs Viktor's
£600k floor, culture/retention signals, remote policy, recent news,
bottom-line verdict. No DB writes, no phone-call suggestions, no file
writes. Tools: WebSearch, WebFetch, Read, Grep, Glob, Bash (read-only
use).
Wired through Dockerfile (COPY to /usr/share/agent-seed/) and the
seed-beads-agent init container in infra/stacks/claude-agent-service/
(cp into /home/agent/.claude/agents/recruiter-triage.md).
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
