From f6f05cf23af7b5f101091a295ef5cbb7e718bc27 Mon Sep 17 00:00:00 2001 From: Jason Woltje Date: Thu, 12 Mar 2026 20:49:05 -0500 Subject: [PATCH] docs: add FIX-03 agent session sandboxing task (#64) Co-Authored-By: Claude Opus 4.6 --- docs/TASKS.md | 127 +++++++++++++++++++++++++------------------------- 1 file changed, 64 insertions(+), 63 deletions(-) diff --git a/docs/TASKS.md b/docs/TASKS.md index 003f49f..f03b739 100644 --- a/docs/TASKS.md +++ b/docs/TASKS.md @@ -2,66 +2,67 @@ > Single-writer: orchestrator only. Workers read but never modify. -| id | status | milestone | description | pr | notes | -| ------ | ----------- | --------- | ------------------------------------------------------------ | --- | ----- | -| P0-001 | done | Phase 0 | Scaffold monorepo | #60 | #1 | -| P0-002 | not-started | Phase 0 | @mosaic/types — migrate and extend shared types | — | #2 | -| P0-003 | not-started | Phase 0 | @mosaic/db — Drizzle schema and PG connection | — | #3 | -| P0-004 | not-started | Phase 0 | @mosaic/auth — BetterAuth email/password setup | — | #4 | -| P0-005 | not-started | Phase 0 | Docker Compose — PG 17, Valkey 8, SigNoz | — | #5 | -| P0-006 | not-started | Phase 0 | OTEL foundation — OpenTelemetry SDK setup | — | #6 | -| P0-007 | not-started | Phase 0 | CI pipeline — Woodpecker config | — | #7 | -| P0-008 | not-started | Phase 0 | Project docs — AGENTS.md, CLAUDE.md, README | — | #8 | -| P0-009 | not-started | Phase 0 | Verify Phase 0 — CI green, all packages build | — | #9 | -| P1-001 | done | Phase 1 | apps/gateway scaffold — NestJS + Fastify adapter | #61 | #10 | -| P1-002 | not-started | Phase 1 | Auth middleware — BetterAuth session validation | — | #11 | -| P1-003 | not-started | Phase 1 | @mosaic/brain — migrate from v0, PG backend | — | #12 | -| P1-004 | not-started | Phase 1 | @mosaic/queue — migrate from v0 | — | #13 | -| P1-005 | not-started | Phase 1 | Gateway routes — conversations CRUD + messages | — | #14 | -| P1-006 | not-started | Phase 1 | Gateway routes — tasks, projects, missions CRUD | — | #15 | -| P1-007 | done | Phase 1 | WebSocket server — chat streaming | #61 | #16 | -| P1-008 | done | Phase 1 | Basic agent dispatch — single provider | #61 | #17 | -| P1-009 | not-started | Phase 1 | Verify Phase 1 — gateway functional, API tested | — | #18 | -| P2-001 | done | Phase 2 | @mosaic/agent — Pi SDK integration + agent pool | #61 | #19 | -| P2-002 | not-started | Phase 2 | Multi-provider support — Anthropic + Ollama | — | #20 | -| P2-003 | not-started | Phase 2 | Agent routing engine — cost/capability matrix | — | #21 | -| P2-004 | not-started | Phase 2 | Tool registration — brain, queue, memory tools | — | #22 | -| P2-005 | not-started | Phase 2 | @mosaic/coord — migrate from v0, gateway integration | — | #23 | -| P2-006 | not-started | Phase 2 | Agent session management — tmux + monitoring | — | #24 | -| P2-007 | not-started | Phase 2 | Verify Phase 2 — multi-provider routing works | — | #25 | -| P3-001 | not-started | Phase 3 | apps/web scaffold — Next.js 16 + BetterAuth + Tailwind | — | #26 | -| P3-002 | not-started | Phase 3 | Auth pages — login, registration, SSO redirect | — | #27 | -| P3-003 | not-started | Phase 3 | Chat UI — conversations, messages, streaming | — | #28 | -| P3-004 | not-started | Phase 3 | Task management — list view + kanban board | — | #29 | -| P3-005 | not-started | Phase 3 | Project & mission views — dashboard + PRD viewer | — | #30 | -| P3-006 | not-started | Phase 3 | Settings — provider config, profile, integrations | — | #31 | -| P3-007 | not-started | Phase 3 | Admin panel — user management, RBAC | — | #32 | -| P3-008 | not-started | Phase 3 | Verify Phase 3 — web dashboard functional E2E | — | #33 | -| P4-001 | not-started | Phase 4 | @mosaic/memory — preference + insight stores | — | #34 | -| P4-002 | not-started | Phase 4 | Semantic search — pgvector embeddings + search API | — | #35 | -| P4-003 | not-started | Phase 4 | @mosaic/log — log ingest, parsing, tiered storage | — | #36 | -| P4-004 | not-started | Phase 4 | Summarization pipeline — Haiku-tier LLM + cron | — | #37 | -| P4-005 | not-started | Phase 4 | Memory integration — inject into agent sessions | — | #38 | -| P4-006 | not-started | Phase 4 | Skill management — catalog, install, config | — | #39 | -| P4-007 | not-started | Phase 4 | Verify Phase 4 — memory + log pipeline working | — | #40 | -| P5-001 | not-started | Phase 5 | Plugin host — gateway plugin loading + channel interface | — | #41 | -| P5-002 | done | Phase 5 | @mosaic/discord-plugin — Discord bot + channel plugin | #61 | #42 | -| P5-003 | not-started | Phase 5 | @mosaic/telegram-plugin — Telegraf bot + channel plugin | — | #43 | -| P5-004 | not-started | Phase 5 | SSO — Authentik OIDC adapter end-to-end | — | #44 | -| P5-005 | not-started | Phase 5 | Verify Phase 5 — Discord + Telegram + SSO working | — | #45 | -| P6-001 | not-started | Phase 6 | @mosaic/cli — unified CLI binary + subcommands | — | #46 | -| P6-002 | not-started | Phase 6 | @mosaic/prdy — migrate PRD wizard from v0 | — | #47 | -| P6-003 | not-started | Phase 6 | @mosaic/quality-rails — migrate scaffolder from v0 | — | #48 | -| P6-004 | not-started | Phase 6 | @mosaic/mosaic — install wizard for v1 | — | #49 | -| P6-005 | done | Phase 6 | Pi TUI integration — mosaic tui | #61 | #50 | -| P6-006 | not-started | Phase 6 | Verify Phase 6 — CLI functional, all subcommands | — | #51 | -| P7-001 | not-started | Phase 7 | MCP endpoint hardening — streamable HTTP transport | — | #52 | -| P7-002 | not-started | Phase 7 | Additional SSO providers — WorkOS + Keycloak | — | #53 | -| P7-003 | not-started | Phase 7 | Additional LLM providers — Codex, Z.ai, LM Studio, llama.cpp | — | #54 | -| P7-004 | not-started | Phase 7 | E2E test suite — Playwright critical paths | — | #55 | -| P7-005 | not-started | Phase 7 | Performance optimization | — | #56 | -| P7-006 | not-started | Phase 7 | Documentation — user guide, admin guide, dev guide | — | #57 | -| P7-007 | not-started | Phase 7 | Bare-metal deployment docs + .env.example | — | #58 | -| P7-008 | not-started | Phase 7 | Beta release gate — v0.1.0 tag | — | #59 | -| FIX-01 | not-started | Backlog | Call piSession.dispose() in AgentService.destroySession | — | #62 | -| FIX-02 | not-started | Backlog | TUI agent:end — fix React state updater side-effect | — | #63 | +| id | status | milestone | description | pr | notes | +| ------ | ----------- | --------- | ------------------------------------------------------------- | --- | ----- | +| P0-001 | done | Phase 0 | Scaffold monorepo | #60 | #1 | +| P0-002 | not-started | Phase 0 | @mosaic/types — migrate and extend shared types | — | #2 | +| P0-003 | not-started | Phase 0 | @mosaic/db — Drizzle schema and PG connection | — | #3 | +| P0-004 | not-started | Phase 0 | @mosaic/auth — BetterAuth email/password setup | — | #4 | +| P0-005 | not-started | Phase 0 | Docker Compose — PG 17, Valkey 8, SigNoz | — | #5 | +| P0-006 | not-started | Phase 0 | OTEL foundation — OpenTelemetry SDK setup | — | #6 | +| P0-007 | not-started | Phase 0 | CI pipeline — Woodpecker config | — | #7 | +| P0-008 | not-started | Phase 0 | Project docs — AGENTS.md, CLAUDE.md, README | — | #8 | +| P0-009 | not-started | Phase 0 | Verify Phase 0 — CI green, all packages build | — | #9 | +| P1-001 | done | Phase 1 | apps/gateway scaffold — NestJS + Fastify adapter | #61 | #10 | +| P1-002 | not-started | Phase 1 | Auth middleware — BetterAuth session validation | — | #11 | +| P1-003 | not-started | Phase 1 | @mosaic/brain — migrate from v0, PG backend | — | #12 | +| P1-004 | not-started | Phase 1 | @mosaic/queue — migrate from v0 | — | #13 | +| P1-005 | not-started | Phase 1 | Gateway routes — conversations CRUD + messages | — | #14 | +| P1-006 | not-started | Phase 1 | Gateway routes — tasks, projects, missions CRUD | — | #15 | +| P1-007 | done | Phase 1 | WebSocket server — chat streaming | #61 | #16 | +| P1-008 | done | Phase 1 | Basic agent dispatch — single provider | #61 | #17 | +| P1-009 | not-started | Phase 1 | Verify Phase 1 — gateway functional, API tested | — | #18 | +| P2-001 | done | Phase 2 | @mosaic/agent — Pi SDK integration + agent pool | #61 | #19 | +| P2-002 | not-started | Phase 2 | Multi-provider support — Anthropic + Ollama | — | #20 | +| P2-003 | not-started | Phase 2 | Agent routing engine — cost/capability matrix | — | #21 | +| P2-004 | not-started | Phase 2 | Tool registration — brain, queue, memory tools | — | #22 | +| P2-005 | not-started | Phase 2 | @mosaic/coord — migrate from v0, gateway integration | — | #23 | +| P2-006 | not-started | Phase 2 | Agent session management — tmux + monitoring | — | #24 | +| P2-007 | not-started | Phase 2 | Verify Phase 2 — multi-provider routing works | — | #25 | +| P3-001 | not-started | Phase 3 | apps/web scaffold — Next.js 16 + BetterAuth + Tailwind | — | #26 | +| P3-002 | not-started | Phase 3 | Auth pages — login, registration, SSO redirect | — | #27 | +| P3-003 | not-started | Phase 3 | Chat UI — conversations, messages, streaming | — | #28 | +| P3-004 | not-started | Phase 3 | Task management — list view + kanban board | — | #29 | +| P3-005 | not-started | Phase 3 | Project & mission views — dashboard + PRD viewer | — | #30 | +| P3-006 | not-started | Phase 3 | Settings — provider config, profile, integrations | — | #31 | +| P3-007 | not-started | Phase 3 | Admin panel — user management, RBAC | — | #32 | +| P3-008 | not-started | Phase 3 | Verify Phase 3 — web dashboard functional E2E | — | #33 | +| P4-001 | not-started | Phase 4 | @mosaic/memory — preference + insight stores | — | #34 | +| P4-002 | not-started | Phase 4 | Semantic search — pgvector embeddings + search API | — | #35 | +| P4-003 | not-started | Phase 4 | @mosaic/log — log ingest, parsing, tiered storage | — | #36 | +| P4-004 | not-started | Phase 4 | Summarization pipeline — Haiku-tier LLM + cron | — | #37 | +| P4-005 | not-started | Phase 4 | Memory integration — inject into agent sessions | — | #38 | +| P4-006 | not-started | Phase 4 | Skill management — catalog, install, config | — | #39 | +| P4-007 | not-started | Phase 4 | Verify Phase 4 — memory + log pipeline working | — | #40 | +| P5-001 | not-started | Phase 5 | Plugin host — gateway plugin loading + channel interface | — | #41 | +| P5-002 | done | Phase 5 | @mosaic/discord-plugin — Discord bot + channel plugin | #61 | #42 | +| P5-003 | not-started | Phase 5 | @mosaic/telegram-plugin — Telegraf bot + channel plugin | — | #43 | +| P5-004 | not-started | Phase 5 | SSO — Authentik OIDC adapter end-to-end | — | #44 | +| P5-005 | not-started | Phase 5 | Verify Phase 5 — Discord + Telegram + SSO working | — | #45 | +| P6-001 | not-started | Phase 6 | @mosaic/cli — unified CLI binary + subcommands | — | #46 | +| P6-002 | not-started | Phase 6 | @mosaic/prdy — migrate PRD wizard from v0 | — | #47 | +| P6-003 | not-started | Phase 6 | @mosaic/quality-rails — migrate scaffolder from v0 | — | #48 | +| P6-004 | not-started | Phase 6 | @mosaic/mosaic — install wizard for v1 | — | #49 | +| P6-005 | done | Phase 6 | Pi TUI integration — mosaic tui | #61 | #50 | +| P6-006 | not-started | Phase 6 | Verify Phase 6 — CLI functional, all subcommands | — | #51 | +| P7-001 | not-started | Phase 7 | MCP endpoint hardening — streamable HTTP transport | — | #52 | +| P7-002 | not-started | Phase 7 | Additional SSO providers — WorkOS + Keycloak | — | #53 | +| P7-003 | not-started | Phase 7 | Additional LLM providers — Codex, Z.ai, LM Studio, llama.cpp | — | #54 | +| P7-004 | not-started | Phase 7 | E2E test suite — Playwright critical paths | — | #55 | +| P7-005 | not-started | Phase 7 | Performance optimization | — | #56 | +| P7-006 | not-started | Phase 7 | Documentation — user guide, admin guide, dev guide | — | #57 | +| P7-007 | not-started | Phase 7 | Bare-metal deployment docs + .env.example | — | #58 | +| P7-008 | not-started | Phase 7 | Beta release gate — v0.1.0 tag | — | #59 | +| FIX-01 | not-started | Backlog | Call piSession.dispose() in AgentService.destroySession | — | #62 | +| FIX-02 | not-started | Backlog | TUI agent:end — fix React state updater side-effect | — | #63 | +| FIX-03 | not-started | Backlog | Agent session — cwd sandbox, system prompt, tool restrictions | — | #64 |