diff --git a/docs/workflows.md b/docs/workflows.md index e6f2395..7c8843f 100644 --- a/docs/workflows.md +++ b/docs/workflows.md @@ -26,6 +26,9 @@ initial_step: first-step # Optional, defaults to first step steps: - name: step-name agent: coder # Built-in agent or path to .md file + allowed_tools: # Optional tool allowlist for this step + - Read + - Grep instruction_template: | Your instructions here with {variables} transitions: @@ -80,6 +83,15 @@ max_iterations: 5 steps: - name: implement agent: coder + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | {task} transitions: @@ -98,6 +110,15 @@ max_iterations: 10 steps: - name: implement agent: coder + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | {task} transitions: @@ -108,6 +129,12 @@ steps: - name: review agent: architect + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | Review the implementation for: - Code quality @@ -126,6 +153,12 @@ steps: steps: - name: analyze agent: architect + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | Analyze this request and create a plan: {task} transitions: @@ -135,6 +168,15 @@ steps: - name: implement agent: coder pass_previous_response: true # Enable {previous_response} + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | Implement based on this analysis: {previous_response} diff --git a/resources/global/en/workflows/default.yaml b/resources/global/en/workflows/default.yaml index f7d0eeb..bf8f58a 100644 --- a/resources/global/en/workflows/default.yaml +++ b/resources/global/en/workflows/default.yaml @@ -11,6 +11,13 @@ initial_step: plan steps: - name: plan agent: ~/.takt/agents/default/planner.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -72,6 +79,15 @@ steps: - name: implement agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -135,6 +151,12 @@ steps: - name: review agent: ~/.takt/agents/default/architect.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -199,6 +221,15 @@ steps: - name: improve agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -234,6 +265,12 @@ steps: - name: ai_review agent: ~/.takt/agents/default/ai-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -298,6 +335,15 @@ steps: - name: ai_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -331,6 +377,12 @@ steps: - name: security_review agent: ~/.takt/agents/default/security.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -398,6 +450,15 @@ steps: - name: security_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -427,6 +488,15 @@ steps: - name: fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -457,6 +527,13 @@ steps: - name: supervise agent: ~/.takt/agents/default/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} diff --git a/resources/global/en/workflows/expert-review.yaml b/resources/global/en/workflows/expert-review.yaml index 5dd7cf5..22f8417 100644 --- a/resources/global/en/workflows/expert-review.yaml +++ b/resources/global/en/workflows/expert-review.yaml @@ -23,6 +23,13 @@ steps: # =========================================== - name: plan agent: ~/.takt/agents/default/planner.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -87,6 +94,15 @@ steps: # =========================================== - name: implement agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -153,6 +169,12 @@ steps: # =========================================== - name: cqrs_es_review agent: ~/.takt/agents/expert-review/cqrs-es-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -221,6 +243,15 @@ steps: - name: fix_cqrs_es agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -259,6 +290,12 @@ steps: # =========================================== - name: frontend_review agent: ~/.takt/agents/expert-review/frontend-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -327,6 +364,15 @@ steps: - name: fix_frontend agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -365,6 +411,12 @@ steps: # =========================================== - name: ai_review agent: ~/.takt/agents/default/ai-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -429,6 +481,15 @@ steps: - name: ai_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -465,6 +526,12 @@ steps: # =========================================== - name: security_review agent: ~/.takt/agents/expert-review/security-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -530,6 +597,15 @@ steps: - name: fix_security agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -577,6 +653,12 @@ steps: # =========================================== - name: qa_review agent: ~/.takt/agents/expert-review/qa-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -642,6 +724,15 @@ steps: - name: fix_qa agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -693,6 +784,12 @@ steps: # =========================================== - name: supervise agent: ~/.takt/agents/expert-review/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -800,6 +897,15 @@ steps: - name: fix_supervisor agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} diff --git a/resources/global/en/workflows/magi.yaml b/resources/global/en/workflows/magi.yaml index 1797acb..3953c7e 100644 --- a/resources/global/en/workflows/magi.yaml +++ b/resources/global/en/workflows/magi.yaml @@ -10,6 +10,12 @@ max_iterations: 5 steps: - name: melchior agent: ~/.takt/agents/magi/melchior.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System Initiated @@ -30,6 +36,12 @@ steps: - name: balthasar agent: ~/.takt/agents/magi/balthasar.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System Continuing @@ -55,6 +67,12 @@ steps: - name: casper agent: ~/.takt/agents/magi/casper.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System Final Deliberation diff --git a/resources/global/en/workflows/research.yaml b/resources/global/en/workflows/research.yaml index 3641047..9a93cb8 100644 --- a/resources/global/en/workflows/research.yaml +++ b/resources/global/en/workflows/research.yaml @@ -14,6 +14,12 @@ max_iterations: 10 steps: - name: plan agent: ~/.takt/agents/research/planner.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Status - Iteration: {iteration}/{max_iterations} @@ -46,6 +52,12 @@ steps: - name: dig agent: ~/.takt/agents/research/digger.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Status - Iteration: {iteration}/{max_iterations} @@ -83,6 +95,12 @@ steps: - name: supervise agent: ~/.takt/agents/research/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Status - Iteration: {iteration}/{max_iterations} diff --git a/resources/global/ja/workflows/default.yaml b/resources/global/ja/workflows/default.yaml index bb2c4e4..4feb428 100644 --- a/resources/global/ja/workflows/default.yaml +++ b/resources/global/ja/workflows/default.yaml @@ -11,6 +11,13 @@ initial_step: plan steps: - name: plan agent: ~/.takt/agents/default/planner.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -72,6 +79,15 @@ steps: - name: implement agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -135,6 +151,12 @@ steps: - name: review agent: ~/.takt/agents/default/architect.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -199,6 +221,15 @@ steps: - name: improve agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -234,6 +265,12 @@ steps: - name: ai_review agent: ~/.takt/agents/default/ai-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -298,6 +335,15 @@ steps: - name: ai_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -331,6 +377,12 @@ steps: - name: security_review agent: ~/.takt/agents/default/security.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -398,6 +450,15 @@ steps: - name: security_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -427,6 +488,15 @@ steps: - name: fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -457,6 +527,13 @@ steps: - name: supervise agent: ~/.takt/agents/default/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} diff --git a/resources/global/ja/workflows/expert-review.yaml b/resources/global/ja/workflows/expert-review.yaml index 61c4048..105ef43 100644 --- a/resources/global/ja/workflows/expert-review.yaml +++ b/resources/global/ja/workflows/expert-review.yaml @@ -23,6 +23,13 @@ steps: # =========================================== - name: plan agent: ~/.takt/agents/default/planner.md + allowed_tools: + - Read + - Glob + - Grep + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -87,6 +94,15 @@ steps: # =========================================== - name: implement agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -153,6 +169,12 @@ steps: # =========================================== - name: cqrs_es_review agent: ~/.takt/agents/expert-review/cqrs-es-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -221,6 +243,15 @@ steps: - name: fix_cqrs_es agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -259,6 +290,12 @@ steps: # =========================================== - name: frontend_review agent: ~/.takt/agents/expert-review/frontend-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -327,6 +364,15 @@ steps: - name: fix_frontend agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -365,6 +411,12 @@ steps: # =========================================== - name: ai_review agent: ~/.takt/agents/default/ai-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -429,6 +481,15 @@ steps: - name: ai_fix agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -465,6 +526,12 @@ steps: # =========================================== - name: security_review agent: ~/.takt/agents/expert-review/security-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -530,6 +597,15 @@ steps: - name: fix_security agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -577,6 +653,12 @@ steps: # =========================================== - name: qa_review agent: ~/.takt/agents/expert-review/qa-reviewer.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -642,6 +724,15 @@ steps: - name: fix_qa agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -693,6 +784,12 @@ steps: # =========================================== - name: supervise agent: ~/.takt/agents/expert-review/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} @@ -800,6 +897,15 @@ steps: - name: fix_supervisor agent: ~/.takt/agents/default/coder.md + allowed_tools: + - Read + - Glob + - Grep + - Edit + - Write + - Bash + - WebSearch + - WebFetch instruction_template: | ## Workflow Context - Iteration: {iteration}/{max_iterations} diff --git a/resources/global/ja/workflows/magi.yaml b/resources/global/ja/workflows/magi.yaml index a4545f9..e1f350c 100644 --- a/resources/global/ja/workflows/magi.yaml +++ b/resources/global/ja/workflows/magi.yaml @@ -10,6 +10,12 @@ max_iterations: 5 steps: - name: melchior agent: ~/.takt/agents/magi/melchior.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System 起動 @@ -30,6 +36,12 @@ steps: - name: balthasar agent: ~/.takt/agents/magi/balthasar.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System 継続 @@ -55,6 +67,12 @@ steps: - name: casper agent: ~/.takt/agents/magi/casper.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | # MAGI System 最終審議 diff --git a/resources/global/ja/workflows/research.yaml b/resources/global/ja/workflows/research.yaml index f06b62d..8b30801 100644 --- a/resources/global/ja/workflows/research.yaml +++ b/resources/global/ja/workflows/research.yaml @@ -14,6 +14,12 @@ max_iterations: 10 steps: - name: plan agent: ~/.takt/agents/research/planner.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## ワークフロー状況 - イテレーション: {iteration}/{max_iterations} @@ -46,6 +52,12 @@ steps: - name: dig agent: ~/.takt/agents/research/digger.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## ワークフロー状況 - イテレーション: {iteration}/{max_iterations} @@ -83,6 +95,12 @@ steps: - name: supervise agent: ~/.takt/agents/research/supervisor.md + allowed_tools: + - Read + - Glob + - Grep + - WebSearch + - WebFetch instruction_template: | ## ワークフロー状況 - イテレーション: {iteration}/{max_iterations} diff --git a/src/__tests__/models.test.ts b/src/__tests__/models.test.ts index add1b31..f3a9c58 100644 --- a/src/__tests__/models.test.ts +++ b/src/__tests__/models.test.ts @@ -64,6 +64,7 @@ describe('WorkflowConfigRawSchema', () => { { name: 'step1', agent: 'coder', + allowed_tools: ['Read', 'Grep'], instruction: '{task}', transitions: [ { condition: 'done', next_step: 'COMPLETE' }, @@ -75,6 +76,7 @@ describe('WorkflowConfigRawSchema', () => { const result = WorkflowConfigRawSchema.parse(config); expect(result.name).toBe('test-workflow'); expect(result.steps).toHaveLength(1); + expect(result.steps[0]?.allowed_tools).toEqual(['Read', 'Grep']); expect(result.max_iterations).toBe(10); }); diff --git a/src/agents/runner.ts b/src/agents/runner.ts index 512f7ae..13bc421 100644 --- a/src/agents/runner.ts +++ b/src/agents/runner.ts @@ -29,6 +29,8 @@ export interface RunAgentOptions { provider?: 'claude' | 'codex'; /** Resolved path to agent prompt file */ agentPath?: string; + /** Allowed tools for this agent run */ + allowedTools?: string[]; onStream?: StreamCallback; onPermissionRequest?: PermissionHandler; onAskUserQuestion?: AskUserQuestionHandler; @@ -36,14 +38,6 @@ export interface RunAgentOptions { bypassPermissions?: boolean; } -/** Default tools for each built-in agent type */ -const DEFAULT_AGENT_TOOLS: Record = { - coder: ['Read', 'Glob', 'Grep', 'Edit', 'Write', 'Bash', 'WebSearch', 'WebFetch'], - architect: ['Read', 'Glob', 'Grep', 'WebSearch', 'WebFetch'], - supervisor: ['Read', 'Glob', 'Grep', 'Bash', 'WebSearch', 'WebFetch'], - planner: ['Read', 'Glob', 'Grep', 'Bash', 'WebSearch', 'WebFetch'], -}; - type AgentProvider = 'claude' | 'codex'; function resolveProvider(cwd: string, options?: RunAgentOptions, agentConfig?: CustomAgentConfig): AgentProvider { @@ -89,12 +83,14 @@ export async function runCustomAgent( task: string, options: RunAgentOptions ): Promise { + const allowedTools = options.allowedTools ?? agentConfig.allowedTools; + // If agent references a Claude Code agent if (agentConfig.claudeAgent) { const callOptions: ClaudeCallOptions = { cwd: options.cwd, sessionId: options.sessionId, - allowedTools: agentConfig.allowedTools, + allowedTools, model: options.model || agentConfig.model, onStream: options.onStream, onPermissionRequest: options.onPermissionRequest, @@ -109,7 +105,7 @@ export async function runCustomAgent( const callOptions: ClaudeCallOptions = { cwd: options.cwd, sessionId: options.sessionId, - allowedTools: agentConfig.allowedTools, + allowedTools, model: options.model || agentConfig.model, onStream: options.onStream, onPermissionRequest: options.onPermissionRequest, @@ -121,7 +117,7 @@ export async function runCustomAgent( // Custom agent with prompt const systemPrompt = loadAgentPrompt(agentConfig); - const tools = agentConfig.allowedTools || ['Read', 'Glob', 'Grep', 'WebSearch', 'WebFetch']; + const tools = allowedTools; const provider = resolveProvider(options.cwd, options, agentConfig); if (provider === 'codex') { const callOptions: CodexCallOptions = { @@ -134,12 +130,12 @@ export async function runCustomAgent( return callCodexCustom(agentConfig.name, task, systemPrompt, callOptions); } - const callOptions: ClaudeCallOptions = { - cwd: options.cwd, - sessionId: options.sessionId, - allowedTools: tools, - model: options.model || agentConfig.model, - statusPatterns: agentConfig.statusPatterns, + const callOptions: ClaudeCallOptions = { + cwd: options.cwd, + sessionId: options.sessionId, + allowedTools: tools, + model: options.model || agentConfig.model, + statusPatterns: agentConfig.statusPatterns, onStream: options.onStream, onPermissionRequest: options.onPermissionRequest, onAskUserQuestion: options.onAskUserQuestion, @@ -198,7 +194,7 @@ export async function runAgent( throw new Error(`Agent file not found: ${options.agentPath}`); } const systemPrompt = loadAgentPromptFromPath(options.agentPath); - const tools = DEFAULT_AGENT_TOOLS[agentName] || ['Read', 'Glob', 'Grep', 'WebSearch', 'WebFetch']; + const tools = options.allowedTools; const provider = resolveProvider(options.cwd, options); if (provider === 'codex') { diff --git a/src/config/workflowLoader.ts b/src/config/workflowLoader.ts index db946bc..ee1ca70 100644 --- a/src/config/workflowLoader.ts +++ b/src/config/workflowLoader.ts @@ -66,6 +66,7 @@ function normalizeWorkflowConfig(raw: unknown, workflowDir: string): WorkflowCon agent: step.agent, agentDisplayName: step.agent_name || extractAgentDisplayName(step.agent), agentPath: resolveAgentPathForWorkflow(step.agent, workflowDir), + allowedTools: step.allowed_tools, provider: step.provider, instructionTemplate: step.instruction_template || step.instruction || '{task}', transitions: step.transitions.map((t) => ({ diff --git a/src/models/schemas.ts b/src/models/schemas.ts index 242a577..97a7e95 100644 --- a/src/models/schemas.ts +++ b/src/models/schemas.ts @@ -59,6 +59,7 @@ export const WorkflowStepRawSchema = z.object({ agent: z.string().min(1), /** Display name for the agent (shown in output). Falls back to agent basename if not specified */ agent_name: z.string().optional(), + allowed_tools: z.array(z.string()).optional(), provider: z.enum(['claude', 'codex']).optional(), instruction: z.string().optional(), instruction_template: z.string().optional(), diff --git a/src/models/types.ts b/src/models/types.ts index 53bd2f6..2964711 100644 --- a/src/models/types.ts +++ b/src/models/types.ts @@ -60,6 +60,8 @@ export interface WorkflowStep { agent: string; /** Display name for the agent (shown in output). Falls back to agent basename if not specified */ agentDisplayName: string; + /** Allowed tools for this step (optional, passed to agent execution) */ + allowedTools?: string[]; /** Resolved absolute path to agent prompt file (set by loader) */ agentPath?: string; /** Provider override for this step */ diff --git a/src/workflow/engine.ts b/src/workflow/engine.ts index 7e8e0ac..c5324d0 100644 --- a/src/workflow/engine.ts +++ b/src/workflow/engine.ts @@ -147,6 +147,7 @@ export class WorkflowEngine extends EventEmitter { cwd: this.cwd, sessionId, agentPath: step.agentPath, + allowedTools: step.allowedTools, provider: step.provider, onStream: this.options.onStream, onPermissionRequest: this.options.onPermissionRequest,