vietreport-admin/solution-erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
231a7b0c36917d13abbed42ef13d02c3297564e7
solution-erp/.claude/agent-memory/investigator-api/MEMORY.md

42 lines
8.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Investigator-API Agent — Persistent Memory
> **Persistent diary cross-session.** Auto-injected first ~200 lines at spawn (L1 HOT).
> Update BEFORE every stop. Tiered Memory v1: L1 HOT soft-cap ~30KB · L2 `archive/` on-demand · L3 RAG `search_memory` just-in-time. Keep entry ≤ 1.5K chars (gotcha #53).
> **NEW agent S39 (2026-05-29)** — split từ investigator (external research half). Internal audit history ở `investigator-codebase`.
---
## 🎯 Role baseline
Read-only EXTERNAL research specialist. WebFetch/WebSearch official docs + NuGet/npm CVE + FE lib eval + cross-project reference (NamGroup/DH_Y_DUOC/BVAAU). Tools: Read, Bash, WebFetch, WebSearch + 5 RAG MCP. Output: findings + source URLs ≤ 500 words. Skill: `dependency-audit-erp`.
## 🚫 Split boundary
- ✅ MINE: external docs, CVE scan, lib license+bundle eval, cross-project pattern port
- ❌ NOT: internal codebase audit / SQL schema / grep symbol → `investigator-codebase`
## 🔑 Dependency pin constraints (flag violation)
- MediatR `12.4.1` (gotcha #1) · Swashbuckle `6.9.0` (gotcha #2) · Node CI `20.x` · LibreOffice `25.8.6` · @microsoft/signalr `8.0.7`
- New dep eval: license MIT? bundle gzipped impact? (vd FullCalendar v6 React MIT verified S36 — daygrid/timegrid OK, Premium chỉ scheduler — SOL chọn custom HTML grid save ~80KB instead)
## 🌐 Trusted source URLs
- `anthropic.com/engineering/` · `cognition.ai/blog/` · `learn.microsoft.com/en-us/aspnet/core/` + `/ef/core/` · `tanstack.com/query/latest` · `ui.shadcn.com` · `philschmid.de` · `eugeneyan.com` · `hamel.dev`
## 📂 Cross-project reference paths
- NamGroup `D:\Dropbox\CONG_VIEC\NAMGROUP\SOURCECODE_CÔNG_TY\NAMGROUP\` (Phase 10 port — TblNhanVien/TblPhongHop/TblResource patterns)
- DH_Y_DUOC `D:\Dropbox\CONG_VIEC\DAI_Y_DUOC\DH_Y_DUOC_SOURCECODE\DH_Y_DUOC\` (clean arch + CQRS)
- BVAAU `D:\Dropbox\CONG_VIEC\BENHVIEN_A_AU\SOURCE_CODDE\` (multi-agent config — 7 agent split reference)
## 📅 Recent activity (last 10 FIFO)
- **2026-05-29 (S39 agent split setup):** NEW agent created từ split investigator. Seeded external-research half. Prior cross-project audits (NamGroup Phase 10 port G-H1/G-O2 + FullCalendar eval S36 + BVAAU 7-agent config S39) absorbed into role baseline.
- **2026-05-29 (S40 FIRST SPAWN — smoke-verify + RAG fleet report):** Agent load OK confirmed. `list_projects` → 7 project, total **39,798 chunks**. Rerank pipeline LIVE verdict **PASS** (search_memory scope=self use_rerank=true → top rerank_score **0.8789**, 3 results all carry rerank_score). Staleness >5d (vs 05-29): dh_y_duoc (05-23, 6d) / namgroup_main (05-22, 7d) / ashico_erp (05-22, 7d). solution_erp 05-28 fresh-ish but missing S37-S39 content. `shared_global` = 0 chunks (chưa promote pattern nào). MINOR drift: namgroup_main actual 11306 (brief said 11305). vipix_ai_infra (1652) = AI_INFRA hub root `D:\...\AI_INFRA`. No re-ingest performed (report-only).
- **2026-06-16 (Góc 1 — FOUNDATIONAL: HTTPS `<a href=file://>` click có mở Explorer/local/UNC?):** Dứt khoát = **KHÔNG** trên browser mặc định. Chrome/Edge **76+** chặn navigate file:// từ trang non-file:// → click = "nothing visibly happens", console `"Not allowed to load local resource: file://host/page"` (textslashplain 2019 + MS Learn xác nhận verbatim). Firefox cũng chặn cross-origin file://. **NGOẠI LỆ CHÍNH THỨC duy nhất** = Edge GPO **`IntranetFileLinksEnabled`** — confirmed **Windows ≥95** (MS Learn dedicated page DEFINITIVE; "77+" trên trang chỉ là article-applies boilerplate, ĐỪNG nhầm). Behavior: intranet-zone HTTPS → file:// link → Explorer parent-dir + select file (dir-link mở folder no-select). Reg `HKLM\SOFTWARE\Policies\Microsoft\Edge\IntranetFileLinksEnabled=1` REG_DWORD, ADMX `Content settings`. `https://localhost/` block exception; loopback 127.x/[::1]=internet-zone. **URLAllowlist KHÔNG giải**: MS Learn quote verbatim "doesn't work as expected with file://* wildcards" + chỉ exception URLBlocklist, KHÔNG lift nav-block. **Chrome KHÔNG có equivalent** ("No option to disable this navigation blocking is available in Chrome"). Ext "Enable Local File Links"/Local Explorer = workaround nhưng cần install per-machine + "will not help if page uses JS to navigate" (chỉ bắt click listener). one-click+zero-install thuần-web = **FALSE**; chỉ path = Edge GPO 100% fleet (Góc 3). Sources: textslashplain.com/2019/10/09/navigating-to-file-urls; learn.microsoft.com/deployedge intranetfilelinksenabled + urlallowlist.
- **2026-06-16 (Góc 2 — ZERO-install mở Explorer tới O:\ từ web, complements Góc 3 below):** Ruled OUT the no-server-policy tricks: (a) **File System Access `showDirectoryPicker` KHÔNG mở path cho-sẵn**`startIn` chỉ nhận well-known dir (downloads/desktop/...) HOẶC FileSystemHandle đã-pick, KHÔNG raw `O:\`; BẮT BUỘC user gesture + tự navigate (MDN). (b) **.url download = 2-BƯỚC** (download→double-click), KHÔNG one-click; nhưng `.url [InternetShortcut] URL=file:///O:/...` dispatch qua shell nên folder/UNC CÓ mở Explorer — `.lnk` thì dính MoTW/SmartScreen (chính vector LNK-stomping CVE-2024-38217, IT flag). (c) **ms-explorer/shell: KHÔNG web-callable** = custom-protocol anh đã reject. Kết: KHÔNG có true one-click+zero-install thuần web; chỉ-server-side path duy nhất = Edge GPO `IntranetFileLinksEnabled` (xem Góc 3 entry kế). Sources: MDN showDirectoryPicker; learn.microsoft win32 internet-shortcuts; textslashplain navigating-to-file-urls.
- **2026-06-16 (eoffice "open mapped O: drive folder from web app" — Góc 3 setup-light research):** WINNER = native Edge policy **`IntranetFileLinksEnabled`** (Edge ≥95, REG_DWORD `HKLM\SOFTWARE\Policies\Microsoft\Edge\IntranetFileLinksEnabled=1`, ADMX `Admin Templates/Microsoft Edge/Content settings`). Behavior: intranet-zone HTTPS page → file:// link → opens Explorer to parent dir + selects file (dir-link opens folder). **ZERO per-machine install** (1 GPO setting). HARD reqs: (1) app served HTTPS, (2) eoffice host in **IE Intranet Zone** (push via SiteToZoneAssignmentList GPO), (3) Edge only — **Chrome has NO equivalent** (confirmed MS+textslashplain: Chrome 76+ blocks file:// nav, only fix=Local Explorer ext). Caveat: first-click shows external-protocol prompt unless ExternalProtocolDialogShowAlwaysOpenCheckbox lets user tick "always". URLAllowlist does NOT solve nav-block + "doesn't work with file://* wildcards" (MS Learn). Ext route = ExtensionInstallForcelist (force-install, but 3rd-party Local Explorer = paid + needs native helper.exe install = NOT zero-install). .reg custom-protocol = anh đã reject. Verdict: oneClick+zeroInstall TRUE **only if 100% Edge fleet**; mixed-Chrome → must add extension (loses zero-install). Sources: learn.microsoft.com/deployedge intranetfilelinksenabled + urlallowlist + extensioninstallforcelist; chromeenterprise.google/policies/url-patterns; textslashplain.com navigating-to-file-urls.
- **2026-06-07 (Harness 1 H3 — plugin/skill adoption audit):** Browsed marketplace `claude-plugins-official` (full marketplace.json ~200+ plugin; local folder 35). Enabled user-global (`~/.claude/settings.json`) = **15 plugin**. **KEY surprise:** `sql-database-assistant` + `frontend-design` + `skill-creator` + `code-reviewer` exist as **standalone user-global skills** at `~/.claude/skills/` (auto-available every project — NO plugin enable needed). `~/.claude/skills/` has 23 standalone skills. Value-locus verdict: frontend-design=skill-only (clean); code-modernization=**agent-bearing** (5 agent incl security-auditor/test-engineer + 7 cmd — NOT skill-only); pr-review-toolkit + feature-dev = agent-bearing, BOTH ship agent `code-reviewer`**name-collision** ×2 + collides roster `reviewer.md`. csharp-lsp = **Windows no-op** (`csharp-ls` NOT on PATH, needs `dotnet tool install`). code-review = command-only, gh-CLI based → partial no-op (project = Gitea not GitHub). session-report = node `.mjs` (Win-OK, Node 20). Roster ACTUAL = 8 agent (cicd-monitor/frontend-designer/implementer-backend|frontend/investigator-api|codebase/reviewer/test-specialist); "8→10" = planned H1 tooling-auditor + H2 harvest-curator. Recommend: GỘP skill vào sub hiện-có, KHÔNG enable agent-bearing plugin (roster đủ). Report-only.
---
## 🔄 Curate trigger
- Size > ~30KB → archive to L2 `archive/<period>.md`. Stale > 3 months → remove.
Reference in New Issue View Git Blame Copy Permalink