solution-erp/docs/governance/adap-reports/2026-06-07-Agent-harness-2.md

# adap-report — 2026-06-07-Agent-harness-2

> SISTER = SOLUTION_ERP. Report-format LOCK (5 trường). Generated 2026-06-07, apply by em main (HMW-mode ON). Script/doc `.js`/`.md` **chưa runtime-live pre-restart** (no hot-reload).

## 1. id-broadcast
`2026-06-07-Agent-harness-2` (category: Agent · reviewer_gate: **PASS** · nac: published · targets: **all-fit**). Harness 2 = Agent-team (A1-A2) + **Workflow wave-folder memory-isolation** (B1-B6). Prereq: #1 store_memory-strip (S47 ✓) + #4 ultracode-HMW (S49 ✓) + Harness 1 H2 harvest-curator (cùng session này ✓).

## 2. nac G-011
**executed-file** (hmw.js wave-mode + .gitignore B6 + workflows/README + session-end B5 wire) → **VERIFIED-runtime S50 (2026-06-07) ✅:** wave-run `h2-verify` (Workflow Run `wf_b7e4d6ef-787`, 2-agent) proved B6 isolation END-TO-END (git-diff agent-memory EMPTY + sub-MD gitignored + chunk 2415=2415, 0 leak) + B4 both-paths (write-direct + read-only-scribe) + B5 harvest (harvest-curator gom 2 sub-MD → agent-memory). B6 gitignore already verified S49 via `git check-ignore -v`. B1 spawn-from-real-sub live since S49.

## 3. evidence
**PROJECT-FIT = ADOPT B (tailored) · A = n-a-convention-ready.** SE chạy Workflow fan-out (recon-wave session này = bằng chứng). A (agent-team) = Windows in-process only → SE chưa dùng team thật.

Files written/edited (repo SOLUTION_ERP):
- **hmw.js wave-mode** — `.claude/workflows/hmw.js`: +`subMdPath` schema · +`wave` block (`A.wave.dir` detect) · +`writeGuard` TOOL-AWARE 2-nhánh (Write-sub ghi-direct sub-MD / read-only-sub return→lead-scribe) · +ISOLATION-B6 prompt (CHỈ wave-folder, KHÔNG agent-memory/MD-canonical) · meta.description 2-MODE · header no-fs scaffold note. Mirror AI_INFRA hmw.js, tailor 8-role.
- **.gitignore B6** — +`.claude/workflows/wave-*/` + `.claude/agent-teams/` (AFTER `!.claude/**` line 83 → last-match-wins). **VERIFIED** `git check-ignore -v .claude/workflows/wave-test/wave.md` → match line 93 (gitignored); `hmw.js`+`README.md` exit=1 (tracked).
- **convention doc** — NEW `.claude/workflows/README.md` (2-MODE table · wave-folder 2-tier structure wave.md+sub-MD+_harvest.md · B1-B6 quy-trình · agent-team n-a note · guard S1/checkpoint/G-015).
- **B5 harvest wire** — `session-end.md` §L.b(f) += wave-folder gom (harvest-curator quét wave-*/sub-*.md → APPEND agent-memory/<role> + verify B6 git-diff/chunk-count). [làm chung Harness 1 wiring]

SELF-CHECK (broadcast H2):
- A1: agent-team isolated folder `.claude/agent-teams/` gitignored + README note. ✓ (n-a runtime — convention-ready)
- A2/B1: workflow-agent fork sub THẬT (agentType + memoryPack slice). ✓ (đã live hmw.js)
- B2: wave-folder 2-tầng (wave.md + sub-<role>-<i>.md). ✓ (schema subMdPath + README structure)
- B3: lead SCAFFOLD folder+wave.md TRƯỚC fan-out (script no-fs — header comment + README + meta). ✓
- B4: writeGuard tool-aware (Write-sub direct / read-only-sub return→lead-scribe). ✓ (hmw.js)
- B5: harvest-curator (H2) gom wave→agent-memory @session-end. ✓ (wired §L.b f)
- B6: wave-folder gitignored + git-diff audit. ✓ **VERIFIED git check-ignore** (KHÔNG tin .gitignore text).
- Restart + wave-run thật kiểm B6/B5: ⏳ **pending** (báo đúng nấc).

commit-sha: **`e27d877`** (S49, 2026-06-07 — shared 37-file adoption commit).

## 4. tailored-gì + skip-gì-vì-sao
- **FUNCTION-floor adopt FULLY (B1-B6):** scaffold-by-lead · 2-tier · tool-aware writeGuard · isolation-audit · harvest-gom · gitignore-B6 — giữ đủ.
- **FORM tailored SE:** (a) read-only sub list = **investigator-codebase/api, reviewer, cicd-monitor** (4 SE read-only) vs Write sub implementer-backend/frontend, test-specialist, frontend-designer (4); AI_INFRA dùng "investigator/reviewer/cicd/monitor". (b) VALID_ROLES giữ **8** (KHÔNG thêm 2 monitor — tooling-auditor/harvest-curator = session-boundary, KHÔNG P2 fan-out worker). (c) canonical ref → AI_INFRA §J4/§J6 qua cross_project_search (SE không có CANONICAL-RULES local). (d) gitignore pattern mirror SE marker style (line 87 hmw-mode.on).
- **A (agent-team) = SKIP=n-a-convention-ready** (KHÔNG behind): Windows 11 in-process only + SE chưa dùng team. Cơ-chế isolation chung qua workflow (`.claude/agent-teams/` gitignored phòng-trước).
- **ADD-mode (KHÔNG thay return-delta):** wave-mode CHỈ workflow DÀI; fan-out nhẹ (recon-wave session này) giữ return-delta-only — #4 ultracode floor không vỡ.

## 5. honest-caveat
- **✅ nấc UPDATED S50:** wave-mode END-TO-END **verified-runtime** — wave-run `h2-verify` exercised sub-MD-isolated-write (B4) + B5 harvest + B6 isolation audit (git-diff/chunk clean). _(S49-time caveat "CHƯA wave-run nào chạy" = RESOLVED.)_
- **G-015 KHÔNG overclaim isolation "ENFORCED":** containment = gitignore-wave + lead git-diff post-P2 + lead-scribe(read-only sub) = defense-in-depth, KHÔNG sandbox cứng. Read-only sub vẫn giữ Bash → ghi-ngoài-repo (git-diff mù) / curl Qdrant (chunk-count bắt). Câu đúng = "sub ghi-direct chỉ wave-folder; ghi-ra-MD-chính bị git-diff bắt (in-repo); ngoài-repo/RAG cần chunk-count".
- **Lead-scribe ≠ sub-write-direct cho read-only sub:** 4 SE read-only sub (investigator×2/reviewer/cicd) KHÔNG có Write → "ghi wave-folder" thực = return findings→em main scribe. Chỉ 4 Write-sub mới ghi-direct được. KHÔNG claim "sub tự-ghi-direct" cho read-only.
- **hmw.js JS chưa node-check được** (top-level await/return — runtime-wrapped). Syntax confidence từ mirror AI_INFRA template (proven) + careful edit; verified-runtime cần 1 invoke thật.