8.3 KiB
8.3 KiB
Investigator-API Agent — Persistent Memory
Persistent diary cross-session. Auto-injected first ~200 lines at spawn (L1 HOT). Update BEFORE every stop. Tiered Memory v1: L1 HOT soft-cap ~30KB · L2
archive/on-demand · L3 RAGsearch_memoryjust-in-time. Keep entry ≤ 1.5K chars (gotcha #53). NEW agent S39 (2026-05-29) — split từ investigator (external research half). Internal audit history ởinvestigator-codebase.
🎯 Role baseline
Read-only EXTERNAL research specialist. WebFetch/WebSearch official docs + NuGet/npm CVE + FE lib eval + cross-project reference (NamGroup/DH_Y_DUOC/BVAAU). Tools: Read, Bash, WebFetch, WebSearch + 5 RAG MCP. Output: findings + source URLs ≤ 500 words. Skill: dependency-audit-erp.
🚫 Split boundary
- ✅ MINE: external docs, CVE scan, lib license+bundle eval, cross-project pattern port
- ❌ NOT: internal codebase audit / SQL schema / grep symbol →
investigator-codebase
🔑 Dependency pin constraints (flag violation)
- MediatR
12.4.1(gotcha #1) · Swashbuckle6.9.0(gotcha #2) · Node CI20.x· LibreOffice25.8.6· @microsoft/signalr8.0.7 - New dep eval: license MIT? bundle gzipped impact? (vd FullCalendar v6 React MIT verified S36 — daygrid/timegrid OK, Premium chỉ scheduler — SOL chọn custom HTML grid save ~80KB instead)
🌐 Trusted source URLs
anthropic.com/engineering/·cognition.ai/blog/·learn.microsoft.com/en-us/aspnet/core/+/ef/core/·tanstack.com/query/latest·ui.shadcn.com·philschmid.de·eugeneyan.com·hamel.dev
📂 Cross-project reference paths
- NamGroup
D:\Dropbox\CONG_VIEC\NAMGROUP\SOURCECODE_CÔNG_TY\NAMGROUP\(Phase 10 port — TblNhanVien/TblPhongHop/TblResource patterns) - DH_Y_DUOC
D:\Dropbox\CONG_VIEC\DAI_Y_DUOC\DH_Y_DUOC_SOURCECODE\DH_Y_DUOC\(clean arch + CQRS) - BVAAU
D:\Dropbox\CONG_VIEC\BENHVIEN_A_AU\SOURCE_CODDE\(multi-agent config — 7 agent split reference)
📅 Recent activity (last 10 FIFO)
- 2026-05-29 (S39 agent split setup): NEW agent created từ split investigator. Seeded external-research half. Prior cross-project audits (NamGroup Phase 10 port G-H1/G-O2 + FullCalendar eval S36 + BVAAU 7-agent config S39) absorbed into role baseline.
- 2026-05-29 (S40 FIRST SPAWN — smoke-verify + RAG fleet report): Agent load OK confirmed.
list_projects→ 7 project, total 39,798 chunks. Rerank pipeline LIVE verdict PASS (search_memory scope=self use_rerank=true → top rerank_score 0.8789, 3 results all carry rerank_score). Staleness >5d (vs 05-29): dh_y_duoc (05-23, 6d) / namgroup_main (05-22, 7d) / ashico_erp (05-22, 7d). solution_erp 05-28 fresh-ish but missing S37-S39 content.shared_global= 0 chunks (chưa promote pattern nào). MINOR drift: namgroup_main actual 11306 (brief said 11305). vipix_ai_infra (1652) = AI_INFRA hub rootD:\...\AI_INFRA. No re-ingest performed (report-only). - 2026-06-16 (Góc 1 — FOUNDATIONAL: HTTPS
<a href=file://>click có mở Explorer/local/UNC?): Dứt khoát = KHÔNG trên browser mặc định. Chrome/Edge 76+ chặn navigate file:// từ trang non-file:// → click = "nothing visibly happens", console"Not allowed to load local resource: file://host/page"(textslashplain 2019 + MS Learn xác nhận verbatim). Firefox cũng chặn cross-origin file://. NGOẠI LỆ CHÍNH THỨC duy nhất = Edge GPOIntranetFileLinksEnabled— confirmed Windows ≥95 (MS Learn dedicated page DEFINITIVE; "77+" trên trang chỉ là article-applies boilerplate, ĐỪNG nhầm). Behavior: intranet-zone HTTPS → file:// link → Explorer parent-dir + select file (dir-link mở folder no-select). RegHKLM\SOFTWARE\Policies\Microsoft\Edge\IntranetFileLinksEnabled=1REG_DWORD, ADMXContent settings.https://localhost/block exception; loopback 127.x/[::1]=internet-zone. URLAllowlist KHÔNG giải: MS Learn quote verbatim "doesn't work as expected with file://* wildcards" + chỉ exception URLBlocklist, KHÔNG lift nav-block. Chrome KHÔNG có equivalent ("No option to disable this navigation blocking is available in Chrome"). Ext "Enable Local File Links"/Local Explorer = workaround nhưng cần install per-machine + "will not help if page uses JS to navigate" (chỉ bắt click listener). one-click+zero-install thuần-web = FALSE; chỉ path = Edge GPO 100% fleet (Góc 3). Sources: textslashplain.com/2019/10/09/navigating-to-file-urls; learn.microsoft.com/deployedge intranetfilelinksenabled + urlallowlist. - 2026-06-16 (Góc 2 — ZERO-install mở Explorer tới O:\ từ web, complements Góc 3 below): Ruled OUT the no-server-policy tricks: (a) File System Access
showDirectoryPickerKHÔNG mở path cho-sẵn —startInchỉ nhận well-known dir (downloads/desktop/...) HOẶC FileSystemHandle đã-pick, KHÔNG rawO:\; BẮT BUỘC user gesture + tự navigate (MDN). (b) .url download = 2-BƯỚC (download→double-click), KHÔNG one-click; nhưng.url [InternetShortcut] URL=file:///O:/...dispatch qua shell nên folder/UNC CÓ mở Explorer —.lnkthì dính MoTW/SmartScreen (chính vector LNK-stomping CVE-2024-38217, IT flag). (c) ms-explorer/shell: KHÔNG web-callable = custom-protocol anh đã reject. Kết: KHÔNG có true one-click+zero-install thuần web; chỉ-server-side path duy nhất = Edge GPOIntranetFileLinksEnabled(xem Góc 3 entry kế). Sources: MDN showDirectoryPicker; learn.microsoft win32 internet-shortcuts; textslashplain navigating-to-file-urls. - 2026-06-16 (eoffice "open mapped O: drive folder from web app" — Góc 3 setup-light research): WINNER = native Edge policy
IntranetFileLinksEnabled(Edge ≥95, REG_DWORDHKLM\SOFTWARE\Policies\Microsoft\Edge\IntranetFileLinksEnabled=1, ADMXAdmin Templates/Microsoft Edge/Content settings). Behavior: intranet-zone HTTPS page → file:// link → opens Explorer to parent dir + selects file (dir-link opens folder). ZERO per-machine install (1 GPO setting). HARD reqs: (1) app served HTTPS, (2) eoffice host in IE Intranet Zone (push via SiteToZoneAssignmentList GPO), (3) Edge only — Chrome has NO equivalent (confirmed MS+textslashplain: Chrome 76+ blocks file:// nav, only fix=Local Explorer ext). Caveat: first-click shows external-protocol prompt unless ExternalProtocolDialogShowAlwaysOpenCheckbox lets user tick "always". URLAllowlist does NOT solve nav-block + "doesn't work with file://* wildcards" (MS Learn). Ext route = ExtensionInstallForcelist (force-install, but 3rd-party Local Explorer = paid + needs native helper.exe install = NOT zero-install). .reg custom-protocol = anh đã reject. Verdict: oneClick+zeroInstall TRUE only if 100% Edge fleet; mixed-Chrome → must add extension (loses zero-install). Sources: learn.microsoft.com/deployedge intranetfilelinksenabled + urlallowlist + extensioninstallforcelist; chromeenterprise.google/policies/url-patterns; textslashplain.com navigating-to-file-urls. - 2026-06-07 (Harness 1 H3 — plugin/skill adoption audit): Browsed marketplace
claude-plugins-official(full marketplace.json ~200+ plugin; local folder 35). Enabled user-global (~/.claude/settings.json) = 15 plugin. KEY surprise:sql-database-assistant+frontend-design+skill-creator+code-reviewerexist as standalone user-global skills at~/.claude/skills/(auto-available every project — NO plugin enable needed).~/.claude/skills/has 23 standalone skills. Value-locus verdict: frontend-design=skill-only (clean); code-modernization=agent-bearing (5 agent incl security-auditor/test-engineer + 7 cmd — NOT skill-only); pr-review-toolkit + feature-dev = agent-bearing, BOTH ship agentcode-reviewer→ name-collision ×2 + collides rosterreviewer.md. csharp-lsp = Windows no-op (csharp-lsNOT on PATH, needsdotnet tool install). code-review = command-only, gh-CLI based → partial no-op (project = Gitea not GitHub). session-report = node.mjs(Win-OK, Node 20). Roster ACTUAL = 8 agent (cicd-monitor/frontend-designer/implementer-backend|frontend/investigator-api|codebase/reviewer/test-specialist); "8→10" = planned H1 tooling-auditor + H2 harvest-curator. Recommend: GỘP skill vào sub hiện-có, KHÔNG enable agent-bearing plugin (roster đủ). Report-only.
🔄 Curate trigger
- Size > ~30KB → archive to L2
archive/<period>.md. Stale > 3 months → remove.