agent-orchestrator/packages/core
Harshit Singh Bhandari 7d9b862e93
refactor(agent-claude-code): replace terminal-regex activity detection with hooks (closes #1941) (#1945)
* feat(core): allow source: "hook" in ActivityLogEntry (#1941)

First step of the activity-detection hook refactor: extend the AO
activity-JSONL schema so platform-event hooks (Claude Code's
PermissionRequest / Stop / StopFailure / Notification / ...) can write
entries with explicit provenance, distinct from terminal-derived
("terminal") and agent-native-JSONL ("native") writes.

No behaviour change yet — hook writers come in subsequent commits.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* feat(agent-claude-code): add activity-updater hook scripts (#1941)

Adds bash + Node script source strings (`ACTIVITY_UPDATER_SCRIPT` /
`ACTIVITY_UPDATER_SCRIPT_NODE`) that translate Claude Code lifecycle
hooks into AO activity-JSONL entries with `source: "hook"`.

Event mapping is intentional and verified against the live Claude Code
hooks reference (code.claude.com/docs/en/hooks, not the older anthropic.com
URL the RFC referenced):

- SessionStart / Stop / SubagentStop                 → ready
- UserPromptSubmit / PreToolUse / PostToolUse /
  PostToolUseFailure / PreCompact / PostCompact /
  SubagentStart / PostToolBatch                      → active
- PermissionRequest                                  → waiting_input
- Notification(permission_prompt | idle_prompt)      → waiting_input
- Notification(auth_success | elicitation_*)         → no-op (the RFC's
  blanket "Notification → waiting_input" would false-fire here)
- StopFailure                                        → blocked
- everything else (SessionEnd, TaskCreated, ...)     → no-op

Event name comes from the stdin JSON payload's `hook_event_name`
field — the RFC's proposed `$CLAUDE_HOOK_EVENT_NAME` env var does not
exist in Claude Code. The script never blocks Claude (`exit 0` on every
path, including parse failures and disk-full).

Bash variant uses `node -p 'new Date().toISOString()'` for the timestamp
because BSD date doesn't support `%3N`. Node is a hard runtime dep of
Claude Code so this is always available.

Plugin wiring + regex-layer removal come in subsequent commits — this
commit only adds the scripts and their 52-test (bash × node) parity
suite.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* feat(agent-claude-code): register activity-updater on every relevant hook (#1941)

`setupWorkspaceHooks` now installs the activity-updater script alongside
the existing metadata-updater and registers it on every Claude Code
event that carries activity information:

  SessionStart, UserPromptSubmit, PreToolUse, PostToolUse,
  PostToolUseFailure, PostToolBatch, Notification, PermissionRequest,
  Stop, StopFailure, SubagentStart, SubagentStop, PreCompact, PostCompact

The metadata-updater stays registered on PostToolUse(Bash) only — git/gh
side-effect detection is unrelated to activity classification, and
splitting them keeps each script tight.

Implementation notes:
- Hook registration is now a declarative table (`HookRegistration[]`)
  fed through a shared `upsertHookEntry` helper. Calling
  `setupWorkspaceHooks` twice updates our entries in place; any
  user-installed Stop/PreToolUse/... hook is preserved alongside ours.
- Activity-updater hooks register with matcher "" — Claude Code's
  empty-string matcher fires on every variant of the event (e.g. every
  Notification regardless of `notification_type`). Variant filtering
  happens inside the script.
- Timeout for activity-updater is 2000ms (vs metadata-updater's 5000ms)
  — the script does a single JSON parse + append.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(agent-claude-code): retire terminal-regex layer (#1941)

`classifyTerminalOutput` was the source of the 15-commit churn in #1932:
every Claude UI tweak (footer wording, status verb, spinner glyph) broke
a heuristic and needed a tightening pattern. With Claude lifecycle hooks
now writing authoritative state directly to `.ao/activity.jsonl`
(`source: "hook"`), the regex layer is structurally obsolete.

This commit removes the patterns and reduces `classifyTerminalOutput` to
a stable `return "idle"` stub:

- `recordActivity` is no longer implemented on the Claude agent — the
  hooks ARE the activity producer. Lifecycle manager guards
  `agent.recordActivity?` so this is a clean drop.
- `detectActivity` is kept on the Agent interface (still required by
  Aider/OpenCode/Codex fallback) but on Claude is now a constant
  "idle" — the lifecycle's terminal-output fallback path therefore
  records a neutral signal and the JSONL cascade is the only source
  of truth for active/ready/waiting_input/blocked.
- Native Claude JSONL handling and `NOISE_JSONL_TYPES` are unchanged —
  those operate on Claude's own session files, not on terminal pixels.

Tests that exercised the retired heuristics (~200 LOC of regex-pattern
assertions in `detectActivity` + `recordActivity` integration tests) are
replaced with:
  - One it.each guarding that every previously-classified input now
    returns "idle" (locks in the no-signal contract).
  - A direct assertion that `agent.recordActivity` is undefined.
  - New tests that write hook-sourced JSONL entries
    (`source: "hook"`, trigger like "PermissionRequest (Bash)") and
    verify the cascade surfaces them correctly.

Net: −200 LOC of heuristic, ditto of tests, zero regression risk because
the cascade already accepted any `source` value as long as the entry
parsed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore(changeset): claude activity hooks (#1941)

ao-core: minor (extends ActivityLogEntry.source / ActivitySignalSource
with "hook" — new value, no consumer break).
ao-plugin-agent-claude-code: minor (new activity-updater hook scripts,
terminal-regex layer retired).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* refactor(agent-claude-code): address copilot review on #1945 (#1941)

Four reviewer concerns, all valid:

1. `upsertHookEntry` assumed `hooks[event]` is always an array. A
   malformed/legacy settings.json with a non-array value there would
   crash on `.push`. Normalize via `Array.isArray(existing) ? existing : []`
   and start fresh on bad input. New test: malformed object instead of
   array round-trips cleanly with our entry added.

2. `upsertHookEntry` unconditionally overwrote `entry.matcher` on
   updates. If a user has co-located their own hook def in the same
   `{ matcher, hooks: [...] }` object as ours, resetting the matcher
   changes when the user's def fires. Now only refresh matcher when
   the entry contains a single hook def (ours). New test: user hook
   sharing an entry with us keeps its `Edit|Write` matcher across
   re-setup calls.

3. Claude agent's `detectActivity` comment claimed the lifecycle
   manager would "override" its result via the JSONL cascade. Not
   accurate — lifecycle calls `detectActivity` only when
   `getActivityState` returned null, and that path doesn't write to
   .ao/activity.jsonl. Reworded to describe the actual behaviour:
   `detectActivity` is the no-signal fallback when there's no JSONL
   and no hook entry yet, and "idle" is the conservative answer.

4. `classifyTerminalOutput`'s docstring promised that the Claude
   agent's `detectActivity` would delegate to it "rather than inlining
   `() => "idle"`", but `detectActivity` actually inlined `return "idle"`.
   Restored the delegation so the rationale matches the code.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* test(agent-claude-code): skip bash activity-updater suite on Windows (#1941)

Greptile review on #1945: `execSync('bash "..."')` throws ENOENT on
Windows because bash isn't a native shell there, and the catch block
leaves `lastEntry = null` — making all ~26 bash-variant cases fail on
Windows CI.

Skip the bash suite on Windows via `describe.skipIf(... isWindows())`
(matches the convention used in
packages/core/src/__tests__/migration-storage-v2.test.ts). The Node
variant suite runs on every platform and is the canonical Windows path
for the activity-updater anyway, so parity between the two
implementations is still verified on Linux/macOS CI.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(agent-claude-code): escape control chars in bash trigger output (#1941)

i-trytoohard's PR review flagged that bash's escape_json only handles \
and " — not \n / \r / \t / \b / \f — creating asymmetry with the Node
variant where JSON.stringify covers everything. Bounded today by
Claude's event/tool/error-name enums never containing control chars,
but adds latent risk if a future trigger source isn't equally clean.

Five-line fix: extend escape_json with the five common JSON control-char
escapes so both implementations stay in lockstep against any future
trigger payload shape.

Locks the parity with a new round-trip test that smuggles
\n / \t / \r / \\ / " through error_type — confirms exactly one JSONL
line is written (no literal newline splitting one entry into two) and
the parsed trigger round-trips bit-for-bit on both bash and Node.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* fix(agent-claude-code): drop useless \$ escape in bash heredoc (#1941)

Lint job on #1945 failed with five `no-useless-escape` errors after the
escape-control-chars fix. The five new lines in escape_json wrote
`\$'\\n'` inside the JS template literal, but `$` is only special in JS
template literals when followed by `{` — outside of interpolation it
needs no backslash. Bash output is byte-identical (still emits `$'\n'`
for ANSI-C quoting), so the 54 round-trip tests stay green.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-20 18:17:35 +05:30
..
__tests__ feat(notifier): make notifier system robust with manual harness and desktop setup (#1736) 2026-05-19 14:48:40 +05:30
src refactor(agent-claude-code): replace terminal-regex activity detection with hooks (closes #1941) (#1945) 2026-05-20 18:17:35 +05:30
CHANGELOG.md fix(agent-plugins,lifecycle): distinguish indeterminate probe from "not found" + bump ps timeout (closes #1838) (#1839) 2026-05-14 21:50:39 +05:30
README.md feat(windows): complete Windows support (#1025) 2026-05-09 00:10:53 +05:30
package.json fix(cli): rebuild better-sqlite3 on install + quieter ABI-mismatch warning (closes #1822) (#1824) 2026-05-18 04:02:26 +05:30
rollup.config.ts refactor(core): storage redesign — projectId-based paths, JSON metadata (#1466) 2026-04-28 17:55:53 +05:30
tsconfig.build.json fix: align prompt asset test/build tooling 2026-04-14 00:20:11 +05:30
tsconfig.json fix: scope node types to node packages 2026-04-13 18:25:21 +05:30
vitest.config.ts Add orchestrator-driven code review board (#1871) 2026-05-19 11:47:57 +05:30

README.md

@aoagents/ao-core

Core services, types, and configuration for the Agent Orchestrator system.

What's Here

  • src/types.ts — All TypeScript interfaces (Runtime, Agent, Workspace, Tracker, SCM, Notifier, Terminal, Session, events)
  • src/services/ — Core services (SessionManager, LifecycleManager, PluginRegistry)
  • src/config.ts — Configuration loading + Zod schemas
  • src/utils/ — Shared utilities (shell escaping, metadata parsing, etc.)

Key Files

src/types.ts — The Source of Truth

Every interface the system uses is defined here. If you're working on any part of the orchestrator, start by reading this file.

Main interfaces:

  • Runtime — where sessions execute (tmux on Unix, process / ConPTY via node-pty on Windows, docker, k8s)
  • Agent — AI coding tool adapter (claude-code, codex, aider)
  • Workspace — code isolation (worktree, clone)
  • Tracker — issue tracking (GitHub Issues, Linear)
  • SCM — PR/CI/reviews (GitHub, GitLab)
  • Notifier — push notifications (desktop, Slack, webhook)
  • Terminal — human interaction UI (iTerm2, web)
  • Session — running agent instance (state, metadata, handles)
  • OrchestratorEvent — events emitted by lifecycle manager
  • PluginModule — what every plugin exports

src/services/session-manager.ts — Session CRUD

Handles session lifecycle:

  • spawn(config) — create new session (workspace + runtime + agent)
  • list(projectId?) — list all sessions
  • get(sessionId) — get session details
  • kill(sessionId) — terminate session
  • cleanup(projectId?) — kill completed/merged sessions
  • send(sessionId, message) — send message to agent

Data flow in spawn():

  1. Load project config
  2. Validate issue exists via Tracker.getIssue() (if issueId provided, fails-fast if not found)
  3. Reserve session ID
  4. Determine branch name
  5. Create workspace via Workspace.create()
  6. Generate prompt via Tracker.generatePrompt()
  7. Build layered worker prompt via buildPrompt() into systemPrompt + taskPrompt
  8. Persist systemPromptFile for the session and, for OpenCode workers, write OPENCODE_CONFIG
  9. Build launch command via Agent.getLaunchCommand()
  10. Create runtime session via Runtime.create()
  11. Run Agent.postLaunchSetup() (optional)
  12. Write metadata file
  13. Return Session object

Note: If issue validation fails (not found, auth error), spawn fails before creating any resources (no workspace, no runtime, no session ID). This prevents spawning sessions with broken issue references.
Worker sessions keep persistent instructions in the prompt file. OpenCode workers consume that file through OPENCODE_CONFIG, while OpenCode orchestrators continue to project their system prompt into workspace AGENTS.md.

src/services/lifecycle-manager.ts — State Machine + Reactions

Polls sessions, detects state changes, triggers reactions:

State machine:

spawning → working → pr_open → ci_failed/review_pending/approved → mergeable → merged

Reactions:

  • ci-failed → send fix prompt to agent
  • changes-requested → send review comments to agent
  • approved-and-green → notify human (or auto-merge)
  • agent-stuck → notify human

Polling loop:

  1. For each session: check agent activity state (Agent.getActivityState())
  2. If PR exists: check CI status (SCM.getCISummary()), review state (SCM.getReviewDecision())
  3. Update session status based on state
  4. Trigger reactions if state changed
  5. Emit events

src/services/plugin-registry.ts — Plugin Discovery + Loading

Loads plugins and provides access to them:

  • register(plugin, config?) — register a plugin instance
  • get<T>(slot, name) — get plugin by slot + name
  • list(slot) — list all plugins for a slot
  • loadBuiltins(config?) — load built-in plugins (runtime-tmux, agent-claude-code, etc.)
  • loadFromConfig(config) — load built-ins today; external plugin descriptors are the marketplace extension point

Built-in plugins (loaded by default):

  • runtime-tmux, runtime-process
  • agent-claude-code, agent-codex, agent-aider, agent-cursor, agent-kimicode, agent-opencode
  • workspace-worktree, workspace-clone
  • tracker-github, tracker-linear, tracker-gitlab
  • scm-github, scm-gitlab
  • notifier-desktop, notifier-discord, notifier-slack, notifier-composio, notifier-openclaw, notifier-webhook
  • terminal-iterm2, terminal-web

src/config.ts — Configuration Loading

Loads and validates agent-orchestrator.yaml:

Main config sections:

  • Runtime data paths are auto-derived from the config location under ~/.agent-orchestrator/{hash}-{projectId}/
  • port — web dashboard port (default 3000, set different values for multiple projects)
  • terminalPort — terminal WebSocket port (auto-detected if not set)
  • directTerminalPort — direct terminal WebSocket port (auto-detected if not set)
  • defaults — default plugins (runtime, agent, workspace, notifiers)
  • plugins — installer-managed external plugin descriptors (registry, npm, or local)
  • projects — per-project config (repo, path, branch, symlinks, reactions, agentRules)
  • notifiers — notification channel config (Slack webhooks, etc.)
  • notificationRouting — which notifiers get which priority events
  • reactions — auto-response config (ci-failed, changes-requested, approved-and-green, etc.)

Zod schemas validate all config at load time.

Common Tasks

Adding a Field to Session

  1. Edit src/types.tsSession interface
  2. Edit src/services/session-manager.ts → initialize field in spawn()
  3. Rebuild: pnpm --filter @aoagents/ao-core build

Adding an Event Type

  1. Edit src/types.tsEventType union
  2. Emit the event: eventEmitter.emit() in relevant service
  3. Add reaction handler (optional): src/services/lifecycle-manager.ts

Adding a Reaction

  1. Edit src/services/lifecycle-manager.ts → add handler function
  2. Wire it up in the polling loop
  3. Add config schema in src/config.ts if new reaction type

Feedback Tools (v1)

@aoagents/ao-core exports two structured feedback tool contracts:

  • bug_report
  • improvement_suggestion

Both share the same required input fields:

  • title
  • body
  • evidence (array of strings)
  • session
  • source
  • confidence (0..1)

Example:

import { FEEDBACK_TOOL_NAMES, FeedbackReportStore, getFeedbackReportsDir } from "@aoagents/ao-core";

const reportsDir = getFeedbackReportsDir(configPath, projectPath);
const store = new FeedbackReportStore(reportsDir);

const saved = store.persist(FEEDBACK_TOOL_NAMES.BUG_REPORT, {
  title: "SSO login loop",
  body: "Google SSO redirects back to /login repeatedly.",
  evidence: ["trace_id=abc123", "screenshot: login-loop.png"],
  session: "ao-22",
  source: "agent",
  confidence: 0.84,
});

Storage format:

  • Reports are persisted under ~/.agent-orchestrator/{hash}-{projectId}/feedback-reports
  • Each report is a typed key=value file (report_<timestamp>_<id>.kv) for easy inspection
  • A deterministic dedupe key (sha256, 16 hex chars) is generated from normalized tool+content

Migration notes:

  • No migration needed for existing AO installs
  • The feedback-reports directory is created lazily on first persisted report

Testing

# Run all core tests
pnpm --filter @aoagents/ao-core test

# Run in watch mode
pnpm --filter @aoagents/ao-core test -- --watch

# Run specific test
pnpm --filter @aoagents/ao-core test -- session-manager.test.ts

Tests are in src/__tests__/:

  • session-manager.test.ts — session CRUD, spawn, cleanup
  • lifecycle-manager.test.ts — state machine, reactions
  • plugin-registry.test.ts — plugin loading, resolution
  • tmux.test.ts — tmux utility functions (not a plugin test)
  • prompt-builder.test.ts — prompt generation utilities

Building

# Build core
pnpm --filter @aoagents/ao-core build

# Typecheck
pnpm --filter @aoagents/ao-core typecheck

This package is a dependency of all other packages. Build it first if working on the codebase.

Architecture Notes

Why flat metadata files?

  • Debuggability: cat ~/.agent-orchestrator/<hash>-my-app/sessions/app-3 shows full state
  • No database dependency (survives crashes, easy to inspect)
  • Backwards-compatible with bash script orchestrator

Why polling instead of webhooks?

  • Simpler (no webhook setup, no ngrok for local dev)
  • Works offline (CI/review state is fetched, not pushed)
  • Survives orchestrator restarts (no missed events)

Why plugin slots?

  • Swappability: use tmux on Linux/macOS, process (ConPTY) on Windows, docker in CI, k8s in prod — same agent/workspace stack across all of them
  • Testability: mock plugins for tests
  • Extensibility: users can add custom plugins (e.g., company-specific notifier)