workbench-flue-agent-harness
Workbench Flue Agent Harness
Use this skill when an issue asks to create, review, or package a deployable
Flue agent, or when it declares FLUE_AGENT_CONTRACT.
Required Source Reads
Read only as much as the task requires:
docs/flue-agent-harness-lane.mdhttps://flueframework.com/start.mdhttps://raw.githubusercontent.com/withastro/flue/refs/heads/main/README.mdhttps://flueframework.com/models.jsonif the requested model is not one of the recommended IDs
If network access is unavailable, use the checked-in workbench doc and report
FLAG unless the issue requires fresh upstream docs.
Required Contract
Do not scaffold until the issue provides or you can safely infer:
FLUE_AGENT_CONTRACT:
purpose:
project_directory:
workspace_layout:
agent_file:
deploy_target:
model_id:
sandbox_mode:
trigger:
secrets_policy:
validation_command:
public_artifact_policy:
Inference rules:
- missing
project_directory: use the issue's repo checkout only if it is the declared target; - new or empty directory:
workspace_layout: root; - existing non-empty directory:
workspace_layout: .flue; - missing deploy target: prefer
node; - missing model: prefer
anthropic/claude-sonnet-4-6for starter agents; - missing secrets policy: use
nonefor pure virtual agents, otherwiseenv-only.
If a field cannot be inferred safely, return BLOCK with the smallest missing
field list.
Safety Rules
- Do not invent API keys, OAuth material, cookies, or tokens.
- Do not paste secrets into prompts, durable docs, example payloads, or issue comments.
- Do not copy raw MCP request payloads or raw run transcripts into Git.
- Do not mutate Multica daemon, Desktop UI, runtime config, or live agent bindings from a Flue scaffold issue.
- Do not place a real Flue app inside this workbench repo unless the issue explicitly asks for it; this repo usually records the lane, not the app.
Implementation Rules
- For a new or empty project, create
agents/androles/. - For an existing non-empty project, create
.flue/agents/and.flue/roles/. - Pass the selected model ID explicitly to
init({ model: "<model_id>" }). - Prefer
flue dev --target nodeorflue dev --target cloudflarefor local development. - Do not use
flue run --target cloudflare; useflue dev --target cloudflareor build and call a deployed endpoint. - Grant host commands per prompt or skill, not globally, for CI/local sandbox agents.
- Keep starter agents close to one narrow workflow. Wider autonomy belongs in a later reviewed iteration.
Report Contract
Always close with:
FLUE_AGENT_REPORT
purpose:
project_directory:
workspace_layout:
agent_file:
deploy_target:
model_id:
sandbox_mode:
trigger:
secrets_policy:
files_changed:
validation:
residual_risk:
next_action:
VERDICT: PASS | FLAG | BLOCK
PASS requires a verified starter and clean public boundary. FLAG is correct
when only external secrets, deploy credentials, or remote host setup remain.
BLOCK is correct when the contract is incomplete, the model ID is unsupported,
or the target path cannot be safely determined.
More from fearvox/multica-ultimate-workbench
workbench-conductor
Two-ring orchestration, routing, issue and comment discipline, and role boundaries for the Multica Workbench.
5workbench-sdd
Specification-driven development from raw requirement to product design, technical design, task list, execution, and verification.
5workbench-self-awareness-infra
Capability discovery and current-state verification for Heavy Path, ambiguous repo/runtime ownership, and runtime-dependent Standard Path work.
5workbench-design-docs
Product design, technical design documents, user-facing copy, specs, diagrams, and handoff documentation.
5workbench-token-context-discipline
Compact context, cache-aware execution, scoped evidence reads, and role-specific skill attachment discipline.
4workbench-product-brainstorming
Bounded product ideation, workflow design, ambition checks, tradeoffs, and smallest-test shaping.
4