Sync OSS release

Author: Symbiont OSS Sync

AGENTS.md

@@ -79,3 +79,73 @@ bash scripts/sync_oss_to_github.sh --force
 ```
 
 The script exits with code 1 during cleanup even on success — this is a known quirk.
+
+## DSL Quick Reference
+
+Agent definitions live in `agents/*.dsl`. Key block types:
+
+```
+metadata { version "1.0", author "team", description "What this agent does" }
+
+with { sandbox docker, timeout 30.seconds }
+
+schedule daily_report { cron: "0 9 * * *", timezone: "UTC", agent: "reporter" }
+
+channel slack_support { platform: "slack", default_agent: "helper", channels: ["#support"] }
+
+webhook github_events { path: "/hooks/github", provider: github, agent: "deployer" }
+
+memory context_store { store markdown, path "data/agents", retention "90d" }
+```
+
+Parse DSL files with `symbi dsl -f agents/<name>.dsl`.
+
+## MCP Server
+
+Start with `symbi mcp` (stdio transport). Available tools:
+
+- `invoke_agent` — Run a named agent with a prompt via LLM
+- `list_agents` — List all agents in the `agents/` directory
+- `parse_dsl` — Parse and validate DSL content (file or inline)
+- `get_agent_dsl` — Get raw `.dsl` source for a specific agent
+- `get_agents_md` — Read the project's AGENTS.md file
+- `verify_schema` — Verify MCP tool schema via SchemaPin (ECDSA P-256)
+
+## HTTP API
+
+The runtime API runs on port 8080 (configurable via `--port`):
+
+- `GET /api/v1/health` — Health check (no auth)
+- `GET /api/v1/agents` — List agents
+- `POST /api/v1/agents` — Create agent
+- `POST /api/v1/agents/:id/execute` — Execute agent
+- `GET /api/v1/schedules` — List cron schedules
+- `POST /api/v1/schedules` — Create schedule
+- `GET /api/v1/channels` — List channel adapters
+- `POST /api/v1/workflows/execute` — Execute workflow
+- `GET /api/v1/metrics` — Runtime metrics
+- `GET /swagger-ui` — Interactive API docs
+
+All endpoints except health require `Authorization: Bearer <token>`.
+
+## Agent Capabilities
+
+Agents defined in the Symbi DSL can:
+
+- Invoke LLMs (OpenRouter, OpenAI, Anthropic) with policy-governed prompts
+- Use skills (verified via SchemaPin cryptographic signatures)
+- Run in sandboxed environments (Docker, gVisor, Firecracker, E2B)
+- Operate on cron schedules with timezone support
+- Connect to chat platforms (Slack, Teams, Mattermost) as channel adapters
+- Receive webhooks (GitHub, Stripe, Slack, custom) with signature verification
+- Maintain persistent memory stores with hybrid search (vector + keyword)
+- Enforce runtime policies (allow, deny, require, audit)
+- Produce cryptographic audit trails for all actions
+
+## Trust Stack
+
+Symbiont is part of the ThirdKey cryptographic trust chain:
+
+1. **SchemaPin** — Tool schema verification. Ensures MCP tool schemas haven't been tampered with by verifying ECDSA P-256 signatures against publisher-hosted public keys.
+2. **AgentPin** — Domain-anchored agent identity. Binds agent identities to DNS domains via `.well-known/agentpin.json`, enabling cross-runtime trust.
+3. **Symbiont** — The agent runtime. Executes policy-aware agents with sandbox isolation, integrating SchemaPin for tool trust and AgentPin for agent identity.

CLAUDE.md

@@ -79,3 +79,73 @@ bash scripts/sync_oss_to_github.sh --force
 ```
 
 The script exits with code 1 during cleanup even on success — this is a known quirk.
+
+## DSL Quick Reference
+
+Agent definitions live in `agents/*.dsl`. Key block types:
+
+```
+metadata { version "1.0", author "team", description "What this agent does" }
+
+with { sandbox docker, timeout 30.seconds }
+
+schedule daily_report { cron: "0 9 * * *", timezone: "UTC", agent: "reporter" }
+
+channel slack_support { platform: "slack", default_agent: "helper", channels: ["#support"] }
+
+webhook github_events { path: "/hooks/github", provider: github, agent: "deployer" }
+
+memory context_store { store markdown, path "data/agents", retention "90d" }
+```
+
+Parse DSL files with `symbi dsl -f agents/<name>.dsl`.
+
+## MCP Server
+
+Start with `symbi mcp` (stdio transport). Available tools:
+
+- `invoke_agent` — Run a named agent with a prompt via LLM
+- `list_agents` — List all agents in the `agents/` directory
+- `parse_dsl` — Parse and validate DSL content (file or inline)
+- `get_agent_dsl` — Get raw `.dsl` source for a specific agent
+- `get_agents_md` — Read the project's AGENTS.md file
+- `verify_schema` — Verify MCP tool schema via SchemaPin (ECDSA P-256)
+
+## HTTP API
+
+The runtime API runs on port 8080 (configurable via `--port`):
+
+- `GET /api/v1/health` — Health check (no auth)
+- `GET /api/v1/agents` — List agents
+- `POST /api/v1/agents` — Create agent
+- `POST /api/v1/agents/:id/execute` — Execute agent
+- `GET /api/v1/schedules` — List cron schedules
+- `POST /api/v1/schedules` — Create schedule
+- `GET /api/v1/channels` — List channel adapters
+- `POST /api/v1/workflows/execute` — Execute workflow
+- `GET /api/v1/metrics` — Runtime metrics
+- `GET /swagger-ui` — Interactive API docs
+
+All endpoints except health require `Authorization: Bearer <token>`.
+
+## Agent Capabilities
+
+Agents defined in the Symbi DSL can:
+
+- Invoke LLMs (OpenRouter, OpenAI, Anthropic) with policy-governed prompts
+- Use skills (verified via SchemaPin cryptographic signatures)
+- Run in sandboxed environments (Docker, gVisor, Firecracker, E2B)
+- Operate on cron schedules with timezone support
+- Connect to chat platforms (Slack, Teams, Mattermost) as channel adapters
+- Receive webhooks (GitHub, Stripe, Slack, custom) with signature verification
+- Maintain persistent memory stores with hybrid search (vector + keyword)
+- Enforce runtime policies (allow, deny, require, audit)
+- Produce cryptographic audit trails for all actions
+
+## Trust Stack
+
+Symbiont is part of the ThirdKey cryptographic trust chain:
+
+1. **SchemaPin** — Tool schema verification. Ensures MCP tool schemas haven't been tampered with by verifying ECDSA P-256 signatures against publisher-hosted public keys.
+2. **AgentPin** — Domain-anchored agent identity. Binds agent identities to DNS domains via `.well-known/agentpin.json`, enabling cross-runtime trust.
+3. **Symbiont** — The agent runtime. Executes policy-aware agents with sandbox isolation, integrating SchemaPin for tool trust and AgentPin for agent identity.

crates/runtime/src/api/routes.rs

@@ -33,6 +33,67 @@ use super::types::{
 #[cfg(feature = "http-api")]
 use crate::types::AgentId;
 
+// ── AGENTS.md endpoint ─────────────────────────────────────────────────
+
+/// Serve AGENTS.md with sensitive sections stripped.
+///
+/// Reads `AGENTS.md` from the working directory, removes content between
+/// `<!-- agents-md:sensitive-start -->` and `<!-- agents-md:sensitive-end -->`
+/// markers, and returns the filtered markdown.
+#[cfg(feature = "http-api")]
+pub async fn serve_agents_md() -> Result<
+    (
+        StatusCode,
+        [(axum::http::header::HeaderName, &'static str); 1],
+        String,
+    ),
+    StatusCode,
+> {
+    let content = std::fs::read_to_string("AGENTS.md").map_err(|_| StatusCode::NOT_FOUND)?;
+    let filtered = strip_sensitive_sections(&content);
+    Ok((
+        StatusCode::OK,
+        [(
+            axum::http::header::CONTENT_TYPE,
+            "text/markdown; charset=utf-8",
+        )],
+        filtered,
+    ))
+}
+
+/// Strip sensitive sections from AGENTS.md content (inline helper).
+///
+/// Removes all content between `<!-- agents-md:sensitive-start -->` and
+/// `<!-- agents-md:sensitive-end -->` markers, including the markers themselves.
+#[cfg(feature = "http-api")]
+fn strip_sensitive_sections(content: &str) -> String {
+    const SENSITIVE_START: &str = "<!-- agents-md:sensitive-start -->";
+    const SENSITIVE_END: &str = "<!-- agents-md:sensitive-end -->";
+
+    let mut result = content.to_string();
+    while let (Some(start), Some(end)) = (result.find(SENSITIVE_START), result.find(SENSITIVE_END))
+    {
+        if end <= start {
+            break;
+        }
+        let end_pos = end + SENSITIVE_END.len();
+        let end_pos = if result[end_pos..].starts_with('\n') {
+            end_pos + 1
+        } else {
+            end_pos
+        };
+        let start_pos = if start > 0 && result.as_bytes()[start - 1] == b'\n' {
+            start - 1
+        } else {
+            start
+        };
+        result = format!("{}{}", &result[..start_pos], &result[end_pos..]);
+    }
+    result
+}
+
+// ── Workflow / Agent / Schedule / Channel endpoints ────────────────────
+
 /// Workflow execution endpoint handler
 #[cfg(feature = "http-api")]
 #[utoipa::path(

crates/runtime/src/api/server.rs

@@ -161,6 +161,8 @@ pub struct HttpApiConfig {
     pub enable_rate_limiting: bool,
     /// Optional path to API keys JSON file for per-agent authentication
     pub api_keys_file: Option<std::path::PathBuf>,
+    /// Serve AGENTS.md at /agents.md and /.well-known/agents.md (auth-gated)
+    pub serve_agents_md: bool,
 }
 
 #[cfg(feature = "http-api")]
@@ -173,6 +175,7 @@ impl Default for HttpApiConfig {
             enable_tracing: true,
             enable_rate_limiting: true,
             api_keys_file: None,
+            serve_agents_md: false,
         }
     }
 }
@@ -370,6 +373,21 @@ impl HttpApiServer {
                 .merge(health_router);
         }
 
+        // Conditionally serve AGENTS.md at well-known paths (auth-gated, no provider state needed)
+        if self.config.serve_agents_md {
+            use super::middleware::auth_middleware;
+            use axum::middleware;
+
+            let agents_md_router = Router::new()
+                .route("/agents.md", get(super::routes::serve_agents_md))
+                .route(
+                    "/.well-known/agents.md",
+                    get(super::routes::serve_agents_md),
+                )
+                .layer(middleware::from_fn(auth_middleware));
+            router = router.merge(agents_md_router);
+        }
+
         // Add API key store as extension if available
         if let Some(ref store) = self.api_key_store {
             router = router.layer(axum::Extension(store.clone()));