AGENTS
AGENTS.md
PRIMARY ENTRY POINT: This file (
AGENTS.md) andllms.txtare the primary entry points for AI assistants. All AI assistant guidelines have been consolidated here.AUTHORITATIVE SOURCE: This file is the master reference for AI assistants working with the BlueFly Agent Platform.
Quick Links
- LLM Context: llms.txt - Full platform context (26K tokens)
- Separation of Duties: architecture/separation-of-duties.md - Architecture compliance rules
- Technical Documentation: Technical Docs Wiki - Complete platform documentation
Core Principle: platform-agents is ONLY for Agent Definitions
CRITICAL: platform-agents is ONLY for agent definitions (OSSA manifests). All services, utilities, and integrations MUST use common_npm packages.
platform-agents Structure
platform-agents/
packages/@ossa/*/ # Agent definitions ONLY (agent.ossa.yaml)
examples/ # Agent examples ONLY
integrations/ # Integration configs ONLY (not services)
What platform-agents OWNS
- Agent definitions (
packages/@ossa/*/agent.ossa.yaml) - Agent examples (
examples/) - Integration configurations (not implementations)
What platform-agents DOES NOT OWN
- Services (use
@bluefly/agent-*packages) - Utilities (use
@bluefly/agent-*packages) - Business logic (use
@bluefly/agent-*packages) - Duplicated code from common_npm
Agent Implementation Requirements
ALL Agents MUST Use Common NPM Packages
Agents MUST import services from common_npm packages:
// CORRECT - Use common_npm packages import { CostAwareAgentRouter } from '@bluefly/agent-router'; import { MeshCoordinator } from '@bluefly/agent-mesh'; import { TracerService } from '@bluefly/agent-tracer'; import { WorkflowExecutor } from '@bluefly/workflow-engine'; import { VectorSearchService } from '@bluefly/agent-brain'; import { DockerService } from '@bluefly/agent-docker'; import { TailscaleService } from '@bluefly/agent-tailscale'; import { ComplianceEngine } from '@bluefly/compliance-engine'; import { EnterpriseLLMService } from '@bluefly/foundation-bridge'; import { MCPServerRegistry } from '@bluefly/agent-protocol'; import { UnifiedAgentPlatform } from '@bluefly/agentic-flows';
** FORBIDDEN - Never create services in platform-agents:**
// WRONG - Don't create services in platform-agents class MyRouter { } // Use @bluefly/agent-router instead class MyTracer { } // Use @bluefly/agent-tracer instead class MyWorkflow { } // Use @bluefly/workflow-engine instead
Essential Commands
# Agent Marketplace buildkit agents marketplace list buildkit agents marketplace validate <agentId> # Agent Management buildkit agents list buildkit agents spawn <agentId> # Validate agent separation of duties ossa validate agent.ossa.yaml --check separation npx @bluefly/compliance-engine validate --check-role-conflicts
Agent Role Separation
Each agent must have ONE primary role. See Separation-of-Duties for full details.
| Role | Access Tier | Conflicts With |
|---|---|---|
| Analyzer | tier_1_read | Executor, Approver |
| Reviewer | tier_2_write_limited | Executor, Approver |
| Executor | tier_3_full_access | Reviewer, Approver |
| Orchestrator | tier_2_write_limited | Executor (direct) |
| Approver | tier_4_policy | Executor, Reviewer |
Platform Agents (16 Active)
All agents are defined in platform-agents/packages/@ossa/*/agent.ossa.yaml:
vulnerability-scanner- Analyzermerge-request-reviewer- Reviewerpipeline-remediation- Executorrelease-coordinator- Orchestratortask-dispatcher- Orchestratordrupal-standards-enforcer- Reviewercode-quality-reviewer- Reviewerissue-lifecycle-manager- Orchestratormodule-generator- Executorrecipe-publisher- Executorcluster-operator- Executormanifest-validator- Analyzerdocumentation-aggregator- Executormcp-server-builder- Executorcost-intelligence-monitor- Analyzerkagent-catalog-sync- Executor
Using Agents from Other Projects
All projects MUST call agents from platform-agents, not duplicate them:
// CORRECT - Call agents from platform-agents import { spawnAgent } from '@bluefly/platform-agents'; await spawnAgent('vulnerability-scanner', { projectId: '123' }); // WRONG - Don't create agents in other projects class MyVulnerabilityScanner { } // Use platform-agents instead
Common NPM Packages for Agents
| Package | Purpose | Usage in Agents |
|---|---|---|
@bluefly/agent-router | Agent routing, cost-aware routing | Route tasks to agents |
@bluefly/agent-mesh | Agent coordination, service mesh | Coordinate between agents |
@bluefly/agent-tracer | Distributed tracing, observability | Trace agent execution |
@bluefly/workflow-engine | Workflow execution | Execute agent workflows |
@bluefly/agent-brain | Vector search, semantic search | Agent memory, codebase search |
@bluefly/agent-docker | Docker/K8s operations | Deploy agents |
@bluefly/agent-tailscale | Tailscale networking | Network agent communication |
@bluefly/compliance-engine | Audit, compliance, policies | Validate agent actions |
@bluefly/foundation-bridge | LLM providers, model routing | LLM calls in agents |
@bluefly/agent-protocol | MCP servers, protocols | Agent communication protocols |
@bluefly/agentic-flows | Multi-agent orchestration | Orchestrate agent teams |
Enforcement
Violations will be rejected:
- Creating services in
platform-agents - Duplicating agent logic in other projects
- Not using common_npm packages
- Creating agents outside
platform-agents
For complete documentation, see the GitLab Wiki.