A personal cli for every agent

I moved my agents off raw external cli tools and onto a personal cli wrapper built per agent. My personal second-brain and my work second-brain each get their own utility with subcommands for reading the world and acting on it: jira, github, gitlab, prometheus, running specific commands on servers, cloud providers, internal utilities, and so on.

Upsides:

• restricting what the agent can do
• hiding keys, tokens and the rest from the agent
• shortcuts for popular processes and combinations
• shaping output formats for the agent, error messages included

It also makes it much easier to do interesting things on top. For example, the agent has a command to list containers, ssh into them and read their logs. But:

• it has no idea that under the hood this is a remote ssh and a docker cli call
• it sees and can enter only specific containers matching a mask
• keys and secrets are stripped from the log output
• on attempts to bypass restrictions, the agent gets a reminder that it’s better to call a senior

The main agent can’t edit the utility’s code. It only has the binary and the ability to file tickets for extending or modifying it. Theoretically it could disassemble the binary and try to extract keys, but for that it has to really want to and be able to.

Obviously the next step is turning this utility into a full-blown api server for the whole team.