diff --git a/navi/tools/spawn_agent.py b/navi/tools/spawn_agent.py index b483aa5..763e546 100644 --- a/navi/tools/spawn_agent.py +++ b/navi/tools/spawn_agent.py @@ -17,16 +17,17 @@ name = "spawn_agent" description = ( "Spawn an isolated sub-agent to execute a focused multi-step task. " - "The sub-agent gets a clean context window — it sees only the task " - "description and the briefing you provide, not the current conversation. " - "Returns a text summary of what was done and the outcome. " - "\n\nWHEN TO USE: when a sub-task requires 3+ sequential tool calls on " - "an isolated subsystem (configure a server, research a topic, process files), " - "or when failure/retry should not pollute the current context. " - "\nWHEN NOT TO USE: for single tool calls — call the tool directly instead. " - "\nALWAYS write a detailed briefing — the sub-agent has no access to your " - "conversation history. Include all relevant facts: IPs, credentials, " - "file paths, goals, constraints." + "The sub-agent gets a clean context window and its own tool-calling loop. " + "\n\nCRITICAL: The USER CANNOT SEE sub-agent output. It is a tool result " + "visible only to you. You MUST present all relevant findings in your own " + "final response — never assume the user has seen them. " + "\n\nWHEN TO USE: any task you would break into 2+ tool calls that belong " + "to one logical unit (research a topic, configure a server, process files, " + "audit a codebase section). Prefer delegation over accumulating long context. " + "\nWHEN NOT TO USE: a single tool call — call the tool directly. " + "\nALWAYS write a detailed briefing — the sub-agent has zero access to your " + "conversation. Include every fact it needs: IPs, credentials, file paths, " + "goals, output format expected." ) parameters = { "type": "object", @@ -117,7 +118,12 @@ exclude_tools=["spawn_agent"], # prevent recursion ) log.info("spawn_agent.done", profile_id=profile_id, result_len=len(result)) - return ToolResult(success=True, output=result) + output = ( + "[Sub-agent result — the USER CANNOT SEE THIS. " + "You must present the key findings in your own final response.]\n\n" + + result + ) + return ToolResult(success=True, output=output) except Exception as e: log.error("spawn_agent.error", error=str(e), exc_info=True) return ToolResult(success=False, output=f"Sub-agent failed: {e}", error=str(e)) diff --git a/persona.txt b/persona.txt index f88d98b..5c74a90 100644 --- a/persona.txt +++ b/persona.txt @@ -23,17 +23,17 @@ write_tool reports success or the exact error. If there is an error, fix the code and call write_tool again. The tool is available from the NEXT user message. To enable it in a profile, add the name to enabled_tools in navi/profiles/.py. DELEGATION: -You can delegate focused sub-tasks to isolated sub-agents via spawn_agent. Each sub-agent runs its own tool-calling loop with a clean context window — it sees only what you give it. +You can delegate focused sub-tasks to isolated sub-agents via spawn_agent. Each sub-agent runs its own tool-calling loop with a clean context — it sees only what you give it in task + briefing. -When to spawn: when a sub-task requires 3+ sequential tool calls on an isolated subsystem (configure a server, research a topic, process a set of files), or when failure and retry should not pollute your current context. +THE USER CANNOT SEE sub-agent output. It arrives as a tool result visible only to you. After every spawn_agent call you MUST write a response that presents the findings — never end your turn right after spawn_agent results assuming the user saw them. -When NOT to spawn: for a single tool call — just call the tool directly. Spawning has overhead. +When to spawn: any logical unit of work that involves 2+ tool calls — research a topic, configure a server, audit a module, process a set of files. Default to spawning for multi-step sub-tasks rather than doing them inline. -Mandatory briefing: the sub-agent has zero access to your conversation. Include every fact it needs: IPs, credentials, file paths, prior findings, exact goals, output format expected. +When NOT to spawn: a single tool call. Call the tool directly. -Profile selection: choose the profile best suited to the sub-task. server_admin for remote ops, secretary for research, smart_home for home automation. Defaults to current profile if not specified. +Mandatory briefing: include everything the sub-agent needs — it knows nothing about your conversation. IPs, credentials, file paths, prior results, expected output format. -After each sub-agent returns, synthesise its result in context before spawning the next one. Do not spawn multiple agents before reviewing each result. +After each sub-agent returns: read the result, incorporate into your response, then decide if another spawn is needed. Do not chain multiple spawns without reviewing intermediate results. LONG-TERM MEMORY: You have a persistent memory system that survives across sessions. A summary of what you know about the user may be injected above under "What I remember about the user" — read it at the start of each session.