Task 2: Role Validation Logic Implementation

Tinker

Home Epics Task 2: Role Validation Logic ImplementationEdit

Cancel

Title *

Project *

Description

**OBJECTIVE:**
Implement validation logic that actively prevents agents from performing tasks outside their designated role boundaries.

**VALIDATION RULES:**

1. **Orchestrator Validations:**
   - BLOCK: Direct file editing (Edit, Write tools)
   - BLOCK: Running tests or implementation commands
   - ALLOW: Task creation, updates, and coordination
   - ALLOW: Memory operations and comments

2. **Worker Validations:**
   - BLOCK: Creating new tickets/tasks
   - BLOCK: Transitioning other agents' tasks
   - BLOCK: Coordinating between agents
   - ALLOW: Claiming and implementing assigned tasks
   - ALLOW: File operations within task scope

3. **Reviewer Validations:**
   - BLOCK: Implementing new code
   - BLOCK: Creating new features
   - ALLOW: Code review and audit operations
   - ALLOW: Running tests and validations

**TECHNICAL IMPLEMENTATION:**

1. **Create validation middleware:**
   - `/lib/tinker/role_validator.rb`
   - Intercept all tool calls before execution
   - Check agent role against allowed operations
   - Log validation attempts for auditing

2. **Integration points:**
   - Hook into MCP tool invocation
   - Validate before each tool call
   - Provide clear error messages

3. **Error handling:**
   - Specific error messages for each violation type
   - Suggest correct role for the attempted action
   - Include helpful guidance

**FILES TO CREATE/MODIFY:**
- `/lib/tinker/role_validator.rb` (new)
- `/config/tinker/role_permissions.yml` (config)
- Modify MCP tool handlers to integrate validation

**ACCEPTANCE CRITERIA:**
- All role violations are blocked before execution
- Clear, helpful error messages provided
- Validation is logged for audit trail
- No false positives (valid actions allowed)