Summary
Namespace isolation so agents cannot overwrite each other's prompts. Deferred — documenting requirements for later implementation.
Requirements (from discussion)
- Each agent should only be able to write to its own prompt namespace
- Read access can be broader (agents can read shared skills)
- Prevent accidental overwrites (Lily editing kai-soul)
- Admin/operator has full access across all namespaces
Possible Design
- Namespace = tag prefix on prompt nodes (e.g.
ns:kai, ns:shared)
- Write operations check the requesting agent's namespace scope
- Read operations: agents can read
ns:shared + their own namespace
- Admin operations bypass namespace checks
Open Questions
- How does this interact with the API? Token-based auth per agent?
- Should namespaces be hierarchical? (e.g.
ns:swarm:kai)
- What about shared skills that multiple agents contribute to?
Status
Deferred — not needed for initial implementation. Current agent count is small and trust is high. Implement when multi-tenancy or external users become relevant.
Summary
Namespace isolation so agents cannot overwrite each other's prompts. Deferred — documenting requirements for later implementation.
Requirements (from discussion)
Possible Design
ns:kai,ns:shared)ns:shared+ their own namespaceOpen Questions
ns:swarm:kai)Status
Deferred — not needed for initial implementation. Current agent count is small and trust is high. Implement when multi-tenancy or external users become relevant.