You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary Agents currently hit a local shell policy wrapper when trying to run certain GitHub artifact download commands during live triage. That turns a simple evidence-collection step into a false blocker and slows down debugging of workflows such as agent-review-policy. This epic treats artifact download as a first-class future-agent surface. The goal is to make artifact retrieval deterministic across the supported shell planes, with a checked-in helper path that avoids wrapper trips and still preserves the security boundary. ## Why now - While investigating the live Copilot gate failure on PR #965, the attempt to download artifacts from run 22872590273 tripped the local shell policy wrapper before the artifacts could be inspected. - Artifact download is part of normal diagnostics work for workflow failures, review gates, and burn-in signals. - Future agents need a supported retrieval path instead of falling back to ad hoc shell experiments that may be blocked before they run. ## Decisions locked by this epic - Artifact download must have a checked-in supported command path for future agents. - The supported path must work on the shell planes this repo documents for agent operation, especially Windows PowerShell and the npm wrapper plane. - The solution should preserve the local shell-policy boundary rather than bypass it with increasingly ad hoc command shapes. - Failure reporting should distinguish policy-wrapper rejection from GitHub/API/download failures. - The repo should document the preferred command surface for downloading run artifacts during live triage. ## Initial delivery slices - [ ] Reproduce and pin the exact command shapes that trip the shell policy wrapper. - [ ] Define the canonical artifact-download helper contract, including inputs for run id, artifact name, and destination. - [ ] Add a checked-in helper that downloads artifacts without tripping the wrapper and emits a deterministic report. - [ ] Add unit seams/tests for wrapper rejection, missing artifacts, auth failures, and successful downloads. - [ ] Document the supported operator/agent workflow for artifact retrieval during live diagnostics. - [ ] Update the relevant troubleshooting/runbook surfaces to reference the helper instead of raw ad hoc commands. ## Acceptance criteria - Future agents can download a named artifact from a workflow run using a documented checked-in helper path. - The helper works without tripping the local shell policy wrapper in the supported shell planes. - Failure reports clearly show whether the problem is wrapper policy, missing artifact, auth, or GitHub download failure. - The repo documentation points future agents to the supported helper instead of raw one-off command strings. ## Non-goals - Weakening or disabling the shell policy wrapper globally. - Treating manual browser downloads as the primary agent path. - Encoding one fragile command shape per shell instead of establishing a stable helper contract.
Summary Agents currently hit a local shell policy wrapper when trying to run certain GitHub artifact download commands during live triage. That turns a simple evidence-collection step into a false blocker and slows down debugging of workflows such as
agent-review-policy. This epic treats artifact download as a first-class future-agent surface. The goal is to make artifact retrieval deterministic across the supported shell planes, with a checked-in helper path that avoids wrapper trips and still preserves the security boundary. ## Why now - While investigating the live Copilot gate failure on PR#965, the attempt to download artifacts from run22872590273tripped the local shell policy wrapper before the artifacts could be inspected. - Artifact download is part of normal diagnostics work for workflow failures, review gates, and burn-in signals. - Future agents need a supported retrieval path instead of falling back to ad hoc shell experiments that may be blocked before they run. ## Decisions locked by this epic - Artifact download must have a checked-in supported command path for future agents. - The supported path must work on the shell planes this repo documents for agent operation, especially Windows PowerShell and the npm wrapper plane. - The solution should preserve the local shell-policy boundary rather than bypass it with increasingly ad hoc command shapes. - Failure reporting should distinguish policy-wrapper rejection from GitHub/API/download failures. - The repo should document the preferred command surface for downloading run artifacts during live triage. ## Initial delivery slices - [ ] Reproduce and pin the exact command shapes that trip the shell policy wrapper. - [ ] Define the canonical artifact-download helper contract, including inputs for run id, artifact name, and destination. - [ ] Add a checked-in helper that downloads artifacts without tripping the wrapper and emits a deterministic report. - [ ] Add unit seams/tests for wrapper rejection, missing artifacts, auth failures, and successful downloads. - [ ] Document the supported operator/agent workflow for artifact retrieval during live diagnostics. - [ ] Update the relevant troubleshooting/runbook surfaces to reference the helper instead of raw ad hoc commands. ## Acceptance criteria - Future agents can download a named artifact from a workflow run using a documented checked-in helper path. - The helper works without tripping the local shell policy wrapper in the supported shell planes. - Failure reports clearly show whether the problem is wrapper policy, missing artifact, auth, or GitHub download failure. - The repo documentation points future agents to the supported helper instead of raw one-off command strings. ## Non-goals - Weakening or disabling the shell policy wrapper globally. - Treating manual browser downloads as the primary agent path. - Encoding one fragile command shape per shell instead of establishing a stable helper contract.