docs(agent): default config as a build-kit overlay (inspect_context)

[mmabrouk]

What this designs

A new agent on Agenta arrives near-bare. While the user builds it in the playground, the assistant needs authoring scaffolding: the platform tools (find capabilities, query workflows, commit a revision), the Agenta authoring skill, and elevated sandbox permissions (write files, execute code). That scaffolding is a build aid, not the user's agent. So it is shown and used in the playground, never committed, and never reaches a deployed run.

This doc decides who shows that scaffolding, who applies it, and who keeps it out of the commit.

Iteration 3: re-derived from first principles as an overlay

This is the third pass. The first had the agent service inject the kit at run time behind a run flag. The second moved the logic to the frontend but modeled the kit as a bespoke descriptor with typed groups and per-row display fields. This pass re-derives the whole thing from scratch as a single overlay, the model Mahmoud asked for in review.

The model: a build-kit overlay

The build kit is an agent-template overlay. It is a partial agent template, the same shape as parameters.agent. Three actors, three jobs:

• The agent service stays dumb. It runs the parameters.agent it receives and does not know the overlay exists. There is no run-prep merge and no run flag. The platform tools, the skill, and the build permissions reach a run only because the frontend already merged them into the template the service was handed.
• The backend serves the overlay. It assembles the overlay once and attaches it read-only to the inspect response. It never applies it.
• The frontend applies the overlay. It renders the overlay read-only in the drawer. On a kit-on run, it deep-merges objects and identity-merges lists onto a throwaway copy of parameters.agent. On commit, it does not merge, so the committed config holds only the user's own template.

"Shown but not committed" follows from this. The overlay never enters parameters.agent, the tree the playground edits and commits, so there is no strip step and a deployed agent can never run with it.

Where the overlay lives in the inspect response

The overlay rides a dedicated read-only container, additional_context, a sibling of application on the inspect envelope:

{
  "application": { /* the agent, including data.parameters (user config) */ },
  "additional_context": {
    "playground_build_kit": {
      "agent_template_overlay": { /* the partial parameters.agent */ }
    }
  }
}

The placement follows ownership and lifecycle. User config the revision persists lives in application.data.parameters. User metadata that round-trips lives in application.meta. Platform information the backend derives read-only for one response lives in additional_context. The overlay is rejected from revision.data (it is extra="forbid" and flows into commit) and from application.meta (user-owned and persisted). This placement was chosen after consulting Codex on the whole inspect schema, so future read-only hints add members beside playground_build_kit rather than overloading a user-owned field.

Skills and the client tool are embed references

A skill in the overlay is an ordinary @ag.embed reference, the platform's existing mechanism for embedding a variant. The reference (the slug, plus a version when pinned) already identifies the skill, which carries its own name and description. The overlay adds no parallel key, name, or description. The hard-coded client tool __ag__request_connection embeds the same way, through the identical @ag.embed shape (only the slug differs); the embed resolver inlines it into a client tool the frontend handles. The drawer renders each item with the existing config-item controls.

The drawer UI, folded in

The inspect contract and the advanced-drawer design live in one doc. The drawer recomposes existing parts:

• Make the advanced sections collapsible accordions, the pattern the left panel already uses. This ships as a separate, independent change, not part of the build-kit core.
• Add a "Playground build kit" section at the top, rendered straight from the overlay, with a Removed on commit tag, an enable toggle, and read-only rows that reuse the existing read-only skill pattern.

The toggle is session state (buildKitEnabled, default on). It sets no run flag and writes nothing into the config. The doc flags the one real UI risk: the drawer now holds two ideas that both say "permissions" (the committed agent permissions and the kit's read-only build permissions), and they must not read as one setting. When the kit is on and overrides one of the user's own settings, the user's own control shows an override hint: the value is overridden in the playground by the build kit, and toggling the kit off makes the playground match the published agent. The load-bearing case is a permission the user disabled in their config that the kit re-enables for the playground run.

Scope and risk

Doc only, no code. The authoring skill content is owned by the skills project (#4918). The builder-tools project (#4919) adds more platform ops, which the overlay builder picks up from PLATFORM_OPS automatically. Out of scope: per-item edit or delete of kit items, and a picker to add platform tools to the published agent.

The body is current-state only. The two earlier models are recorded in a short appendix, not in the design narrative. The overlay model ripples to the sibling docs (#4918, #4919, #4920); the orchestrator propagates it after this design is approved.

Decided this round

• Toggle persistence: ephemeral per playground session, resets to on. Not a stored preference in v1.
• Merge precedence: the overlay wins on an identity match. When it overrides a user setting, the drawer flags it on that user's own control with an override hint (toggle the kit off to match the published agent).
• Collapsible sections: ship as a separate, independent change, not part of the build-kit core.

Open questions for Mahmoud

1. Confirm the published default goes bare, dropping the authoring skill and the sandbox boundary from the schema default into the overlay. This touches the skills project's surface.

Related PRs

Part of the "agent builds an app" initiative. Read the map first: #4921.

• Overview (the map): docs(agent): agent-builds-an-app design overview #4921
• Platform skills: docs(agent): platform skills design for agent self-building #4918
• Builder tools: docs(agent): agent builder tools design (triggers, cron, find-triggers) #4919
• Frontend round-trip: docs(agent): frontend round-trip design (client tools, commit refresh, connections) #4920

https://claude.ai/code/session_01GYo3UEfvsZpncagqb28Mbc

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
agenta-documentation	Ready	Preview, Comment	Jun 28, 2026 9:15pm

[coderabbitai]

📝 Walkthrough

Walkthrough

Four new documentation files are added under docs/design/agent-workflows/projects/default-agent-config/: a README, a research doc, a design doc, and a status doc. Together they define a "playground build kit" model where platform tools, an authoring skill, and build-time permissions are injected only for playground runs via flags.inject_build_kit and surfaced read-only through revision.data.build_kit in /inspect, but never committed into the published agent config.

Changes

Default Agent Config Playground Build Kit Docs

Layer / File(s)	Summary
Research: config propagation, platform tools, and skills model docs/design/agent-workflows/projects/default-agent-config/research.md	Documents the default-config source of truth and propagation path, platform-tools catalog model (three reserved ops), skills/harness-forced model, present-but-disabled semantics, and verified field naming.
Design: build kit model, /inspect contract, and change set docs/design/agent-workflows/projects/default-agent-config/README.md, docs/design/agent-workflows/projects/default-agent-config/design.md	Defines the build kit contents (tools/skills/permissions), the revision.data.build_kit descriptor shape in /inspect, the flags.inject_build_kit per-run toggle, the multi-layer backend change set, interface notes, risks, and out-of-scope items.
Status: pivot summary, open questions, and coordination docs/design/agent-workflows/projects/default-agent-config/status.md	Records the switch away from materializing defaults into catalog templates, the fixed drawer contract, open questions on toggle persistence, coordination ownership, and v1 out-of-scope items.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The title clearly summarizes the main doc change: the default config is modeled as a build-kit overlay tied to inspect_context.
Description check	✅ Passed	The description clearly matches the docs-only redesign around a playground build kit and inject-not-commit agent defaults.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/agent-default-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[mmabrouk]

🤖 The AI agent says:

Superseded. This summary described the earlier approach, which materialized the defaults into the catalog template so a new agent committed them. That approach was dropped. The design now uses an inject-not-commit Playground build kit. See the current summary below.

[coderabbitai]

🧹 Nitpick comments (2)

docs/design/agent-workflows/projects/default-agent-config/design.md (2)

156-164: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Specify the exact tools control file for frontend changes.

The design references SkillTemplateControl.tsx precisely but says "the tools control in the same folder" without a filename. For implementers, identify the exact file (e.g., ToolTemplateControl.tsx or similar) or note that it needs to be located.

---

72-75: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Add language specifier to fenced code block.

The markdownlint warning indicates the code block at line 72 lacks a language specifier. Add python after the opening backticks since this is Python code from interfaces.py:537.

📝 Proposed fix

-# interfaces.py:537
+```python
+# interfaces.py:537
default=build_agent_v0_default() # no skill, no tools

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 0172b05c-9bc8-4cc5-9964-dafd842fc251

📥 Commits

Reviewing files that changed from the base of the PR and between ebc4ec1 and 90ffb3b.

📒 Files selected for processing (4)

• docs/design/agent-workflows/projects/default-agent-config/README.md
• docs/design/agent-workflows/projects/default-agent-config/design.md
• docs/design/agent-workflows/projects/default-agent-config/research.md
• docs/design/agent-workflows/projects/default-agent-config/status.md

[mmabrouk]

does not work in the current state. provided feedback to rewrite using the new pattern

[mmabrouk]

🤖 The AI agent says:

@coderabbitai both nitpicks landed on the previous design.md, which this push replaces in full, so the old line references no longer apply. For the record:

• "Specify the exact tools control file." The rewrite moves all frontend work to the advanced-build-kit drawer project. The design no longer references a web tool-control file. The drawer reads the backend build_kit descriptor from /inspect, and the drawer project owns the control component.
• "Add a language specifier to the fenced code block." The flagged block is gone. The fenced blocks in research.md carry python and json. The one remaining unlabeled block in design.md is the build_kit field-list sketch, which is a shape outline rather than a real language.

A re-review of the new revision is welcome.

[mmabrouk]

🤖 The AI agent says:

The rewrite is pushed. This responds to @mmabrouk's review ("rewrite using the new pattern"). The design pivoted from materialize-into-the-catalog to inject-not-commit.

The model. The platform tools, the Agenta authoring skill, and the build permissions are a Playground build kit. The backend injects the kit into the playground session for display and for the run. The commit never writes it. The published agent ships bare, and a production run never injects the kit.

New backend surface.

• revision.data.build_kit: a read-only descriptor in the /inspect response, a sibling of schemas, grouped by kind (skills, tools, permissions). The drawer reads it and never echoes it back.
• flags.inject_build_kit: a per-run boolean on the run request, set by the drawer toggle, default off server-side so a non-playground caller never injects the kit.

What this dropped. The earlier materialize approach is gone, along with its base-plus-patch merge, delete markers, and suppressed-defaults list. Nothing about the kit is persisted into the agent.

Two open questions for you:

1. Toggle persistence. Ephemeral per playground session, or a stored playground preference per user and agent. I lean ephemeral for v1.
2. Confirm the published default goes fully bare, with the skill embed and the sandbox boundary moving out of the /inspect schema default and into the kit. This touches the skills project's surface (docs(agent): platform skills design for agent self-building #4918), so it needs their nod too.

Full design in design.md; the pivot and the fixed descriptor contract in status.md.

[coderabbitai]

@mmabrouk Thanks for the clarification — agreed, those nitpicks were tied to the superseded revision and don’t apply to the rewritten design.md.

I’ll re-review the current revision with the updated scope in mind, especially that the frontend control now belongs to the advanced-build-kit drawer project and that the drawer reads the backend build_kit descriptor from /inspect.

(•ㅅ•)

---

✏️ Learnings added

Learnt from: mmabrouk
URL: https://github.com/Agenta-AI/agenta/pull/4917

Timestamp: 2026-06-28T19:40:52.472Z
Learning: For the default-agent-config design docs, frontend tool-control implementation details are owned by the advanced-build-kit drawer project rather than `docs/design/agent-workflows/projects/default-agent-config/design.md`; the drawer consumes the backend `build_kit` descriptor from `/inspect`.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

✅ Action performed

Full review finished.

[mmabrouk]

Nope, I don't think this is the right way to do it. It should not be the agent service that injects the kit. This should be a front-end matter. Basically, it's the front-end that injects the kit when used in the playground as part of the parameters.

The agent template. The service itself should not know about it. It's just okay, I'm getting an agent template, and I should run it. It doesn't matter for it, and it's the front end that decides. If these things are activated, then I like if this playground build kit is activated, then I should inject xyz, like the following skills and the following tools, and change the following permissions.

[mmabrouk]

🤖 The AI agent says: Adopted. This rewrite removes service-side injection entirely. The agent service now runs parameters.agent exactly as received and does not know the kit exists. There is no run-prep injection and no inject_build_kit flag anymore. To stop anyone re-adding it, the doc has an explicit "What the backend explicitly does NOT do" section.

The injection moves to the frontend. When the kit toggle is on, the frontend merges the kit's entries into parameters.agent in the run payload, at buildAgentRequest. If the platform tools, the skill, and the build permissions reach a run, it is only because the frontend already put them in the template the service was handed. See the "The corrected model" and "The frontend logic" sections.

[mmabrouk]

Basically, what I'm saying is I think the frontend should own the business logic for this, or setting these. The only thing that the backend should do is give information and inspect what this build kit is like: which skills, which tools, and which permissions.

[mmabrouk]

🤖 The AI agent says: This is now the core model. The frontend owns all the business logic: it reads the kit, toggles it in the drawer, injects it on a kit-on run, and excludes it on commit. The backend's only build-kit job is to inform. It assembles a read-only build_kit descriptor (which skills, which tools, which permissions) and serves it on /inspect. It never acts on the kit. See "The corrected model" and the "The backend informs" / "The frontend owns the logic" bullets.

[mmabrouk]

And now again I think we should put that buildkit information in the inspect, and then let the frontend deal with it and have the logic there. The question is actually how do we put it in the inspect? How do we put that information? I think the design doc needs to be edited to explain how to, and obviously we use our skill for organizing information.

[mmabrouk]

🤖 The AI agent says: Done. There is a new section, "The /inspect build-kit descriptor (the central question)," that answers how end to end, organized with the design-interfaces skill:

• Where it sits: revision.data.build_kit, a read-only sibling of revision.data.schemas. The frontend already fetches /inspect per workflow, so the drawer reads it with no new request.
• The shape: grouped by kind (skills, tools, permissions). Each row carries key (identity), name and description (display), and config (the exact parameters.agent entry the row contributes); permission rows also carry a read-only status.
• Why each row carries config: the frontend, not the backend, now writes the entry into parameters.agent, so the row must carry that entry. The frontend does a pure structural merge and owns no wire shapes.
• The role of each field: walked field by field through the data / display / routing / identity roles, with no field playing two roles.
• How the backend assembles and serves it: one builder in the inspect layer reads PLATFORM_OPS, the authoring-skill constant, and the build-permission set, then attaches the descriptor beside schemas in the /inspect response.

[mmabrouk]

As the proposed solution does not work, please review my comments and edit again the whole document.

[mmabrouk]

🤖 The AI agent says: Pushed iteration 2, which flips the model to match your review.

The model flip. The first version had the agent service inject the kit at run time behind a flags.inject_build_kit flag. That is gone. The service is now dumb: it runs parameters.agent as received and does not know the kit exists. The frontend owns the business logic. The backend's only job is to inform. There is a "What the backend explicitly does NOT do" section so no implementer re-adds the old behavior.

The descriptor, with config. The backend assembles a read-only build_kit descriptor and serves it on /inspect at revision.data.build_kit, a sibling of schemas. It is grouped by kind, and each row carries key, name, description, a per-row config (the exact parameters.agent entry the row contributes), and status on permission rows. The frontend reads the descriptor, then does a pure structural merge of each config into the run payload. It owns no wire shapes.

The UI drawer, folded in. The advanced drawer design lives in this doc, not a separate PR. It makes the advanced sections collapsible and adds a top "Playground build kit" section rendered straight from build_kit, with a Removed on commit tag, an enable toggle (session state, no run flag), and three read-only groups.

Five open questions for you:

1. Toggle persistence. Ephemeral per playground session, or a stored preference per user and agent. I lean ephemeral for v1.
2. Confirm the published default goes fully bare, moving the authoring skill and the sandbox boundary into the kit and setting AGENTA_FORCED_SKILLS = []. This touches the skills project's surface, so it needs their nod too.
3. Permissions group: read-only or independently flippable? Read-only under the single kit toggle (this design), or let the user flip the build permissions off while keeping the rest of the kit on. I lean read-only.
4. Carry config per row, or derive it from key? Carrying config keeps all wire shapes in the backend. The leaner alternative pushes the tool and skill shapes into the frontend and cannot express a permission from a key alone. I lean carry config.
5. Ship the collapsible-sections change with the kit, or separately? It is independent UI polish with no contract and no logic. I lean separate.

Inline replies are on your three comments. Ready for your review.

[mmabrouk]

maybe something more general that would allow us to add more meta data / pointers? ask codex for some naming advice, the obvious one in meta but or quarks or something, but then really ask it to look at the whole inspect response schema and really find where we could do this in a way that is more scalable over the long time, where we could add other information on the build kit. Right now it's kind of just added a field there. Please read the skill about how to create a scale schema. We have a skill for that, so also use it to inform what to put, because that's bad design right now. You're hardcoding this information.

[mmabrouk]

🤖 The AI agent says: Consulted Codex on the whole inspect schema. Adopted its recommendation: a dedicated read-only inspect_context container on the response envelope, a sibling of application, with build_kit as its first member, so future read-only info is added beside it rather than overloading a user-owned field. Rejected meta (it collides with the user-owned artifact meta) and revision.data (it is extra="forbid" and flows into commit). See "Where the overlay lives in the inspect response."

[mmabrouk]

Why do we need again the name and the description and the key? Isn't that all under embed? Isn't that like the whole idea that the skill, as it is, would be embedded? For me it would be kind of just ag.embed. You don't need anything else. Why do you need the other stuff? I really don't understand that, so probably you need just the version, etc., like the logic we use for embedding as always. Make the schema for embedding variants. How would you embed this on this kind of platform at scale? It doesn't even look like how you would do it.

[mmabrouk]

🤖 The AI agent says: Agreed. The skill is now just an @ag.embed reference (the slug, plus a version when pinned), the platform's existing variant-embedding mechanism. The embed reference already identifies the skill, which carries its own name and description, so the parallel key, name, and description are gone, along with the per-row config and status. The drawer renders each item with the existing config-item controls. See "The overlay shape."

[mmabrouk]

Again, here I really think we should not reinvent the wheel. Maybe this is the one where we can build it if we need to do something, but I would think about it as an overlay, an overwrite overlay.

You think about the agent template, the whole configuration there, and then you find the things that you want to edit, the things that you want to override, for example in the sandbox permission, in the cloud permission, whatever. You write kind of an overlay of that. It is easy to apply on the frontend side, where you just take the current agent configuration before sending the data into the backend and then you apply that overlay so that you overwrite some of the parameters. You really define it that way here.

[mmabrouk]

🤖 The AI agent says: Adopted as the core model. The kit is an agent-template overlay: a partial parameters.agent. On a kit-on run the frontend deep-merges object fields and identity-merges list fields onto a throwaway copy of the config, and on commit it merges nothing, so the overlay never enters the committed tree. See "The model: a build-kit overlay" and "Applying the overlay."

[mmabrouk]

Okay, as I always tell you, we edited the design. No need to talk about the pivot in the state of the document. The document is its own state right now. If you want to talk about something in the past, to pivot or whatever, you can add at the end some kind of notes saying, "Okay, previously we tried this and this, and we decided that." Don't make the core part of the design docs about the changes and the design box that goes into comments that go into the appendix at the end. The core is about the current state of things, so saying why each row carries config, I don't give a shit about that from the perspective of what has changed. I care about it as in it explains the current behavior, and that's all. Basically, keep your thinking tracks outside of the document. And please add a memory for this.

[mmabrouk]

🤖 The AI agent says: Done. The body is current-state only; the two dropped approaches are a short "Appendix: prior approaches" at the end. The memory was added.

[mmabrouk]

Yeah, I've explained this part before. The solution should be general, and I think the best solution is an overlay solution. You have an overlay that you override the configuration with, and then it doesn't matter. It becomes a backend issue, and it's not a frontend issue. Frontend is just that it takes this thing, overlaid, and it could even have stuff that has nothing to do with the permission. It's not the problem. It's really the way you think about it as an agent template overlay.

I mean, you can think of the whole thing as an agent template overlay, and I think that's the best way to think about it, not as a build kit but kind of a build kit overlay. It simplifies the logic of dealing with it from the frontend to just okay.

[mmabrouk]

🤖 The AI agent says: Adopted. The kit is one agent-template overlay, not a bespoke build-kit shape. The backend declares the overlay and the frontend just applies it, so the overlay can carry anything the agent template defines (permissions or otherwise) and the logic stays simple on both sides. See "The model: a build-kit overlay" and "Applying the overlay."

[mmabrouk]

🤖 The AI agent says: Pushed iteration 3, re-derived from first principles per your inline review.

What changed

• One overlay, not a bespoke kit. The build kit is now an agent-template overlay: a partial parameters.agent. The agent service stays dumb (it runs the template it receives), the backend serves the overlay read-only, and the frontend applies it on a kit-on run (deep-merge objects, identity-merge lists) and excludes it on commit.
• Placement, after asking Codex about the whole inspect schema. The overlay rides a dedicated read-only inspect_context container on the response envelope, a sibling of application, with build_kit as its first member. Future read-only hints add members beside it. Rejected meta (collides with the user-owned artifact meta) and revision.data (it is extra="forbid" and flows into commit).
• Skills are embed references. A skill in the overlay is an ordinary @ag.embed reference (slug, plus a version when pinned). Dropped the parallel key/name/description and the per-row config and status; the drawer renders items with the existing config-item controls.
• Current-state-only doc. The body describes only the current design. The two earlier approaches are a short "Appendix: prior approaches" at the end. Memory added.

Open questions for you

1. Toggle persistence: ephemeral per playground session, or a stored preference per user and agent. I lean ephemeral for v1.
2. Confirm the published default goes fully bare, dropping the authoring skill and the sandbox boundary into the overlay and setting AGENTA_FORCED_SKILLS = []. This touches the skills project's surface.
3. Merge precedence: confirm the overlay wins over a user entry of the same identity.
4. Ship the collapsible-sections change with the kit, or separately. I lean separate.

[mmabrouk]

we need an example of an embed tool like we discused elsewhere for things that require frontend (client ones)

[mmabrouk]

🤖 The AI agent says: Added. The overlay's tools now carries { "type": "reference", "slug": "__ag__request_connection" }, a non-runnable reference (workflow-as-tool) entry embedded from a reserved slug, not a platform op. The frontend handles the call; #4920 owns its primary definition. A reader now sees a client/embed tool sitting beside the platform ops in the same tools array.

[mmabrouk]

some tools are platform workflows like platform skills that are in the reserved slugs so we need to also have a way to iterate to add them

[mmabrouk]

🤖 The AI agent says: Done. The assembly now runs two parallel iterations. It walks PLATFORM_OPS for the platform ops, and it enumerates the reserved-slug platform workflows from the static workflow catalog (StaticWorkflowCatalog over _STATIC_WORKFLOWS) and adds each as a reference-tool entry. Those reserved workflows are the same __ag__* family as the platform skills, so a client tool like __ag__request_connection joins the kit through the same iteration, no bespoke path.

[mmabrouk]

I don't like inspect_context here, maybe additional_context or something better

[mmabrouk]

🤖 The AI agent says: Renamed to additional_context across design.md, README.md, status.md, the JSON examples, and the PR description. The path is now additional_context.playground_build_kit.agent_template_overlay.

[mmabrouk]

maybe a better descriptive name

[mmabrouk]

🤖 The AI agent says: Renamed build_kit to playground_build_kit for explicitness. It now reads additional_context.playground_build_kit.agent_template_overlay, which ties the container to the playground where the kit is shown and used but never committed.

[mmabrouk]

🤖 The AI agent says: Targeted fix round on this design (commit df1fa42).

Three corrections

1. Embed-tool shape fixed. The overlay's hard-coded client tool no longer uses the wrong { "type": "reference", "slug": ... }pair. It now embeds via@ag.embed, the exact same shape as the authoring skill, verified against _ToolEmbedRefSchemaand_SkillEmbedRefSchemainsdks/python/agenta/sdk/utils/types.py`. The two overlay embeds are now identical except for the slug:

{ "@ag.embed": { "@ag.references": { "workflow": { "slug": "__ag__request_connection" } } } }

The embed resolver inlines it into a client tool the frontend handles (primary definition in #4920). All prose, the two parallel assembly iterations, and the merge-identity rules were updated to match.

2. Forced-skills confusion removed. Every mention of AGENTA_FORCED_SKILLS, force_skills, and the pi_agenta harness force is gone from the design. That is a separate flow we are ignoring. The overlay delivers the authoring skill on its own via its @ag.embed. The published default still goes bare; the only backend change noted is reverting the schemas.py enrichment.

3. Override tooltip added. New drawer requirement: when the kit overrides a user setting (the load-bearing case is a permission), the user`'s own control shows a hint that the value is overridden in the playground by the build kit, and that toggling the kit off makes the playground match the published agent. Referenced from the merge-precedence discussion.

Folded decisions (moved out of open questions into a Decided section)

• Toggle persistence: ephemeral per session, resets to on.
• Merge precedence: overlay wins on an identity match, plus the override hint above.
• Collapsible sections (Change 1): ships as a separate, independent change.

One open question remains: confirm the published default goes bare (touches the skills project).

[mmabrouk]

🤖 The AI agent says: This is the load-bearing fix. The client tool now embeds via @ag.embed (was { "type": "reference", "slug": ... }), identical to the skill embed two lines down, only the slug differs. Verified against _ToolEmbedRefSchema / _SkillEmbedRefSchema in sdks/python/agenta/sdk/utils/types.py.

[mmabrouk]

🤖 The AI agent says: New override-hint requirement (Q3). When the kit overrides a user setting, the user`'s own drawer control flags it with a tooltip: the value is overridden in the playground by the build kit, toggle the kit off to match the published agent. The concrete case is a permission the user disabled that the kit re-enables. The merge-precedence discussion ("Applying the overlay") references this.

[mmabrouk]

lgtm