crear:tarea
- mutating
- requiresConfirmation
- scopes: tarea:crear
- handler: TaskService::create
Build it up capability by capability. The field accepts a module only when everything it requires is already planted.
The stalk is ready to receive modules.
Field ready
Select a seed or drag it to the field.
The game represents modules as nodes and their capabilities as edges. Each module can also be planted from the keyboard.
What you just did
Capability validation, Kahn topological sort, and cycle detection. The real runtime lists the modules in the cycle; the A → B → A path here is a visual explanation.
docs/GUION-WEBINAR-JUNIORS.md · getmilpa-runtime/src/Kernel.php:90-127 · getmilpa-plugin/src/ContractResolver.php:80-143.
CLI and MCP reach the same action through the same execution mechanism. The channel changes the context and can change the policy; the pipe is shared.
enviar_correo
One declared definition; two callers with explicit contexts.
Waiting for caller
The same action can enter through CLI or through tools/call.
Same pipeline doesn't mean same permission
The runtime receives a ToolContext. The current configuration allows CLI by default and requires authentication for MCP; both paths do converge in ToolRegistry::call().
ToolRegistry.php:348-570 · JsonRpcService.php:282-300 · PolicyGate.php:34-56. The buttons simulate callers; they don't represent commands shipped in the skeleton today.
A sensitive action stays pending until it receives an explicit verdict. Approve, reject, and waive produce different data.
Two related contracts, not a single call
VerificationResult models PENDING/PASSED/FAILED/WAIVED. Self-approval prevention lives in the gate flow; justified waiving lives in workflow. This screen brings them together to teach the system.
VerificationStatus.php:17-48 · HumanGate.php:101-165 · ProcessSubmitDecisionTool.php:63-99.
A map of responsibilities and declared dependencies. Choose a path to see which packages take part without collapsing the ecosystem into a single box.
The arrows are declared dependencies
They don't try to infer every runtime call. In MCP, HTTP/SSE/stdio belong to the host; JsonRpcService only knows decoded arrays.
getmilpa-runtime/composer.json · getmilpa-orchestrator/composer.json · JsonRpcService.php:25-37 · ComponentDefinitionInterface.php:23-63 · milpa-design/package.json:11-42.
The five-step pipe is a good entry point. The real implementation adds boundaries that matter for security, cost, confirmation, and interception.
Select a path
Audit coverage changes depending on the return point.
| Output | Callback | Audit evidence |
|---|---|---|
| Nonexistent tool | No | no explicit log |
| Invalid args | No | validation failure |
| Policy denied | No | auth failure |
| Plan / confirmation | No | no explicit log |
| Cache short-circuit | No | tool.executed |
| Pure veto | No | known gap |
| Callback / throw | Yes | executed / failed |
The guarantee reads per branch
“Everything is audited” doesn't describe every early return today. This artifact makes both the implemented guarantees and the gaps visible.
getmilpa-tool-runtime/src/ToolRegistry.php:353-570 · wording in ToolAuditLogger.php:45-57,204-232.
No current_state is stored. Facts are appended and a pure reducer reconstructs the state by replaying them in order.
the state doesn't exist as a persisted column — it's re-derived from the log at each cut
Minimalist on purpose
The current file store rescans JSONL for replay and sequence; it's useful for grasping the pattern and light persistence, and shouldn't be presented as a large-scale concurrent event store.
EventStoreInterface.php:7-42 · FileEventStore.php:25-83 · orchestrator/Reducer.php:19-68.
Visual intent doesn't end in a document: tokens, contracts, and contrast pairs pass through repeatable generators and gates.
tokens/milpa-tokens.json concentrates primitives and semantics.
Generates CSS, a Tailwind preset, and theme.contract.json.
Contrast, governance, layers, drift, and skins.
Loads six bundles and can override tokens by contract.
AA passes
The gate measures the effective color, not the alpha value in isolation.
Concrete guarantee, concrete scope
verify-governance validates basic shape and tokens, not the whole JSON Schema. verify-theme directly enforces the opacity of --bg; other invariants stay documented.
scripts/build-tokens.mjs:189-265 · verify-governance.mjs:38-98 · verify-contrast.mjs:28-42 · verify-theme.mjs:107-149.
The generator returns planned files in memory. That lets you inspect the result and run a collision preflight before writing.
entity Product
fields: nombre:string:120,
precio:decimal:10,2final class Product implements EntityInterface
{ public string $nombre; }
{ public Decimal $precio; }Produces PlannedFile(path, contents).
Aborts before writing if a target exists.
Creates directories and writes contents.
Entity closes the loop against runtime rules.
Preview possible, CLI pending
GenerationResult already makes the plan inspectable, but the current skeleton doesn't expose --dry-run: it runs preflight, writes, and then verifies entities. WriteGuard prevents overwrite; it doesn't promise atomicity or rollback.
GenerationResult.php:7-28 · PlannedFile.php:7-14 · WriteGuard.php:7-31 · getmilpa-skeleton/src/Console/Application.php:178-274.
An operation is declared once. coa, MCP and HTTP are adapters of the same handler — but changing doors can change the policy.
crear:tarea
Honest coverage gap: This is not a desirable HTTP guarantee. It is a radiography of the current implementation. MCP enforces scopes today; HTTP does not yet read scopes from Operation. This gap must be closed in runtime/policy before production. See Runtime x-ray. Source: Operation.php.
coa crear:tarea --titulo=… --yes
Pick a door to project.
tools/call · crear:tarea
Pick a door to project.
POST /crear/tarea
Pick a door to project.
| Surface | Confirm | Scopes applied |
|---|---|---|
| coa | flag --yes | no (local/trusted) |
| MCP | inherited gate (tool-runtime) | yes (PolicyGate) |
| POST | token 428→201 | no (pending · middleware) |
The handler never changed. You changed doors and the framework synthesized the invocation — but the door can change the policy, and today not all of them apply the same scopes.
Didactic model over an audited implementation. This artifact does not claim that HTTP applies scopes, nor that the in-memory token store is production-grade.
milpa/command: getmilpa-command/src/Operation.php, CommandProvider.php, SurfaceProjector.php.skeleton, ns App\Command, not part of the package): getmilpa-skeleton/src/Command/{CliProjector,McpProjector,HttpProjector}.php.ConfirmTokenStore.php (in-memory, single-process — not production), SchemaCoercer.php.docs/GUION-WEBINAR-JUNIORS.md (Artifact 2).