Public Markdown Document
Autonomous Task Board worker
The local worker polls Task Board, but only acquires cards explicitly moved to AGENT READY. The server control endpoint performs the lease operation in a Firestore transaction. The worker fails closed when that endpoint or its token is u...
Autonomous Task Board worker
The local worker polls Task Board, but only acquires cards explicitly moved toAGENT_READY. The server control endpoint performs the lease operation in a
Firestore transaction. The worker fails closed when that endpoint or its token
is unavailable.
Setup
- Rotate any credentials previously shared in chat or logs.
- Deploy the application with a new
TASK_BOARD_AGENT_SHARED_TOKENserver
secret. Use a different, restrictedTASK_BOARD_API_TOKENfor record reads. - Configure the local variables documented in
.env.example. - The default executor adapter invokes
codex execephemerally with theworkspace-writesandbox.BACKLOG_AGENT_EXECUTOR_ARGS_JSONis an argument
array; the generated prompt file path is appended as the final argument. - Keep
BACKLOG_AGENT_ENABLE_RELEASE=0until the release, smoke and rollback
adapters have been reviewed. Commands are fixed operator configuration and
are never generated by the model.
Run one polling cycle:
npm run agent:backlog:once
Run continuously at the configured interval (30 seconds by default):
npm run agent:backlog
Create .data/backlog-agent/STOP to pause acquisition without killing the
process. After three consecutive failures the circuit breaker pauses polling
for five minutes by default. Both thresholds are configurable.
Release adapter contract
The release command must be idempotent for the pairFASTAPP_AGENT_TASK_ID/FASTAPP_AGENT_EXECUTION_ID, publish through the
existing GitHub Release workflow, wait for its result and print a final JSON
line containing commit_sha, release_url and optionally artifact_url.
The smoke command must exit non-zero on an unhealthy production deployment.
The rollback command must restore the previous immutable image.
The worker never gives Task Board, Firebase, GitHub or VPS credentials to
OpenClaw. OpenClaw receives redacted task context and an MCP capability profile
restricted to readonly or operator.