feat(meta): extract executor registry, wire executeIntent, ADR-001 amendment (PR-A)

[chitcommit]

Context

Builds on merged foundation PRs #101 (meta/, daemon/, intent ladder, sovereignty gate) and #103 (Codex P2 fixes). Implements the executor extraction called for by the ADR-001 follow-up review.

ADR-001 (docs/architecture/ADR-001-meta-orchestrator-extension.md) was merged in #101; this PR amends its Consequences §2 to record the executor-registry decision.

Reviewer verdicts (the spec this PR implements)

• chittyschema-overlord: no new intent_executions table — three additive columns on cc_actions_log (intent_id, attempt, idempotency_key) plus a partial unique index and a (intent_id, executed_at DESC) index.
• chittycanon-code-cardinal: Option 2 (ActionAgent + meta-daemon as SIBLINGS consuming the registry; neither dispatches the other) is canonically compliant. Sovereignty gate has exactly TWO call points: Intent creation and executor entry.
• Ecosystem search: Intent in meta/intent.ts is already a meta-dispatcher — register handlers per intentType, no new ActionSpec abstraction.

What's in this PR

1. docs/architecture/ADR-001-meta-orchestrator-extension.md — Consequences §2 replaced verbatim per the chittycanon-code-cardinal paragraph; added ## ADR-001 amendments (chronological) with 2026-06-04 entry.
2. meta/executors/ — new directory:
   • types.ts — ExecutorContext, ExecutorResult, IntentExecutor, SOVEREIGNTY_FRESHNESS_MS (5 min default).
   • registry.ts — registerExecutor, getExecutor, listExecutors; duplicate registration is an error.
   • dispatch.ts — single entry point: replay short-circuit (terminal prior audit row), attempt + idempotency key derivation, sovereignty re-reckon if snapshot stale (the second of the two gate call points), executor invocation, audit row write.
   • update-obligation-status.ts — first concrete executor; exports a pure runUpdateObligationStatus(args, sql) runner + a registered IntentExecutor.
   • index.ts — barrel that side-effect-imports the executor module so registration runs.
3. meta/intent.ts — added executeIntent(env, intentId, options). Existing exports unchanged.
4. src/agents/tools/actions.ts — update_obligation_status tool now delegates to runUpdateObligationStatus (shared with the executor); chat path behavior unchanged. execute_payment / send_dispute_email / list_mercury_recipients / get_action_log left untouched.
5. src/routes/meta.ts — added POST /api/v1/intents/:id/execute using the same metaRoutes auth surface as /whoami.
6. migrations/0004_chief_skin.sql (drizzle-generated) — adds three columns + two indexes on cc_actions_log. Drizzle correctly preserved the WHERE intent_id IS NOT NULL AND idempotency_key IS NOT NULL clause on the partial unique index.
7. tests/meta/executor.spec.ts — real-Neon integration test. Skips on missing DATABASE_URL. Inserts a real cc_obligations row, creates Goal + Plan + Intent (intent_type='update_obligation_status'), runs executeIntent twice. Asserts: intent → done; exactly one cc_actions_log row with intent_id set, attempt=1, idempotency_key non-null; second call replays (no new row).

Real-SQL evidence (Neon branch br-restless-credit-akyt3mak on project cool-bar-13270800)

After applying the migration:

column_name      | data_type | is_nullable | column_default
-----------------+-----------+-------------+----------------
attempt          | integer   | NO          | 1
idempotency_key  | text      | YES         | NULL
intent_id        | uuid      | YES         | NULL

indexname                              | indexdef
---------------------------------------+----------
idx_cc_actions_log_intent_executed     | CREATE INDEX ... USING btree (intent_id, executed_at DESC NULLS LAST)
uq_cc_actions_log_intent_idempotency   | CREATE UNIQUE INDEX ... USING btree (intent_id, idempotency_key)
                                       |   WHERE ((intent_id IS NOT NULL) AND (idempotency_key IS NOT NULL))

The partial WHERE clause survived drizzle-kit generate and Postgres accepted it.

Sample execution trace (vitest run against br-restless-credit-akyt3mak)

RUN  v4.0.18 chittycommand
 PASS  tests/meta/executor.spec.ts > meta/executors — executeIntent round-trip
   > executes a pending intent, writes audit row, and is idempotent on replay  974ms
 Test Files  1 passed (1)
      Tests  1 passed (1)

Per-step behavior the test verifies:

1. createIntent -> status='pending' (sovereignty pre-seeded autonomous so dispatch does not re-reckon).
2. First executeIntent -> ok=true, replayed=false, sha256 idempotency key, actionLogId set; cc_intents.status='done'; cc_obligations.status='deferred'; one row in cc_actions_log with attempt=1, intent_id=<intent.id>, idempotency_key=<sha256>, action_type='status_change', status='completed'.
3. Second executeIntent -> ok=true, replayed=true, same idempotency key and actionLogId; still exactly one row in cc_actions_log.

Process

• npm run typecheck: clean.
• SKIP_INTEGRATION=1 npm test: 15 passed, 12 skipped (no regressions; preexisting skipped specs unchanged).
• Integration spec green against real Neon branch.

What is NOT in this PR (deferred)

• LLM-driven Mercury payment executor extracted into the registry — stays in src/agents/tools/actions.ts for now.
• Workflow-based long-running executors (send_dispute_email queue/send flow).
• daemon/loop.ts calling executeIntent (the daemon still uses its own executor callback signature; rewiring is a follow-up).
• Stale-snapshot-triggers-reckon test branch (only the fresh-snapshot positive path is asserted; the failure branch is implemented but not asserted in this spec).
• CHARTER.md tier reclassification (per ADR-001, intentionally separate PR).

Generated with Claude Code (https://claude.com/claude-code)

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	chittycommand	747a995	Jun 04 2026, 01:00 PM

[coderabbitai]

Warning

Review limit reached

@chitcommit, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 54 minutes and 45 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2b648d31-2b30-4b55-a8f9-e290f1e2e48f

📥 Commits

Reviewing files that changed from the base of the PR and between 24e86c8 and fc60bfc.

📒 Files selected for processing (25)

• CHARTER.md
• CHITTY.md
• CLAUDE.md
• daemon/loop.ts
• docs/architecture/ADR-001-meta-orchestrator-extension.md
• docs/registration/SUBMISSION_RUNBOOK.md
• docs/registration/chittycommand-registration-payload.json
• meta/executors/dispatch.ts
• meta/executors/index.ts
• meta/executors/registry.ts
• meta/executors/types.ts
• meta/executors/update-obligation-status.ts
• meta/intent.ts
• migrations/0005_sour_dreadnoughts.sql
• migrations/meta/0005_snapshot.json
• migrations/meta/_journal.json
• src/agents/tools/actions.ts
• src/db/schema.ts
• src/index.ts
• src/routes/health.ts
• src/routes/meta.ts
• tests/daemon/loop.spec.ts
• tests/health/health-probe.spec.ts
• tests/meta/executor-pr106-criticals.spec.ts
• tests/meta/executor.spec.ts

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/meta-executors-registry

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.

[chitcommit]

Code review findings (automated)

Critical

• Replay short-circuit ignores idempotency_key (meta/executors/dispatch.ts:116-141) — doc comment promises "(intent_id, idempotency_key)" matching, but SQL filters only on intent_id + status IN ('completed','failed'). Any subsequent executeIntent (operator retry after failed, or a future attempt-bumping retry strategy) short-circuits on the first terminal row regardless of whether the new attempt computes a different key. Makes lines 147-155's per-attempt key logic unreachable for any intent that's ever produced a terminal row. Cascades into PR feat(executor): mercury_payment executor — sovereignty + cap + idempotency (REAL MONEY PATH) #108 — Mercury executor's idempotency story breaks at this layer. Fix: compute attempt/idempotencyKey first, WHERE intent_id = $1 AND idempotency_key = $2 in replay lookup; OR document "one terminal row per intent forever" and drop the per-attempt model. Confidence 92.
• Double-failIntent on sovereignty refusal (dispatch.ts:187, 217 + meta/intent.ts::executeIntent:~699) — dispatch already calls failIntent on refusal paths, then executeIntent checks !result.replayed (true on refusal) and calls it again. Probably no-ops due to a status guard but fragile and untested. Fix: set replayed:true on refusal return OR move failIntent entirely into executeIntent. Confidence 88.

Important

• Cold-start ordering on registry — meta/executors/index.ts is side-effect imports; only the route path loads the barrel via executeIntent's await import('./executors'). Any future direct caller (cron, daemon, test that imports dispatch without barrel) hits "No executor registered" at runtime. Add assertRegistryPopulated() at boot OR have dispatch.ts import the barrel. Confidence 84.
• Drizzle schema partial-index predicate — migration 0004_chief_skin.sql:6 has WHERE intent_id IS NOT NULL AND idempotency_key IS NOT NULL; snapshot includes it. Verify src/db/schema.ts declares the index with matching .where(sql\…`)or nextdrizzle-kit generate` drops the predicate, silently breaking uniqueness. Confidence 82.
• Attempt counter races under concurrency — SELECT COUNT(*) + priorCount+1 is not atomic. Two concurrent dispatchers (route + future cron) both compute attempt=1, same idempotency key, one INSERT fails on unique partial index. Dispatcher doesn't catch the unique violation → 500 from route. Fix: try/catch + retry via replay lookup, or SELECT … FOR UPDATE on cc_intents. Confidence 85.
• ActionAgent chat path audit non-idempotent — refactored actions.ts inserts cc_actions_log with intent_id=NULL and idempotency_key=NULL. Two chat invocations on same obligation produce two identical audit rows with no dedupe. Acceptable but flag in CHARTER. Confidence 80.

Suggestions

• dispatch.ts:107 getSql(env) duplicates Hyperdrive/DATABASE_URL resolution from meta/intent.ts. Extract once.
• Test only exercises fresh-snapshot path. Stale-snapshot re-reckon (the headline behavior) is uncovered — track as follow-up.

Confirmed OK

• Route auth at app.use('/api/*', authMiddleware) (src/index.ts:124) covers POST /v1/intents/:id/execute ✓
• No-mocks compliance: real Neon via DATABASE_URL, skip clean, no vi.mock on DB ✓

Recommendation: Block on #1 and #5 (cascade-risk bugs for #107/#108). #1 is a correctness lie. #5 will surface as flaky 500s once a second caller exists.

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.

[chitcommit]

PR #106 — 2 cascade-risk criticals fixed (5cc20f2)

Scope intentionally tight: ONLY the 2 criticals. The 3 importants (race-safety, schema-predicate, cold-start registry) are deferred to a follow-up PR so this can land without scope drift cascading into #107/#108.

FIX 1 — replay short-circuit by (intent_id, idempotency_key), not intent_id alone

meta/executors/dispatch.ts previously ran the replay lookup against intent_id + status IN (terminal) and returned the most recent row regardless of key. Any intent that ever produced a terminal row would short-circuit forever — the per-attempt key logic was unreachable.

Reordered to:

1. count prior rows → compute attempt
2. compute idempotency_key = sha256(id:attempt:type)
3. replay lookup matches on (intent_id, idempotency_key) — the partial unique index's invariant
4. miss → execute

FIX 2 — single failIntent on refusal

Both sovereignty refusal paths called failIntent in dispatch, returned without replayed: true, then executeIntent's !result.replayed guard called failIntent again. The DB no-ops the second (status guard in WHERE), but the semantic was double-handling. Both refusal returns now set replayed: true; the guard skips correctly.

Test changes

• tests/meta/executor.spec.ts — the existing second-invocation block embedded the bug being fixed (asserted same-intent re-call replays via intent_id match). Under the new contract, a second executeIntent against the same intent is a new attempt with a new key → executor re-runs (idempotent for update-obligation-status). Assertions updated: audit count 1→2, attempts [1, 2], replayed falsy.

• tests/meta/executor-pr106-criticals.spec.ts (new) —

  • FIX 1 regression: hand-insert a terminal cc_actions_log row with sentinel key 'a'*64 for an intent, then executeIntent — key mismatch must NOT short-circuit, executor must run, obligation must transition pending → paid, audit count → 2.
  • FIX 2 regression: stale snapshot + unroutable CHITTYTRUST_URL (RFC 5737 192.0.2.1) forces real fetch failure → sovereignty blocked → refusal path. Asserts result.replayed === true (the canonical FIX 2 signal) and exactly one sovereignty_refusal audit row.

No mocks of DB or service modules. Real Neon only — skipped without DATABASE_URL.

Validation

• npm run typecheck clean
• SKIP_INTEGRATION=1 npm test — all green (15 passed, 14 skipped, 6 files)
• Real Neon SQL-shape validation on a temp branch (cool-bar-13270800 / pr-106-criticals-validation, since deleted): the FIX 1 key-matched SELECT correctly returned the seeded row for a matching key and empty for a non-matching key. End-to-end Neon execution of the new test files requires the full cc_goals/cc_plans/cc_intents meta schema on a dev Neon (the default branch only has cc_actions_log and cc_obligations — meta migrations not applied there). Test files are structured to run cleanly the moment a DATABASE_URL pointing at a fully-migrated branch is supplied.

Why this matters for #107 / #108

• feat(daemon): loop body wires executeIntent end-to-end (claim → dispatch → heartbeat) #107 (executor cleanup-old-conversations) inherits dispatch's replay semantics. With per-attempt-key replay now correct, daemon-driven retries against the same intent won't be silently silenced.
• feat(executor): mercury_payment executor — sovereignty + cap + idempotency (REAL MONEY PATH) #108 (cron sweep for stalled intents) issues executeIntent against intents that already produced a terminal row. Pre-fix: sweep would always replay-no-op. Post-fix: a stale/failed attempt can be retried via a new attempt+key, which is the cron sweep's whole purpose.

Deferred to follow-up PR (intentional scope discipline)

• FIX 3 — race-safety on concurrent dispatchers (writeAuditRowOrReplay pattern catching unique-violation and re-reading the row)
• FIX 4 — schema predicate gap (status column enum vs IN clause string literals)
• FIX 5 — cold-start registry import inside dispatch.ts for direct-import entry points

Auto-merge OFF as requested.

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.

[github-actions]

1. @coderabbitai review
2. @copilot review
3. @codex review
4. @claude review
   Adversarial review request: evaluate security, policy bypass paths, regression risk, and merge-gating bypass attempts.

[chatgpt-codex-connector]

To use Codex here, create a Codex account and connect to github.