Scope: extension code under pi/extensions/.
- Tool extensions and runtime behaviors
- Session-control and orchestration helpers
- Safety/policy logic and stateful agent features
- Keep extension behavior deterministic and testable.
- Avoid module-scope side effects for security-sensitive code.
- Preserve compatibility with deployed runtime assumptions (
~/.pi/agent/...). - If changing extension behavior, update related skill/docs references where relevant.
Some extensions have their own package scope:
kernel/— on-kernel cloud browser execution (has ownpackage.json)agentmail/— email integration (has ownpackage.json)email-monitor/— email monitoring
Treat these as security-critical and require strong justification + tests:
tool-guard.tstool-guard.test.mjs
npm run lint:js
npm run test:js