feat(cli): Phase 3 onboarding and guided flows

build.zig

@@ -6,7 +6,7 @@ pub fn build(b: *std.Build) void {
     const version_override = b.option([]const u8, "version", "Orca version metadata");
     const version = blk: {
         if (version_override) |v| break :blk v;
-        const version_file = std.fs.cwd().readFileAlloc(b.allocator, "VERSION", 32) catch break :blk "1.1.0";
+        const version_file = std.Io.Dir.cwd().readFileAlloc(b.graph.io, "VERSION", b.allocator, .limited(32)) catch break :blk "1.1.0";
         const trimmed = std.mem.trim(u8, version_file, " \n\r\t");
         const result = b.allocator.dupe(u8, trimmed) catch break :blk "1.1.0";
         b.allocator.free(version_file);

policies/presets/codex.yaml

@@ -50,7 +50,6 @@ files:
     allow:
       - "./**"
     deny:
-      # Dual patterns (see generic-agent.yaml for rationale).
       - "./.git/**"
       - ".git/**"
       - "./.orca/**"
@@ -60,7 +59,23 @@ files:
 commands:
   default: ask
   allow:
-    - "git status"
+    - "mkdir *"
+    - "touch *"
+    - "cp *"
+    - "mv *"
+    - "rmdir *"
+    - "cat *"
+    - "grep *"
+    - "find *"
+    - "head *"
+    - "tail *"
+    - "file *"
+    - "stat *"
+    - "which *"
+    - "whoami"
+    - "id"
+    - "uname *"
+    - "git status*"
     - "git diff"
     - "git diff *"
     - "git log"
@@ -69,6 +84,18 @@ commands:
     - "git branch *"
     - "git ls-files"
     - "git ls-files *"
+    - "git add *"
+    - "git commit *"
+    - "git show *"
+    - "git stash *"
+    - "git fetch *"
+    - "git pull *"
+    - "git merge *"
+    - "git remote *"
+    - "git tag *"
+    - "git cherry-pick *"
+    - "git init"
+    - "git clone *"
     - "ls"
     - "ls *"
     - "pwd"
@@ -81,22 +108,65 @@ commands:
     - "sort *"
     - "uniq *"
     - "sed -n *"
+    - "curl *"
+    - "wget *"
+    - "tar *"
+    - "zip *"
+    - "unzip *"
+    - "gzip *"
+    - "gunzip *"
+    - "xargs *"
     - "zig version"
     - "zig build"
     - "zig build *"
-    # Narrow, high-value, zero-risk build entrypoints (Phase 2 quick-install DX).
-    - "make test*"
-    - "make build*"
-    - "make check*"
+    - "zig fmt"
     - "npm test*"
+    - "npm run *"
     - "pnpm test*"
+    - "pnpm run *"
     - "yarn test*"
+    - "yarn run *"
     - "go test"
     - "go test *"
+    - "go build"
+    - "go build *"
+    - "go run"
+    - "go run *"
+    - "go fmt"
+    - "go fmt *"
     - "cargo test"
     - "cargo test *"
+    - "cargo build"
+    - "cargo build *"
+    - "cargo run"
+    - "cargo run *"
+    - "cargo fmt"
+    - "cargo check"
+    - "cargo clippy"
     - "swift test*"
+    - "swift build"
+    - "swift build *"
+    - "tsc"
+    - "tsc *"
+    - "cmake *"
+    - "ninja *"
+    - "make"
+    - "make all"
+    - "make clean"
+    - "make test*"
+    - "make build*"
+    - "make check*"
+    - "prettier *"
+    - "eslint *"
+    - "black *"
+    - "isort *"
+    - "gofmt *"
+    - "rustfmt *"
+    - "clang-format *"
     - "python -m pytest*"
+    - "python -m venv *"
+    - "python -m pip list*"
+    - "python -m pip show*"
     - "pytest"
     - "pytest *"
   deny:
@@ -113,6 +183,12 @@ commands:
     - "cat .env"
     - "cat ~/.ssh/*"
   ask:
+    - "rm *"
+    - "go mod *"
+    - "make install*"
+    - "git checkout *"
+    - "git reset *"
+    - "git rebase *"
     - "git push*"
     - "npm install*"
     - "pnpm install*"
@@ -121,9 +197,7 @@ commands:
 
 network:
   mode: allowlist
-  # default: deny for the conservative quick-install experience
-  # (see generic-agent.yaml and src/policy/presets.zig for details).
-  default: deny
+  default: ask
   allow:
     - "api.github.com"
     - "*.github.com"
@@ -133,9 +207,13 @@ network:
     - "*.githubusercontent.com"
     - "objects.githubusercontent.com"
     - "codeload.github.com"
+    - "api.openai.com"
+    - "api.anthropic.com"
+    - "generativelanguage.googleapis.com"
   deny:
     - "pastebin.com"
     - "*.ngrok.io"
+    - "*.requestbin.net"
   detect_exfiltration:
     dns: true
     long_query_strings: true

policies/presets/generic-agent.yaml

@@ -39,8 +39,6 @@ files:
     allow:
       - "./**"
     deny:
-      # Expanded secret protections (kept in sync with the authoritative
-      # embedded common_strict_rules used by quick-install presets).
       - "./.env"
       - "./.env.*"
       - "~/.ssh/**"
@@ -77,9 +75,6 @@ files:
     allow:
       - "./**"
     deny:
-      # Dual patterns for robustness across hook/plugin callers (Hermes,
-      # OpenClaw, raw CLI) that may normalize paths without leading "./".
-      # See matchesPath + stripLeadingDotSlash in src/policy/matchers.zig.
       - "./.git/**"
       - ".git/**"
       - "./.orca/**"
@@ -89,7 +84,23 @@ files:
 commands:
   default: ask
   allow:
-    - "git status"
+    - "mkdir *"
+    - "touch *"
+    - "cp *"
+    - "mv *"
+    - "rmdir *"
+    - "cat *"
+    - "grep *"
+    - "find *"
+    - "head *"
+    - "tail *"
+    - "file *"
+    - "stat *"
+    - "which *"
+    - "whoami"
+    - "id"
+    - "uname *"
+    - "git status*"
     - "git diff"
     - "git diff *"
     - "git log"
@@ -98,6 +109,18 @@ commands:
     - "git branch *"
     - "git ls-files"
     - "git ls-files *"
+    - "git add *"
+    - "git commit *"
+    - "git show *"
+    - "git stash *"
+    - "git fetch *"
+    - "git pull *"
+    - "git merge *"
+    - "git remote *"
+    - "git tag *"
+    - "git cherry-pick *"
+    - "git init"
+    - "git clone *"
     - "ls"
     - "ls *"
     - "pwd"
@@ -110,22 +133,65 @@ commands:
     - "sort *"
     - "uniq *"
     - "sed -n *"
+    - "curl *"
+    - "wget *"
+    - "tar *"
+    - "zip *"
+    - "unzip *"
+    - "gzip *"
+    - "gunzip *"
+    - "xargs *"
     - "zig version"
     - "zig build"
     - "zig build *"
-    # Narrow, high-value, zero-risk build entrypoints (Phase 2 quick-install DX).
-    - "make test*"
-    - "make build*"
-    - "make check*"
+    - "zig fmt"
     - "npm test*"
+    - "npm run *"
     - "pnpm test*"
+    - "pnpm run *"
     - "yarn test*"
+    - "yarn run *"
     - "go test"
     - "go test *"
+    - "go build"
+    - "go build *"
+    - "go run"
+    - "go run *"
+    - "go fmt"
+    - "go fmt *"
     - "cargo test"
     - "cargo test *"
+    - "cargo build"
+    - "cargo build *"
+    - "cargo run"
+    - "cargo run *"
+    - "cargo fmt"
+    - "cargo check"
+    - "cargo clippy"
     - "swift test*"
+    - "swift build"
+    - "swift build *"
+    - "tsc"
+    - "tsc *"
+    - "cmake *"
+    - "ninja *"
+    - "make"
+    - "make all"
+    - "make clean"
+    - "make test*"
+    - "make build*"
+    - "make check*"
+    - "prettier *"
+    - "eslint *"
+    - "black *"
+    - "isort *"
+    - "gofmt *"
+    - "rustfmt *"
+    - "clang-format *"
     - "python -m pytest*"
+    - "python -m venv *"
+    - "python -m pip list*"
+    - "python -m pip show*"
     - "pytest"
     - "pytest *"
   deny:
@@ -142,6 +208,12 @@ commands:
     - "cat .env"
     - "cat ~/.ssh/*"
   ask:
+    - "rm *"
+    - "go mod *"
+    - "make install*"
+    - "git checkout *"
+    - "git reset *"
+    - "git rebase *"
     - "git push*"
     - "npm install*"
     - "pnpm install*"
@@ -150,23 +222,19 @@ commands:
 
 network:
   mode: allowlist
-  # default: deny is the deliberate conservative choice for the quick-install
-  # experience (used by `orca init --preset generic-agent` and `setup --auto`).
-  # Most egress remains reviewable. See embedded common_strict_rules in
-  # src/policy/presets.zig for the authoritative version shipped in the binary.
-  default: deny
+  default: ask
   allow:
     - "api.github.com"
     - "*.github.com"
     - "registry.npmjs.org"
     - "pypi.org"
   ask:
     - "*.githubusercontent.com"
-    # Curated low-risk GitHub CDNs (release artifacts + source tarballs) added
-    # to reduce unnecessary friction for common legitimate agent fetches
-    # while keeping the conservative default: deny posture.
     - "objects.githubusercontent.com"
     - "codeload.github.com"
+    - "api.openai.com"
+    - "api.anthropic.com"
+    - "generativelanguage.googleapis.com"
   deny:
     - "pastebin.com"
     - "*.ngrok.io"