docs/STATUS.md
The complementary doc to
USERGUIDE.md(deep reference) and/verification.md(cryptographic witness). This doc tells you what Ruflo is, how to use it day-to-day, and what currently works — without the encyclopedic reference depth.
Ruflo is a multi-agent AI orchestration layer for Claude Code. It turns Claude Code from a single-context coding assistant into a coordinated swarm of agents that share memory, learn from outcomes, talk across machines, and remain auditable.
The runtime is the ruflo npm package. End-user surface is:
ruflo agent, ruflo swarm, ruflo memory, ruflo hooks, ruflo verify, …) for terminal/script use.ruflo-core, ruflo-federation, ruflo-cost-tracker, …) that bundle agent + skill + slash-command definitions.For the "why" — coordinated swarms, self-learning memory, federated comms, enterprise security — see README.md.
The intended day-to-day flow:
Install once:
npx ruflo init --wizard
This writes a CLAUDE.md with hooks and routing rules, registers the MCP server with Claude Code, and seeds .claude-flow/ with config + memory.
Just use Claude Code normally. Hooks automatically route tasks, retrieve relevant memory patterns, and coordinate background agents. You don't have to learn the 300 MCP tools — the routing layer does.
Run the CLI for orchestration tasks that don't fit naturally into Claude Code:
ruflo agent spawn -t coder --name api-worker — long-running agentruflo swarm init --topology hierarchical --max-agents 8 — coordinated teamruflo memory search --query "auth patterns" — semantic search across stored knowledgeruflo doctor --fix — diagnose & repair installruflo verify — confirm your installed bytes match the signed witnessInstall plugins as you need them:
/plugin marketplace add ruvnet/ruflo
/plugin install ruflo-federation@ruflo
Full command reference: USERGUIDE.md.
Snapshot at branch fix/issues-may-1-3, last commit 52a96f3. Latest published is [email protected] on npm; the branch holds 22+ unpublished commits queued for 3.6.25.
| Suite | Count | Status |
|---|---|---|
@claude-flow/cli vitest | 1933 / 1933 | green, 0 failures, 46 intentionally skipped |
@claude-flow/plugin-agent-federation vitest | 366 / 366 | green |
| Combined audit-fix surface | 76 encryption-track + 41 federation-budget + others | green |
scripts/inventory-capabilities.mjs)| Surface | Count | Verified by |
|---|---|---|
| MCP tools | 300 | verification-inventory.json (sidecar to verification.md) |
| CLI commands (top-level) | 49 | same |
Plugins (plugins/ruflo-*) | 32 | same |
| Agent definitions | 43 | same |
[email protected] published)Audit hardening — audit_1776853149979:
github-safe.js, statusline.js/cjs (git calls), github-tools MCP (gh pr/issue/run), update/executor (npm install).LD_PRELOAD, NODE_OPTIONS, DYLD_*) denied at the terminal_create boundary via validateEnv().fs-secure.writeFileRestricted.bin/mcp-server.js + bin/cli.js to prevent un-newlined-input OOM.verify + IPFS HEAD probe.Encryption at rest — ADR-096, all 4 phases shipped:
RFE1) for backward-compat migration.CLAUDE_FLOW_ENCRYPT_AT_REST=1; off-by-default preserves the 1865-test baseline.sessions/, terminals/, .swarm/memory.db (sql.js SQLite + ONNX embeddings).Federation budget circuit breaker — ADR-097, Phase 1 shipped:
federation_send accepts optional budget/maxHops/hopCount/spent metadata.maxHops: 8 defangs recursive delegation loops even for callers that don't opt in.HOP_LIMIT_EXCEEDED, BUDGET_EXCEEDED, INVALID_BUDGET) — no oracle leak.Tracked in the project task list (see GitHub Project / TaskList):
| Track | Status |
|---|---|
ADR-096 Phase 5 — ruflo doctor encryption status | pending |
ADR-096 Phase 5+ — keychain (keytar) + passphrase resolvers | deferred |
| ADR-097 Phase 2 — peer state machine (ACTIVE / SUSPENDED / EVICTED) | deferred |
ADR-097 Phase 3 — ruflo-cost-tracker integration | deferred |
ADR-097 Phase 4 — ruflo doctor peer state + federation_breaker_status MCP tool | deferred |
verification.md per-MCP-tool witness signing | pending (task #25) |
verification.md functional smoke tests for ruflo verify --functional | pending (task #26) |
Batch publish 3.6.25 + witness manifest regen | pending |
Every fix in verification.md is signed with Ed25519 keyed off the git commit. To verify your installed bytes match what was witnessed:
ruflo verify
The command fetches the manifest, recomputes SHA-256 for every cited file, re-derives the public key from the git commit, and verifies the signature. Drift in any fix produces a non-zero exit + a structured error pointing at the regressed file.
Per-capability witness signing for the full 300-tool / 49-command surface is in flight — see tasks #25 / #26.
| If you want to… | Read this |
|---|---|
| Pitch / why-ruflo | README.md |
| Day-to-day commands + config | This doc, plus USERGUIDE.md for depth |
| Architecture decisions | v3/docs/adr/ — ADR-093, ADR-095, ADR-096, ADR-097 are the recent ones |
| Cryptographic proof of build correctness | verification.md + ruflo verify |
| Plugin development | USERGUIDE.md → Plugin section |
| Open issues + roadmap | GitHub Issues |