Last updated: 2026-02-18
Spec Kitty core is a deterministic workflow CLI. It does not force external AI tools into unrestricted execution modes.
As of 2026-02-18, autonomous orchestration is externalized behind a host CLI contract and is optional.
- Manages repository-native workflow artifacts and status transitions.
- Creates and coordinates isolated worktree-based implementation flow.
- Provides deterministic CLI command surfaces for plan/task/accept/merge operations.
- No forced YOLO mode in core: core does not set external AI CLI approval/sandbox/network flags.
- State authority in host CLI: workflow mutations must go through host commands.
- Orchestrator is optional: autonomous runtime is external (
spec-kitty-orchestrator) and can be disallowed by policy. - Policy metadata required for run-affecting orchestration calls: host validates and records policy metadata.
- No direct provider to SaaS write path: observability is host-event driven.
- Run AI CLIs under organization-approved controls (approval mode, sandbox profile, network egress, credential scoping).
- Treat any autonomous provider as a separately governed component.
- Use repository/workstation controls appropriate for your environment (least privilege, isolated credentials, endpoint controls).
Historic concerns about bundled autonomous paths in earlier implementations are addressed by current separation:
core host workflow in spec-kitty, optional external provider in spec-kitty-orchestrator.