YAMTAM ENGINE — System Map v0.12.0

Agent Governance Middleware

YAMTAM

Yet Another Multi-Tier Agent Middleware · ENGINE

v0.12.0 · release 2026-05-28 · 826 checks · PASS

87Agents

156Commands

27Hooks

350Skills

58Rules

35Scripts

Hook Execution Pipeline — 27 hooks · mỗi tool call đi qua các lớp này theo thứ tự

UserPrompt

session-bootstrap

→

PreToolUse · blocks here

token-budget-guard

guard-destructive

scope-guard

api-destruct-guard

db-protect

deploy-gate

commit-gate

code-freeze

cost-guard

context-gate

rbac-guard

token-scope-guard

→

AI Executes

TOOL CALL

permission-auto-approve

tool-attention.js

context-monitor.js

gitnexus-hook.js

→

PostToolUse · logs here

audit-log

context-gate-log

format-on-write

telemetry-sender

log-agent

auto-qa-trigger

auto-qa-reset

auto-kill-stuck-tasks

→

Stop · after turn

truth-gate-guard

validate-completion

Agent Registry — 87 agents · 11 chuyên môn · gọi bằng @agent-name

⚙Core Dev

fullstack-engineer
api-designer
api-gateway-engineer
event-driven-architect
graphql-architect
microservices-architect
monorepo-architect
websocket-engineer

8 agents

🏗Infrastructure

devops-engineer
kubernetes-specialist
terraform-engineer
cloud-architect
sre-engineer
platform-engineer
deployment-engineer
incident-responder
security-engineer
network-engineer
performance-engineer
database-admin

12 agents

🧪Quality & Test

qa-engineer
test-architect
qa-automation
chaos-engineer
compliance-auditor
accessibility-specialist
penetration-tester
code-reviewer
debugger · qa-expert
test-automator
architect-review

11 agents

🧠Data & AI

llm-architect
ai-engineer
ml-engineer
data-engineer
data-scientist
nlp-engineer

6 agents

📊Business

business-analyst
scrum-master
technical-writer
ux-researcher
project-manager
strategic-analyst
release-manager

7 agents

🎼Orchestration

task-orchestrator
multi-agent-coordinator
workflow-director
knowledge-synthesizer
task-decomposer
planner · spec-planner
spec-executor
spec-verifier

9 agents

🛠Dev Experience

build-engineer
git-workflow-manager
mcp-developer
refactoring-specialist

4 agents

🛡Security

security-auditor
prompt-firewall
code-auditor
architecture-auditor
performance-auditor
dependency-analyzer

6 agents

⚡Standalone

frontend-developer
backend-developer
database-expert
docker-expert
cicd-engineer
systems-architect
project-architect
ui-ux-designer
documentation-writer
token-guard · tool-router

32 agents

Rule Registry — 58 rules · Laws + Guards + Policies

immutable-infrastructure-law financial-deadman-switch-law sovereign-runtime-law secrets-vault-law network-egress-whitelist-law bft-consensus-law circuit-breaker-law canary-deployment-law dependency-sandbox-law token-budget-velocity-law code-signing-law sovereign-overlord-gate-law agent-excessive-agency-law agent-hierarchy-law agent-middleware-law anti-evasion-law memory-persistence-law network-egress-law resource-quota-law shell-sanitize-law slsa-artifact-law observability-telemetry-law prompt-jailbreak-advanced supply-chain-vetting honeypot-trap-law agent-tool-poisoning-guard prompt-jailbreak-guard fuzz-testing-constraints privilege-isolation sandbox-isolation-law container-hardening-law human-gate-policy token-budget-policy audit-hardening-policy agent-communication-policy env-integrity-policy rule-consistency-policy subagent-policy conflict-resolution git-push-enforcement git-workflow-v2 owasp-llm-output-law dependency-vetting-law api-security-gate meta-rule-enforcer terminal-validator agent-code-constraints execution-environment verification testing · tests golden-principles security typescript migrations agents-v2 color-rules typography-rules

Skill Domains — 350 skills · knowledge chunks Claude dùng khi cần

AI / LLM / Agents 68

react-agent-loop rewoo-plan-execute reflexion-verbal-rl memgpt-virtual-context tree-of-thoughts multi-agent-debate eval-driven-agent-dev agentic-failure-modes

Security / Crypto 45

ecc-key-management jwt-jws-jwe owasp-llm-top10 zero-trust-patterns red-team-check supply-chain-security honeypot-deception

ML Infra / Inference 32

vllm-paged-attention flash-attention llama-cpp-quantization triton-inference deepspeed-zero kv-cache-optimization

K8s / Cloud Native 28

k8s-crd-controller argocd-gitops istio-traffic crossplane helm-chart linkerd-mesh

Distributed Systems 28

raft-consensus etcd-config crdt-sync grpc-streaming protobuf snowflake-id

UI / Design / Frontend 42

design-tokens-system aesthetic-anchor motion-physics typography-scale accessibility-audit shadcn-patterns

Observability / Ops 25

opentelemetry prometheus jaeger-tracing loki-log slo-design incident-runbook

Linux / Sandbox / Kernel 22

ebpf-syscall-monitoring runtime-sandbox-runc overlayfs-isolation seccomp-filtering bubblewrap capability-dropping

// Memory Architecture

Atomic Facts — Persistent

Project truths · Sovereign identity · Skills lock (350) · Known constraints · Git-tracked · Confidence-gated

Session Facts — Ephemeral

Token budget · Circuit state · Scope declaration · Trust score · Checkpoint index · Git-ignored

Vector Search — Out of scope

Semantic retrieval · Not implemented · See .out-of-scope/

// Safety Gate Stack

L3 STOP

truth-gate-guard.sh

Scan final turn for claim verbs without evidence. Non-blocking warn → self-correct.

L2 PRE

token-budget-guard.sh

Circuit Breaker CLOSED→OPEN→HALF-OPEN. HARD BLOCK at 5 consecutive calls.

L2 PRE

guard-destructive.sh

Intercept rm/drop/delete/truncate. Require explicit confirmation for destructive ops.

L1 POST

audit-log.sh

Hash-chain JSONL of every tool call. SHA-256 prev→current. Tamper-evident.

L0 USER

session-bootstrap.sh

Inject matching L1 facts + trust score + budget mode into every prompt context.