molecule-core-net was incorrect — docker-compose.infra.yml and docker-compose.yml both
declare the network as molecule-monorepo-net (8+ references confirmed). Repo was renamed
to molecule-core but the network name was not changed.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Repo was renamed Molecule-AI/molecule-monorepo → Molecule-AI/molecule-core.
Updates git clone URLs, cd commands, and Docker network name references
in quickstart.mdx, self-hosting.mdx, and architecture.mdx.
Note: molecule-core-net Docker network name updated from molecule-monorepo-net —
verify docker-compose.infra.yml network name matches before merging.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Documents the two security controls landed in workspace-template/adapters/smolagents:
- make_safe_env() strips *_API_KEY/*_TOKEN + SMOLAGENTS_ENV_DENYLIST from child process env
- safe_send_message() prefixes [smolagents], truncates at 2000 chars, HTML-escapes output
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- google-adk.mdx: update comparison table LangGraph example from
anthropic:claude-sonnet-4-6 → anthropic:claude-opus-4-7
- quickstart.mdx: add callout noting claude-opus-4-7 as the new
default for workspaces that don't pin a model explicitly
Pairs with molecule-core PR #743 / closes#727.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Documents GET /workspaces/:id/events/stream — WorkspaceAuth-guarded
Server-Sent Events endpoint compatible with the AG-UI protocol.
Covers envelope format, event types, curl and JS examples.
Pairs with molecule-core PR #601 (closes#590).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Quick start install example: add @1.0.0 version pin
- .mcp.json Configure example: pin to @1.0.0, remove -y auto-accept flag
- Add Callout warning explaining why pinning is required (unpinned + -y =
arbitrary code execution on package compromise) with link to npm page
- Troubleshooting: update standalone run example to use pinned version
Addresses SAFE-MCP finding NEW-003 (HIGH) from SAFE-MCP audit (PR #808).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Two-Axis Model sources table: replace mutable `github://owner/repo` row with
pinned-tag and pinned-SHA rows; clarify these are now the only valid forms
- Installing a Plugin: update GitHub example to use `#v1.0.0`; add Callout
warning that bare refs return HTTP 422 with link to Supply Chain Security section
- Install Safeguards: add `PLUGIN_ALLOW_UNPINNED` env var row (dev escape hatch)
- New "Supply Chain Security" section: explains pinned-ref enforcement (SAFE-T1102),
shows valid vs invalid ref forms, SHA-256 content integrity option with hash
computation recipe, and PLUGIN_ALLOW_UNPINNED escape hatch
Pairs with monorepo PR #775 (fix(security): plugin supply chain hardening).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PR #760 extracted medo.py from builtin_tools (where it was dead code) into
a proper agentskills.io plugin at plugins/molecule-medo/. It is now an
explicit opt-in via local://molecule-medo rather than being silently shipped
in every workspace image.
- Add Platform Opt-in Plugins table with molecule-medo
- Document the three exposed tools: create/update/publish_medo_app
- Show install flow: set MEDO_API_KEY secret, then POST to /plugins
- Show org.yaml example for declarative deployment
Pairs with monorepo PR #760 / closes#741.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
PR #784 added pgvector-backed semantic search to GET /workspaces/:id/memories.
When ?q= is supplied and an embedding function is configured, results are
ordered by cosine similarity and include a similarity_score field.
Documents the query parameter, response shape, and graceful FTS fallback
so callers know the endpoint is backwards-compatible.
Pairs with monorepo PR #784 (feat: pgvector semantic search, closes#776).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Workspace config.yaml now supports a `role` field which drives
AGENTS.md generation at startup (PR #763). Every workspace publishes
an AAIF-standard /workspace/AGENTS.md so peers can discover name,
role, description, A2A endpoint, and MCP tools.
- Expand Workspaces section with AGENTS.md auto-generation details
- Add table of AGENTS.md sections and their config.yaml sources
- Add role field to all workspaces in the org definition example
- Document fallback (role → description) and non-fatal startup behaviour
Pairs with monorepo PRs #763 and #794.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds content/docs/workspace-config.mdx covering:
- Config tab overview (how to open, form vs raw YAML mode)
- Claude Settings panel: gating condition, where to find it in the UI
- Effort levels table: low / medium / high / xhigh (extended thinking) / max
with descriptions, use-case guidance, cost/latency/quality tradeoffs
- Task budget: token ceiling, 20k minimum, when it applies, sizing guidance
- config.yaml reference with three annotated examples
- Beta header note: task-budgets-2026-03-13 added automatically by executor
- Executor wiring callout: config stored today, executor wiring ships next release
Updates meta.json: adds workspace-config after concepts in the nav.
Closes#608 (docs portion)
Source PRs: molecule-monorepo#639 (effort + task_budget UI), #654 (max level)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Inserts a hands-on ## Quickstart section between Secrets and Basic usage
in content/docs/google-adk.mdx. Covers workspace creation via REST API,
ready-state polling, first A2A task, multi-turn session state demo, and
Vertex AI alternative. Explains context_id → InMemorySessionService mapping
and google: model prefix stripping — gaps not covered by the reference docs.
Pairs with: Molecule-AI/molecule-monorepo#569 (docs/devrel-feat-550)
Existing docs: Docs PR #4 (google-adk.mdx reference page, already merged)
Source PR: Molecule-AI/molecule-core#550
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Pre-draft docs for the google-adk workspace adapter (issue #542, PR #550).
Covers installation, secrets, config reference, A2A compatibility, plugin
support, and troubleshooting. Also adds google-adk to the runtimes table
in architecture.mdx and the runtime list in concepts.mdx.
Closes#542
Co-authored-by: Molecule AI Documentation Specialist <documentation-specialist@agents.moleculesai.app>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Adds standard credential gitignore (.env / *.pem / .secrets/ / .auth_token).
Per-CEO directive 2026-04-16: every plugin and template repo should
gitignore credentials so self-hosters can't accidentally commit real
tokens to public repos.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Customer-facing documentation site for Molecule AI. Built with Fumadocs
(open-source MIT, Next.js 15 App Router native, Tailwind v4, MDX) so we
own the deployment and aesthetic and can grow into custom doc components
for our agent-canvas flows.
## Why Fumadocs (over Mintlify, Nextra, Docusaurus)
- Open source, no vendor lock-in (vs Mintlify SaaS subscription)
- Built on Next.js 15 App Router — matches our existing canvas stack
- Less opinionated than Nextra; can grow into custom doc components
- React/Tailwind first; team already on this stack
- Ships search, dark mode, Shiki highlighting, MDX out of the box
## Initial structure
- app/ — Next.js App Router (home + docs + search route)
- content/docs/ — MDX source (3 hand-written + 9 stub pages)
- lib/source.ts — Fumadocs loader bound to the MDX content
- mdx-components.tsx — default + future custom MDX renderers
- source.config.ts — MDX compile config
## Hand-written launch content
- index.mdx — landing / what you can build / how it works
- quickstart.mdx — clone repo → docker compose → import template → talk to PM
- concepts.mdx — the five primitives: workspaces / plugins / channels / schedules / canvas
## Stub pages (Documentation Specialist agent fills these in on cron)
- org-template, plugins, channels, schedules
- architecture, api-reference, self-hosting
- observability, troubleshooting
## Ownership
The Documentation Specialist agent in the molecule-dev org template will
own this repo end-to-end:
- Watches PRs landing in the platform monorepo
- Auto-opens docs PRs when public APIs / templates / plugins / channels change
- Runs daily cron to backfill stubs and refresh stale pages
Manual edits welcome. Agent picks up on next cron tick.
