vault: session notes 2026-07-08
This commit is contained in:
parent
c4766ac1a5
commit
34fb905901
|
|
@ -394,3 +394,23 @@ tags: [scope/global, type/log]
|
||||||
**Reason:** other
|
**Reason:** other
|
||||||
**Vault notes touched:**
|
**Vault notes touched:**
|
||||||
(none)
|
(none)
|
||||||
|
|
||||||
|
## Session — 2026-07-08T18:35:04Z
|
||||||
|
|
||||||
|
**Project:** /tmp/claude-1000/-home-jared-dev-cc-os/4db8af72-9bf6-4587-9249-17d5361849ec/scratchpad/b2measure
|
||||||
|
**Reason:** other
|
||||||
|
**Vault notes touched:**
|
||||||
|
(none)
|
||||||
|
|
||||||
|
## Session — 2026-07-08T18:55:55Z
|
||||||
|
|
||||||
|
**Project:** /home/jared/dev/cc-os
|
||||||
|
**Reason:** prompt_input_exit
|
||||||
|
**Vault notes touched:**
|
||||||
|
/home/jared/Documents/SecondBrain/reference/memsearch-sessionstart-injection-hardcoded.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-setting-sources-silent-plugin-drop.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-setting-sources-silent-plugin-drop.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-setting-sources-silent-plugin-drop.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-setting-sources-silent-plugin-drop.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-tool-schema-costs-and-yagni-deny.md
|
||||||
|
/home/jared/Documents/SecondBrain/reference/claude-code-tool-schema-costs-and-yagni-deny.md
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
summary: Claude Code's non-deferred built-in tool schemas cost ~18k tokens/session; the Workflow schema alone is ~6k, and a permissions.deny block in settings.json removes unused tools' schemas entirely (measured −6.5k for four never-used tools).
|
summary: Which Claude Code built-in tools are globally denied (Workflow, Artifact, SendUserFile, ReportFindings) and why, where the deny lives (~/.claude/settings.json permissions.deny), measured per-schema token costs, and which tools are deliberately kept.
|
||||||
tags:
|
tags:
|
||||||
- type/reference
|
- type/reference
|
||||||
- tool/claude-code
|
- tool/claude-code
|
||||||
|
|
@ -10,22 +10,51 @@ date: 2026-07-08
|
||||||
last_updated: 2026-07-08
|
last_updated: 2026-07-08
|
||||||
---
|
---
|
||||||
|
|
||||||
# Claude Code tool schemas: where the ~18k goes, and the YAGNI deny lever
|
# Claude Code tool schemas: CYAGNI deny list (what, why, where, how much)
|
||||||
|
|
||||||
Measured 2026-07-08 (headless haiku, `--output-format json` usage totals).
|
## How it's handled — don't forget this
|
||||||
|
|
||||||
- The ~29k empty-dir context floor = ~6.3k system-prompt text + **~18k built-in tool
|
Four never-used built-in tools are **globally denied** via
|
||||||
schemas** + ~4.8k user stack. ToolSearch deferral only covers the optional tier
|
`~/.claude/settings.json` → `"permissions": {"deny": ["Workflow", "Artifact",
|
||||||
(Cron, LSP, NotebookEdit, Monitor, web tools…) — core schemas ship every request.
|
"SendUserFile", "ReportFindings"]}`. This removes their schemas from every session's
|
||||||
- **Workflow's schema alone is ~6k tokens** (−5,982 when disallowed) — about the size
|
context (~6.5k tokens/session saved), identical in effect to `--disallowedTools`
|
||||||
of the entire system-prompt text.
|
(measured 22,532 vs 22,536). Settings-file deny was chosen over a `cyolo`-alias flag
|
||||||
- `"permissions": {"deny": ["Workflow", ...]}` in `~/.claude/settings.json` removes the
|
so it covers ALL entry points (headless scripts, IDE sessions, anything shelling out
|
||||||
denied tools' schemas from context, identical to `--disallowedTools` (22,532 vs
|
to `claude`), not just alias-launched sessions.
|
||||||
22,536 measured) — so a global deny needs no wrapper or flags.
|
|
||||||
- Ground truth for "which tools do I actually use": count `tool_use` names across
|
**If a session ever "can't find" one of these tools, this deny list is why.**
|
||||||
`~/.claude/projects/**/*.jsonl` transcripts. Five weeks of data (2026-06→07) showed
|
Revert = delete that one line from `~/.claude/settings.json`.
|
||||||
zero-or-one lifetime calls to Workflow, Artifact, SendUserFile, ReportFindings →
|
|
||||||
denied globally (−6.5k/session). Revert by removing the deny entry if Workflow
|
## Denied tools — what they are and why they're safe to drop
|
||||||
("ultracode" multi-agent orchestration) is ever wanted.
|
|
||||||
|
Ground truth: `tool_use` counts across all `~/.claude/projects/**/*.jsonl`
|
||||||
|
transcripts, 2026-06-01→2026-07-08 (~17k total tool calls).
|
||||||
|
|
||||||
|
| Tool | What it is | Lifetime calls | Schema cost |
|
||||||
|
|---|---|---|---|
|
||||||
|
| Workflow | JS-scripted multi-agent fan-out orchestration ("ultracode"-style) | 0 | **~5,982 tokens** — the single largest schema, ≈ the entire system-prompt text |
|
||||||
|
| Artifact | Standalone artifact/document generation | 0 | ~527 combined for these three |
|
||||||
|
| SendUserFile | Push a file to the user in supported UIs | 0 | ↑ |
|
||||||
|
| ReportFindings | Structured findings reporting (code-review internals) | 1 (via a code-review run) | ↑ |
|
||||||
|
|
||||||
|
Most likely candidate to want back someday: **Workflow** (heavy multi-agent
|
||||||
|
orchestration). Re-enable by removing it from the deny list.
|
||||||
|
|
||||||
|
## Kept tools (actively used — never deny these)
|
||||||
|
|
||||||
|
Bash (7,749 calls), Read (4,207), Edit (2,058), Agent (1,298), Write (1,166),
|
||||||
|
Skill (339), WebFetch (129), AskUserQuestion (119), ToolSearch (110),
|
||||||
|
TaskCreate/Update/Stop/Output (~110), WebSearch (59), ScheduleWakeup (46),
|
||||||
|
SendMessage (34), Monitor (15), ExitPlanMode (2).
|
||||||
|
|
||||||
|
Note: deferred-tier tools (Cron*, LSP, NotebookEdit, plan-mode tools, MCP…) cost
|
||||||
|
nothing until fetched via ToolSearch — denying them saves ~0; don't bother.
|
||||||
|
|
||||||
|
## Context-floor accounting (headless haiku, 2026-07-08)
|
||||||
|
|
||||||
|
~29k empty-dir floor = ~6.3k system-prompt text + **~18k non-deferred tool schemas**
|
||||||
|
+ ~4.8k user stack (hooks + memsearch + plugin listings). Post-deny floor: ~22.5k.
|
||||||
|
ToolSearch deferral only covers the optional tier — core schemas ship every request,
|
||||||
|
so `permissions.deny` / `--disallowedTools` is the only lever on the 18k.
|
||||||
|
|
||||||
Related: [[claude-code-setting-sources-silent-plugin-drop]], [[cc-os-hub]]
|
Related: [[claude-code-setting-sources-silent-plugin-drop]], [[cc-os-hub]]
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
summary: "Planka v2.1.1 API and Docker behaviors that differ from or are absent in its docs — auth/PAT limits, first-login terms flow, card-move and project-delete quirks, container uid."
|
summary: "Planka v2.1.1 API and Docker behaviors that differ from or are absent in its docs — auth/PAT limits, first-login terms flow, card-move and project-delete quirks, container uid — plus service-account credentials location for planka.hyperthrive.io."
|
||||||
tags:
|
tags:
|
||||||
- type/reference
|
- type/reference
|
||||||
- tool/planka
|
- tool/planka
|
||||||
|
|
@ -32,5 +32,19 @@ Directly relevant to the `backlog` CLI in `~/dev/ruby-gems` and any Planka autom
|
||||||
A bind-mounted `/app/data` must be `chown 1000` or attachment/avatar uploads fail
|
A bind-mounted `/app/data` must be `chown 1000` or attachment/avatar uploads fail
|
||||||
(container starts healthy either way — the failure is silent until first upload).
|
(container starts healthy either way — the failure is silent until first upload).
|
||||||
|
|
||||||
|
## Service accounts (planka.hyperthrive.io)
|
||||||
|
|
||||||
|
Created 2026-07-08 because of gotcha #1 (no PATs — automation holds real user creds).
|
||||||
|
Credentials live on the OVH server (ssh alias `ovh-vps`) at
|
||||||
|
`~/services/planka/bot-credentials.env` (mode 600); admin creds remain in
|
||||||
|
`~/services/planka/.env`. Copy to Bitwarden.
|
||||||
|
|
||||||
|
- `planka_bot` — role `projectOwner`; for the planka-api gem / `backlog` CLI / cron tick.
|
||||||
|
Env vars: `PLANKA_BASE_URL`, `PLANKA_USERNAME`, `PLANKA_PASSWORD`.
|
||||||
|
- `hermes` — role `boardUser` (deliberately restricted; Hermes agent is less trusted).
|
||||||
|
Env vars: `HERMES_PLANKA_USERNAME`, `HERMES_PLANKA_PASSWORD`.
|
||||||
|
- Usernames must match `/^[a-zA-Z0-9]+((_|\.)?[a-zA-Z0-9])*$/` — no hyphens
|
||||||
|
(hence `planka_bot`, not `planka-bot`).
|
||||||
|
|
||||||
Deploy as-built details live in the repo: `ovh-prod/docs/planka-deploy-prd.md`.
|
Deploy as-built details live in the repo: `ovh-prod/docs/planka-deploy-prd.md`.
|
||||||
Related: [[vault-backlog-pilot-plan]], [[backlog-system-options-research]].
|
Related: [[vault-backlog-pilot-plan]], [[backlog-system-options-research]].
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue