fix: enable memory writes for non-implementation agents

.config/opencode/.memory/decisions.md

@@ -0,0 +1,16 @@
+## Agent Memory Write Access
+
+**Decision:** Enable `permission.edit: allow` for all seven agents with memory recording duties (reviewer, tester, explorer, researcher, critic, sme, designer) so they can write `.memory/*` files directly.
+
+**Rationale:** These agents have explicit memory duties (recording verdicts, discoveries, research findings, guidance, design decisions) but previously had `permission.edit: deny`, making those duties impossible. The lead had to relay all memory writes, losing fidelity and adding overhead.
+
+**Implementation:**
+- Changed `permission.edit: deny` → `permission.edit: allow` in all seven agent files.
+- Added instruction-level guardrails in each agent to restrict edits to `.memory/*` only (code/source remains read-only).
+- Path-scoped `permission.edit` is not supported by OpenCode, so instruction-level guardrails are the enforcement mechanism.
+
+**Affected files:** `agents/reviewer.md`, `agents/tester.md`, `agents/explorer.md`, `agents/researcher.md`, `agents/critic.md`, `agents/sme.md`, `agents/designer.md`.
+
+**Risk:** Agents could theoretically edit non-memory files since the config-level permission is `allow`. Mitigation is instruction-level enforcement, which is effective but not mechanical.
+
+See [Plan: Agent Memory Write Access](plans/agent-memory-write-access.md) | See [Knowledge: Permission Model](knowledge.md#permission-model)

.config/opencode/.memory/knowledge.md

@@ -0,0 +1,39 @@
+## Project Overview
+
+This is the OpenCode agentic configuration for a multi-agent coding workflow. It defines agent roles, permissions, quality pipelines, and project memory conventions used across all projects that load this config.
+
+- **Config root:** `~/.config/opencode/`
+- **Config file:** `opencode.jsonc` — defines default agent, plugins, global permissions, and MCP servers.
+- **Agent definitions:** `agents/*.md` — one file per agent with YAML frontmatter (model, permissions, temperature) and markdown instructions.
+- **Memory system:** `.memory/` — persistent project knowledge, decisions, plans, and research in markdown.
+- **Cross-tool instruction files:** `AGENTS.md`, `CLAUDE.md`, `.github/copilot-instructions.md`, `.cursorrules` — derived views of project knowledge for different agentic tools.
+
+## Agent Architecture
+
+10 agents with distinct roles, models, and permission profiles. See [Agent Roster in AGENTS.md](../AGENTS.md#agent-roster) for the full table.
+
+### Permission Model
+
+- **Full edit access:** `lead`, `coder`, `librarian`.
+- **Memory-only edit access:** `reviewer`, `tester`, `explorer`, `researcher`, `critic`, `sme`, `designer` — these agents have `permission.edit: allow` but are instructed to keep code/source edits read-only. Their edit permission exists solely to support `.memory/*` writes for recording duties (verdicts, discoveries, research, guidance, design decisions).
+- **No edit access:** none (all agents can write `.memory/*`).
+
+See [Decision: Agent Memory Write Access](decisions.md#agent-memory-write-access) for rationale and guardrails.
+
+### Memory Write Guardrails
+
+Agents with memory-only edit access are constrained by instruction-level guardrails (not path-scoped config, which OpenCode does not support):
+
+1. Each agent's instructions explicitly state: "`.memory/*` writes are allowed for [specific duty]; code/source edits remain read-only."
+2. Each agent's instructions list tool restrictions (e.g., "Disallowed: non-memory file edits").
+3. The `permission.edit: allow` fallback is necessary because OpenCode's `permission.edit` does not support path-scoped allow/deny syntax.
+
+## Quality Pipeline
+
+Tiered pipeline (Tier 1/2/3) defined in `agents/lead.md`. Standard flow: `explorer/researcher → coder → reviewer → tester → librarian`.
+
+## MCP Servers
+
+- **Context7:** Remote documentation lookup (`https://mcp.context7.com/mcp`)
+- **GitHub Grep:** Remote code search across public repos (`https://mcp.grep.app`)
+- **Playwright:** Local headless Chromium for UI testing

.config/opencode/.memory/plans/agent-memory-write-access.md

@@ -0,0 +1,46 @@
+# Plan: enable agent memory write access
+
+## Goal
+Allow non-lead agents (starting with reviewer) to write updates into `.memory/` so findings and decisions are not lost between delegations.
+
+## Tasks
+- [x] Discover where agent capabilities/tool permissions are defined and which agents currently cannot write memory.
+  - **Acceptance criteria:** exact config file(s), current restrictions, and required change identified. ✅
+  - **Assigned agent:** explorer
+  - **Findings:**
+    - Root cause: `permission.edit: deny` in `agents/reviewer.md`, `agents/explorer.md`, `agents/tester.md`, `agents/critic.md`, `agents/designer.md`, `agents/researcher.md`, and `agents/sme.md`.
+    - Conflict: these agents also have memory duties requiring writes to `.memory/*`, making duties impossible under current permissions.
+    - `agents/librarian.md`, `agents/coder.md`, and `agents/lead.md` do not deny edit and are unaffected.
+    - `opencode.jsonc` does not define a global edit permission override.
+    - Additional consistency update needed: `AGENTS.md` reviewer row should clarify "read-only" refers to code-review behavior, while `.memory/*` writes are allowed.
+  - **Dependencies:** none
+  - **Workstream:** `main`
+  - **Coder dispatch scope:** N/A (discovery)
+
+- [x] Implement configuration/instruction updates so all intended agents can write `.memory/*`.
+  - **Acceptance criteria:** config/instructions updated; reviewer specifically can write memory; no conflicting rule remains.
+  - **Assigned agent:** coder
+  - **Dependencies:** discovery output
+  - **Workstream:** `main`
+  - **Coder dispatch scope:** single feature — “memory write capability for agents”
+  - **Implementation note:** Used fallback `edit: allow` for the seven affected agents because repo-local configs provide no confirmed path-scoped `permission.edit` syntax. Guardrails were tightened in each affected prompt to explicitly keep code/source edits read-only and allow writes only for `.memory/*` duties.
+
+- [x] Quality gate the change (correctness review + static validation).
+  - **Acceptance criteria:** reviewer approves and static validation confirms permissions and instructions are coherent. ✅
+  - **Assigned agent:** reviewer + tester
+  - **Outcome:** reviewer `APPROVED` (score 0), tester `PASS`; only low-severity wording suggestions (description-level “read-only” phrasing in reviewer/explorer) with no functional contradiction.
+  - **Dependencies:** implementation complete
+  - **Workstream:** `main`
+  - **Coder dispatch scope:** N/A
+
+- [x] Documentation coverage and memory updates.
+  - **Acceptance criteria:** relevant instructions/docs updated and `.memory/knowledge.md` captures the new policy. ✅
+  - **Assigned agent:** librarian
+  - **Dependencies:** quality gate complete
+  - **Workstream:** `main`
+  - **Coder dispatch scope:** N/A
+  - **Outcome:** Created `.memory/knowledge.md` with permission model and guardrails documentation. Created `.memory/decisions.md` with decision record cross-referencing this plan. Updated `AGENTS.md` roster to describe memory-write duties for all seven agents. Created three missing cross-tool instruction files (`CLAUDE.md`, `.github/copilot-instructions.md`, `.cursorrules`) with synchronized project knowledge including the agent permission model.
+
+## Critic gate
+- Verdict: `APPROVED`
+- Caveat: validate whether `permission.edit` supports path-scoped allow/deny syntax. If unsupported, use fallback `edit: allow` and keep behavior guardrails in agent instructions.