## Agent Memory Write Access

**Decision:** Enable `permission.edit: allow` for all seven agents with memory recording duties (reviewer, tester, explorer, researcher, critic, sme, designer) so they can write `.memory/*` files directly.

**Rationale:** These agents have explicit memory duties (recording verdicts, discoveries, research findings, guidance, design decisions) but previously had `permission.edit: deny`, making those duties impossible. The lead had to relay all memory writes, losing fidelity and adding overhead.

**Implementation:**
- Changed `permission.edit: deny` → `permission.edit: allow` in all seven agent files.
- Added instruction-level guardrails in each agent to restrict edits to `.memory/*` only (code/source remains read-only).
- Path-scoped `permission.edit` is not supported by OpenCode, so instruction-level guardrails are the enforcement mechanism.

**Affected files:** `agents/reviewer.md`, `agents/tester.md`, `agents/explorer.md`, `agents/researcher.md`, `agents/critic.md`, `agents/sme.md`, `agents/designer.md`.

**Risk:** Agents could theoretically edit non-memory files since the config-level permission is `allow`. Mitigation is instruction-level enforcement, which is effective but not mechanical.

See [Plan: Agent Memory Write Access](plans/agent-memory-write-access.md) | See [Knowledge: Permission Model](knowledge.md#permission-model)