workbench-mirage-vfs-tool

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Workbench Mirage VFS Tool

Workbench Mirage VFS 工具

Use this skill when a task asks to evaluate, install, pilot, absorb, or review Mirage as a virtual-filesystem tool for Workbench agents.

Mirage is a candidate tool layer. It does not replace Git, GitHub, Linear, CI, Multica issue evidence, or reviewed Workbench docs as source of truth.

当任务要求评估、安装、试点、采用或审核作为Workbench Agent虚拟文件系统工具的Mirage时，使用本技能。

Mirage是一个候选工具层，它不会替代Git、GitHub、Linear、CI、Multica问题证据或已审核的Workbench文档作为事实来源。

Required Reads

必读内容

Read only what the task needs:

```
docs/mirage-vfs-tool-lane.md
```
The current upstream Mirage release or package metadata
The issue, PR, repo, or runtime surface that will consume the mounted files

仅阅读任务所需内容：

```
docs/mirage-vfs-tool-lane.md
```
当前上游Mirage版本或包元数据
将使用挂载文件的问题、PR、仓库或运行时界面

Router

路由规则

Scout: source-check Mirage version, package names, runtime requirements, license, install commands, and breaking-change warnings.
Pilot: run a bounded RAM or local temp-directory smoke first. Do not mount external services until the temp smoke passes.
Review: verify the
```
MIRAGE_VFS_TOOL_CARD
```
, command evidence, teardown, and public-safety scan before accepting the result.
Promote: require a real task where Mirage improves throughput without weakening evidence or leaking private surfaces.

探索（Scout）：检查Mirage的版本、包名称、运行时要求、许可证、安装命令以及破坏性变更警告。
试点（Pilot）：先在有限内存或本地临时目录中进行冒烟测试。在临时冒烟测试通过前，不要挂载外部服务。
审核（Review）：在接受结果前，验证
```
MIRAGE_VFS_TOOL_CARD
```
、命令证据、清理流程以及公共安全扫描。
推广（Promote）：需要一个真实任务场景，确保Mirage在不削弱证据可信度或泄露私有界面的前提下提升吞吐量。

Guardrails

防护规则

Prefer native repo,
```
gh
```
,
```
multica
```
, and project scripts for normal Git work.
Treat write-capable external mounts as Heavy Path.
Do not expose raw local paths, hosts, SSH targets, tokens, cookies, OAuth material, request payloads, or private panes in public artifacts.
Do not allow cloud-safe mention bots to inherit Mirage profiles with local FUSE,
```
stdio
```
, or private mounts.
Secret-scan Mirage snapshots and tarballs before publishing.
If Mirage disagrees with a native source-of-truth tool, return
```
FLAG
```
or
```
BLOCK
```
and investigate before using Mirage output for closeout.

对于常规Git工作，优先使用原生仓库、
```
gh
```
、
```
multica
```
和项目脚本。
将具备写入权限的外部挂载视为高风险路径（Heavy Path）。
不要在公共工件中暴露原始本地路径、主机、SSH目标、令牌、Cookie、OAuth材料、请求负载或私有面板。
不允许云安全提及机器人继承带有本地FUSE、
```
stdio
```
或私有挂载的Mirage配置文件。
在发布前对Mirage快照和压缩包进行秘密扫描。
如果Mirage与原生事实来源工具存在分歧，返回
```
FLAG
```
或
```
BLOCK
```
，并在使用Mirage输出完成任务前进行调查。

Output Contract

输出约定

text

MIRAGE_VFS_TOOL_CARD
purpose:
upstream_version:
install_surface:
workspace_mode: read-only | write | ram-only | temp-disk
mounts:
data_policy:
secret_policy:
public_artifact_policy:
commands_to_verify:
teardown:
source_of_truth:
residual_risk:
VERDICT: PASS | FLAG | BLOCK

Close with:

text

CHANGED:
- ...

VERIFIED:
- ...

REMAINING:
- ... or (none)

VERDICT: PASS | FLAG | BLOCK

text

MIRAGE_VFS_TOOL_CARD
purpose:
upstream_version:
install_surface:
workspace_mode: read-only | write | ram-only | temp-disk
mounts:
data_policy:
secret_policy:
public_artifact_policy:
commands_to_verify:
teardown:
source_of_truth:
residual_risk:
VERDICT: PASS | FLAG | BLOCK

结尾需包含：

text

CHANGED:
- ...

VERIFIED:
- ...

REMAINING:
- ... or (none)

VERDICT: PASS | FLAG | BLOCK