Manifest and Environment

gitAgent follows the Ploinky manifest model and uses explicit environment variables for filesystem scope, LLM provider access, and GitHub auth integration. Dependency installation is owned by ploinky, so the manifest stays focused on runtime entrypoints and environment.

Manifest

Main runtime configuration file: gitAgent/manifest.json.

{
  "agent": "sh /code/scripts/startAgent.sh",
  "container": "node:24.15.0-alpine",
  "lite-sandbox": true,
  "profiles": {
    "default": {
      "install": "host sandbox git check, container apk install",
      "env": ["..."]
    }
  }
}

The agent bootstrap script resolves workspace root and loads environment variables from process env first, then from .ploinky/.secrets when needed. In host sandbox mode, startup verifies that git is available on the host; in container mode, the profile installs the container Git packages when needed. Node dependency installation is handled by ploinky before the agent command starts.

Core Environment Variables

Variable	Usage
`ASSISTOS_FS_ROOT`, `WORKSPACE_ROOT`, `PLOINKY_WORKSPACE_ROOT`	Define allowed filesystem roots for path validation in Git tools.
`PLOINKY_GITHUB_CLIENT_ID`, `PLOINKY_GITHUB_CLIENT_SECRET`, `PLOINKY_GITHUB_SCOPE`	Enable GitHub device flow behavior for auth tools.
`SOUL_GATEWAY_API_KEY`, `SOUL_GATEWAY_BASE_URL`	Allow LLM runtime access through Soul Gateway for adjacent AI-assisted flows.
`ASSISTOS_GIT_BINARY` (optional)	Overrides Git executable path detection in the Git service.

Auth State and Secrets

GitHub auth state is persisted under workspace state files, while access tokens are stored through DPU secret APIs. Push and pull operations can read token metadata from request context or from stored auth state when token input is omitted.

Test Validation

Code changes should be treated as complete only after the Git agent tests pass, together with docs and specifications updates.