Recommendation
PR #1092 is the safe governed MVP and should merge as-is. It delivers declarative plugin manifests, provider contracts, lifecycle commands, state/audit persistence, and allowlisted Graphify artifact generation without opening arbitrary execution.
This epic tracks the next extensibility wave: distribution, more governed built-in providers, and a separately reviewed trusted executable provider runtime.
Phase plan
- Marketplace distribution — install/search/update declarative plugins from remote sources while preserving the no-execution boundary.
- Governed provider expansion — add more built-in approved providers such as MemPalace and Index Server using deterministic artifact generation only.
- Trusted executable provider RFC/runtime — design and implement explicit trust tiers, permission grants, sandboxing, approval gates, provenance, and audit before any plugin-supplied execution is allowed.
Non-goals for #1092
- No arbitrary plugin-supplied code execution.
- No shell/package-manager execution.
- No live MCP startup.
- No network calls from plugin content.
- No dynamic provider assemblies.
Definition of done
Recommendation
PR #1092 is the safe governed MVP and should merge as-is. It delivers declarative plugin manifests, provider contracts, lifecycle commands, state/audit persistence, and allowlisted Graphify artifact generation without opening arbitrary execution.
This epic tracks the next extensibility wave: distribution, more governed built-in providers, and a separately reviewed trusted executable provider runtime.
Phase plan
Non-goals for #1092
Definition of done