- Add POST /_api/invoke unified entry point for all capabilities
- Support builtin sigil.* capabilities: discover, deploy, remove, inspect, list, status
- External capabilities routed through backend.invoke() as before
- Comprehensive test coverage in s14-unified-invoke.test.ts
- All existing routes preserved for backward compatibility
- Error handling for invalid JSON and missing capability field
Root cause: router.ts called generateWorkerCode() before passing to backend,
so backend always received 'code' (mode A) and never entered the requires
branch (mode B). Also stored original execute body in meta for clean dep
resolution instead of fragile regex extraction.
Fix:
- Router passes execute directly to backend, lets backend handle codegen
- Meta now stores execute field for dependency resolution
- resolveDependencies uses meta.execute (falls back to regex extraction)
Verified end-to-end:
- formal-greet(requires greet-name) → '[Formal] Hello, Scott!'
- xiaoju-github-repos(requires xiaoju-github-token) → real GitHub API response
小橘 🍊 (NEKO Team)
- query, inspect, invoke now require Authorization: Bearer token
- Only /_health remains public (monitoring/uptime checks)
- Data sovereignty: CF resources belong to the user, no anonymous access
- Added back KvStore.getRoute/setRoute/deleteRoute methods
- Added back WorkerPool.getWorkerName() private method
- Fixed deploy() to properly set route.worker_name with prefix
Tests passing: 56/68 (82%)
- Added worker_loaders binding (LOADER) to wrangler.toml
- Updated WorkerPool to use LOADER.get() instead of CF API deploy/delete
- Removed subdomain-based invoke; now uses Dynamic Workers directly
- Cleaned up config.ts (removed SUBDOMAIN_SUFFIX, PAGE_RATE_LIMIT)
- Simplified cf-api.ts to legacy cleanup only (LegacyCfApi)
- Updated all tests to use createMockLoader instead of createMockCfApi
- Removed PageRateLimitError (no longer needed)
- All API endpoints unchanged; migration is internal implementation only
CF Workers cannot fetch() other workers on the same .workers.dev zone.
This caused all /run/{name} routes to return Cloudflare's HTML 404
instead of proxying to the sub-worker.
Fix: replace inline fetch() proxy with a redirect-based approach:
- Default (browser/curl): 302 redirect to sub-worker URL
- Accept: application/json: return JSON with {url, capability, cold_start}
LRU bookkeeping (page-in, access count) still happens in Sigil before
the redirect, so cold capabilities are warmed up transparently.
New backend method: resolveInvoke() — same LRU/page-in logic as invoke()
but returns route info instead of executing the subrequest.
Fixes: https://sigil.shazhou.workers.dev/run/* returning CF 404
Reported-by: 小墨 🖊️
- Agent provides schema (JSON Schema) + execute (function body)
- Sigil auto-generates full Worker code via codegen.ts
- Input parsing: GET query params + POST JSON body, auto type conversion
- Required field validation, default values
- find mode returns schema so Agent knows how to call
- Backward compatible: raw code deploy still works
- Use CF Workers AI bge-base-en-v1.5 for embeddings
- Deploy stores capability embedding in KV
- Query uses cosine similarity (find) and MMR (explore)
- Query embedding cached in KV (1h TTL)
- Fallback to string matching for capabilities without embeddings
- Mock embedding service for unit tests
- Remove agent isolation (data sovereignty belongs to user, not agent)
- Capability naming: ping instead of xiaoju--ping
- Route: /run/{capability} instead of /{agent}/{capability}
- Auth: single deploy-token instead of per-agent tokens
- Delete S10 test (agent isolation no longer exists)
- Clean up old agent-prefixed workers
- Fix CF API deploy to use multipart form (ESM modules need metadata)
- Auto-enable workers.dev subdomain after deploy
- Verified end-to-end: deploy + invoke + list + health all working
xiaomo
xiaoju