Skip to main content
KRAIT

Evolution Pipeline Deep Dive

The complete lifecycle of a code evolution — from proposal through validation, testing, review, and hot reload.

End-to-End Evolution Flow

The evolution pipeline turns an AI agent's intent into running production code. Every step is observable, reversible, and gated by both automated checks and human judgment.

Step 1: Proposal

The Brain identifies a missing capability during a ReAct loop. It emits a structured proposal containing the Elixir module source, a rationale explaining why the new skill is needed, and the target security classification (:safe, :network, or :privileged). The proposal is enqueued in the Evolution supervisor's mailbox.

Step 2: AST Analysis

The Evolution process passes the raw source to the Narsil NIF. Narsil parses the code into an Elixir AST, resolves module aliases, and walks the tree node by node. Each node is checked against the full KRAIT rule suite. If the declared security classification is :safe but the code contains an HTTP call, Narsil flags the mismatch. Analysis results include rule pass/fail status, line-level annotations, and a complexity score.

Step 3: Narsil Validation

Beyond rule checking, Narsil performs semantic validation. It verifies that the module implements the required Krait.Skill behaviour callbacks, that typespecs are present on all public functions, and that no circular dependencies are introduced. Proposals that fail validation are returned to the Brain with structured feedback so it can revise and resubmit.

Step 4: Sandbox Testing

Validated code is deployed into a FLAME-spawned Docker container along with auto-generated property-based tests. The test suite exercises the module's public API against random inputs derived from its typespecs. Test results, including any crashes or assertion failures, are captured and attached to the proposal record.

Step 5: Pull Request

Passing proposals are committed to a feature branch and pushed as a GitHub pull request. The PR body contains the proposal rationale, Narsil's analysis report, test results, and a diff summary.

Step 6: Human Review and Merge

A human reviewer examines the PR and can approve, request changes, or reject. KRAIT does not self-merge. The agent proposes, humans dispose.

Step 7: Hot Reload

Once merged, a webhook notifies KRAIT. The system pulls the updated module, re-verifies it through Narsil, and performs an OTP hot code reload. The new skill is immediately available without restarting the agent.