feat(my-deepagent): v0.1.0 Step 0~5 — scaffolding through deepagent + OpenRouter

Python rewrite of the agent harness on top of deepagents 0.6.1 + langchain 1.x,
replacing the abandoned TS attempt in packages/. 388 unit/integration tests pass.

Steps
-----
0. Scaffolding — uv workspace, ruff/mypy/pre-commit/alembic, src/tests/docs
   trees with docs/schemas/ seeded from my-deepagent-seed/.
1. Core — config (pydantic-settings with MYDEEPAGENT_ env prefix and TOML
   source), enums (Backend, Capability, RiskLevel, ApprovalDecisionAction,
   ApprovalState, RunState, RunPhaseState, SessionState, ErrorClass),
   errors (MyDeepAgentError + BudgetExhaustedError with PEP-3134 cause +
   context suppression), hash (canonical JSON + sha256).
2. Persona/Workflow/Binding — pydantic v2 schemas with tuple-based deep
   immutability (post-construction hash drift prevented), YAML loaders,
   deterministic auto-select (preferred_backends → version → name → hash),
   override resolution with ineligibility diagnostics, PersonaConsentStore
   with fcntl.flock + tmp+fsync+rename atomic write.
3. Artifact schema registry — Draft202012Validator, multi-root resolution,
   structured ValidationFinding output.
4. Persistence — 18 SQLAlchemy 2.0 async ORM models with FK CASCADE/RESTRICT,
   WAL + busy_timeout + foreign_keys PRAGMA, alembic baseline +
   ux_active_run_repo_base partial unique index, LangGraph SqliteSaver as
   context manager only (lifecycle safety).
5. DeepAgent session — build_agent wires Persona → create_deep_agent with
   LocalShellBackend / FilesystemBackend / StateBackend / CompositeBackend,
   ChatOpenAI(base_url=openrouter) for openrouter: model strings, and 4
   middleware classes (cost / audit-tool / safety-shell / fallback-model).

Critical workarounds
--------------------
- deepagents 0.6.1 rejects FilesystemPermission together with backends that
  implement SandboxBackendProtocol (LocalShellBackend). SafetyShellMiddleware
  enforces destructive-command and secret-path policy at the tool layer
  instead, and build_agent strips the permissions kwarg when the persona's
  deepagents_backend is local_shell.
- FilesystemOperation in deepagents is Literal['read', 'write'] only;
  _map_operations collapses our richer schema (read/write/edit/ls) safely.

Real OpenRouter smoke
---------------------
test_openrouter_deepagents_local_shell_smoke calls DeepSeek via deepagents +
LocalShellBackend + SafetyShellMiddleware end-to-end. PASS, ~$0.000001 cost,
input=9 / output=1 tokens with content "OK".

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

my-deepagent/docs/schemas/workflows/bug-fix-with-reproduction@1.yaml

@@ -0,0 +1,108 @@
+name: bug-fix-with-reproduction
+version: 1
+description: "버그 재현 → 진단 → 수정 → 검증. 각 단계 artifact 생성."
+roles:
+  - id: reproducer
+    required_capabilities:
+      - evidence_check
+    preferred_backends:
+      - openrouter
+    fallback_personas:
+      - "openrouter-claude-debugger@1"
+      - "openrouter-deepseek-log-analyzer@1"
+  - id: debugger
+    required_capabilities:
+      - code_edit
+      - evidence_check
+      - command_execute
+    preferred_backends:
+      - openrouter
+    fallback_personas:
+      - "openrouter-claude-debugger@1"
+  - id: fixer
+    required_capabilities:
+      - code_edit
+      - test_first_development
+    preferred_backends:
+      - openrouter
+    fallback_personas:
+      - "openrouter-claude-code-editor@1"
+  - id: verifier
+    required_capabilities:
+      - evidence_check
+      - objective_eval
+    preferred_backends:
+      - openrouter
+    fallback_personas:
+      - "openrouter-deepseek-verifier@1"
+phases:
+  - key: reproduce
+    title: "버그 재현 및 재현 조건 문서화"
+    risk: low
+    role: reproducer
+    expected_artifact:
+      path: artifacts/reproduction.json
+      schema: dev/spec@1
+    gates:
+      - reproduce_approved
+    timeout_seconds: 300
+    instructions: |
+      보고된 버그를 재현하고 재현 조건을 문서화합니다.
+      로그 파일이 있으면 read_file로 읽고 패턴을 분석합니다.
+      glob/grep으로 관련 코드를 검색합니다.
+      재현 조건·환경·입력값·실제 출력·기대 출력을 dev/spec@1 형식으로
+      artifacts/reproduction.json에 write_file로 저장합니다.
+    max_budget_usd: 0.20
+  - key: diagnose
+    title: "근본 원인 진단"
+    risk: low
+    role: debugger
+    expected_artifact:
+      path: artifacts/diagnosis.json
+      schema: dev/spec@1
+    gates:
+      - diagnose_approved
+    timeout_seconds: 360
+    instructions: |
+      artifacts/reproduction.json을 read_file로 읽고 근본 원인을 진단합니다.
+      가설을 세우고 read_file/grep으로 코드에서 검증합니다.
+      가장 단순한 가설부터 검증합니다.
+      root cause, 영향 범위, 수정 제안을 dev/spec@1 형식으로
+      artifacts/diagnosis.json에 write_file로 저장합니다.
+    max_budget_usd: 0.50
+  - key: fix
+    title: "버그 수정"
+    risk: medium
+    role: fixer
+    expected_artifact:
+      path: artifacts/fix.json
+      schema: dev/spec@1
+    gates:
+      - fix_approved
+    timeout_seconds: 600
+    instructions: |
+      artifacts/diagnosis.json을 read_file로 읽고 근본 원인을 수정합니다.
+      수정 전 테스트 케이스를 먼저 작성합니다 (test_first_development).
+      edit_file로 최소한의 변경만 적용합니다.
+      수정 내용, 변경된 파일 목록, 테스트 명령어를 dev/spec@1 형식으로
+      artifacts/fix.json에 write_file로 저장합니다.
+    max_budget_usd: 1.00
+  - key: verify
+    title: "수정 결과 검증"
+    risk: low
+    role: verifier
+    expected_artifact:
+      path: artifacts/verification.json
+      schema: dev/review-finding-batch@1
+    gates:
+      - verify_approved
+    timeout_seconds: 300
+    instructions: |
+      artifacts/fix.json을 read_file로 읽고 수정된 코드를 직접 확인합니다.
+      재현 조건이 해소됐는지, 회귀 위험은 없는지 검증합니다.
+      검증 결과를 dev/review-finding-batch@1 형식으로
+      artifacts/verification.json에 write_file로 저장합니다.
+      verifierStatus: confirmed = 수정 확인됨, rejected = 수정 불충분.
+    max_budget_usd: 0.20
+default_gates: []
+max_total_budget_usd: 3.0