CLI Agent Orchestrator (CAO)

What's Changed

• fix(launch): honour profile.provider when --provider flag is not given by @gutosantos82 in https://github.com/awslabs/cli-agent-orchestrator/pull/196
• fix(claude-code): eliminate PROCESSING false-positives from compaction and /exit by @gutosantos82 in https://github.com/awslabs/cli-agent-orchestrator/pull/199
• feat: Add OpenCode CLI provider support by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/193
• fix(kiro_cli): honor --yolo and profile.model at launch by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/201
• fix(copilot_cli): recognise Copilot v1.0.31+ status bar and breadcrumb as footer lines for idle detection by @wahidzzz in https://github.com/awslabs/cli-agent-orchestrator/pull/184
• feat(ci): add PyPI publish workflow and update pyproject.toml by @fanhongy in https://github.com/awslabs/cli-agent-orchestrator/pull/123
• Feat/publish cao to pypi by @fanhongy in https://github.com/awslabs/cli-agent-orchestrator/pull/209
• build(deps-dev): bump postcss from 8.5.8 to 8.5.12 in /web by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/208
• Fix git cliff timeout issue to unblock the release action by @fanhongy in https://github.com/awslabs/cli-agent-orchestrator/pull/212
• switch to deploy key to bypass commit to main by @fanhongy in https://github.com/awslabs/cli-agent-orchestrator/pull/213

Full Changelog: https://github.com/awslabs/cli-agent-orchestrator/compare/v2.1.0...v2.1.1

v2.1.0 — 2026-04-22

Highlights

CAO 2.1 adds a cao session CLI for driving running sessions from the shell, an external-plugin extension point (pip-installable observer/hook plugins), a first-class skills system with managed skills auto-seeded at cao init, Kiro CLI full-TUI support, agent-profile env-var injection, a universal allowedTools vocabulary translated per-provider, and the Web UI now ships inside the Python wheel. Plus a stack of TUI-detection and session-lifecycle fixes across Claude Code, Kiro CLI, and terminal-service.

Added

• cao session command group — New cao session list | status | send lets you inspect and drive running sessions from the shell without attaching to tmux. cao shutdown and cao launch now go through the HTTP API so a local CLI can drive a remote cao-server. cao launch also gains --working-directory and an optional trailing message argument for one-shot headless task execution. A new cao-session-management skill documents the command group for LLM-driven operators by @anilkmr-a2z in https://github.com/awslabs/cli-agent-orchestrator/pull/187
• External plugins — Observer/hook plugins can now be installed via pip and auto-discovered through the cao.plugins entry point group. Plugins subclass CaoPlugin and register handlers with the @hook decorator. Ships with lifecycle tests and a documented install flow at docs/plugins.md by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/172
• Skills system — Native support for reusable agent skills installed to ~/.cao/skills/ via cao skill add. New cao-provider skill guides contributors through adding new CLI agent providers end-to-end; cao-supervisor-protocols and cao-worker-protocols seeded via cao init. Managed-skills section added to the README by @patricka3125 and @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/145, https://github.com/awslabs/cli-agent-orchestrator/pull/154, https://github.com/awslabs/cli-agent-orchestrator/pull/170
• Kiro CLI full TUI mode + --legacy-ui fallback — Support for Kiro CLI's new full-screen TUI alongside the legacy prompt; --legacy-ui flag preserved for compatibility by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/138, https://github.com/awslabs/cli-agent-orchestrator/pull/163
• Agent-profile environment variable injection — Agent profiles can declare env entries loaded into the agent process at launch, with secret-aware handling via ~/.cao/.env by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/156
• Universal allowedTools vocabulary — Unified CAO tool-restriction vocabulary translated per-provider, replacing provider-specific allow/deny flags. Child agents now honor explicit allowedTools=["*"] instead of silently inheriting parent restrictions by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/125, https://github.com/awslabs/cli-agent-orchestrator/pull/144
• Web UI bundled in the wheel — Built Web UI assets now ship inside the Python wheel, so a plain uv tool install gives you the dashboard with no extra build steps by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/169
• Clearer launch confirmation + --auto-approve — Redesigned the cao launch confirmation prompt to show Role instead of Blocked, clearly distinguish [Y] / [--auto-approve] / [--yolo], and added --auto-approve to skip the prompt without removing restrictions by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/146

Fixed

• Cleanup guard on terminal creation — _create_terminal no longer kills sessions it didn't create during rollback; the cleanup path now tracks whether this call actually created the tmux session by @gutosantos82 in https://github.com/awslabs/cli-agent-orchestrator/pull/191
• Graceful handling of missing agent profiles — terminal_service returns a clear error instead of tracebacking when an agent profile can't be found in the CAO store by @anilkmr-a2z in https://github.com/awslabs/cli-agent-orchestrator/pull/186
• Profile-level model honored at terminal creation — Providers now pass profile.model through to the CLI at launch, so per-agent model selection works end-to-end by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/189
• Claude Code: false-positive IDLE on pre-existing shell prompt — Initialize-time status check could return IDLE against the pre-existing zsh/bash ❯ prompt before Claude Code actually started. Added pre-launch pane snapshot + Claude-specific startup markers to confirm the CLI is actually running before accepting IDLE by @gutosantos82 in https://github.com/awslabs/cli-agent-orchestrator/pull/190
• Claude Code: structural PROCESSING detection — get_status() now uses structural detection for PROCESSING instead of relying on ❯ position, eliminating a race where the spinner and prompt interleaved mid-capture by @gutosantos82 in https://github.com/awslabs/cli-agent-orchestrator/pull/177
• Claude Code: stale processing spinners no longer block inbox delivery — by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/106
• Kiro CLI: 2.0 credits-before-separator layout — Status detection updated for the new Kiro TUI layout where the credits line appears before the separator by @anilkmr-a2z in https://github.com/awslabs/cli-agent-orchestrator/pull/188
• Kiro CLI: position-aware "Kiro is working" check — Stale scrollback could leave "Kiro is working" in the capture after completion and block handoffs with a false PROCESSING; detection is now position-aware to the latest interaction by @wahidzzz in https://github.com/awslabs/cli-agent-orchestrator/pull/185
• Kiro CLI: new-TUI fallback patterns + FileNotFoundError handling — Added fallback detection patterns for the new Kiro CLI TUI prompt format (ask a question, or describe a task). Fixed load_agent_profile() wrapping FileNotFoundError as RuntimeError, which caused assign() to fail for JSON-only agent profiles by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/140 (resolves #137)
• Web UI: missing providers in dropdown — Added gemini_cli, kimi_cli, and copilot_cli to the /agents/providers endpoint and frontend fallback list so all 7 providers appear by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/158 (resolves #157)
• Web UI: terminal scroll and paste reliability — Fixes for scrollback drift and multi-line paste handling in the browser terminal by @gosmonso96 in https://github.com/awslabs/cli-agent-orchestrator/pull/162
• WAITING_USER_ANSWER false positives from stale scrollback — Regex hardened so historical confirm? [y/n] lines in scrollback don't get re-detected as active prompts by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/142
• Gemini skill-catalog test assertion — Test reads GEMINI.md rather than a hardcoded fixture so the catalog assertion tracks the live skill set by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/180

Security

• Bump authlib 1.6.9 → 1.6.11 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/178
• Bump cryptography 46.0.5 → 46.0.7 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/135, https://github.com/awslabs/cli-agent-orchestrator/pull/165
• Bump fastmcp 2.14.5 → 3.2.0 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/139
• Bump pygments 2.19.2 → 2.20.0 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/136
• Bump python-dotenv 1.1.1 → 1.2.2 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/194
• Bump python-multipart 0.0.22 → 0.0.26 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/175
• Bump pytest (dev) 8.4.2 → 9.0.3 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/173
• Bump vite 6.4.1 → 6.4.2 by @dependabot in https://github.com/awslabs/cli-agent-orchestrator/pull/160

New Contributors

• @gosmonso96 made their first contribution in https://github.com/awslabs/cli-agent-orchestrator/pull/162
• @wahidzzz made their first contribution in https://github.com/awslabs/cli-agent-orchestrator/pull/185

Upgrade

uv tool install git+https://github.com/awslabs/[email protected] --upgrade

No breaking changes to existing CLI invocations. New features are additive; the HTTP refactor of cao shutdown / cao launch preserves the old argument shapes.

Full Changelog: https://github.com/awslabs/cli-agent-orchestrator/compare/v2.0.0...v2.1.0

What's Changed

• feat(security): Support agent-profile environment variable injection and loading by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/156
• feat: add cao-provider skill for new CLI agent providers by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/154
• Fix/providers endpoint missing entries by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/158
• build(deps-dev): bump vite from 6.4.1 to 6.4.2 in /web by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/160
• fix: improve Web UI terminal scroll and paste reliability by @gosmonso96 in https://github.com/awslabs/cli-agent-orchestrator/pull/162
• build(deps): bump cryptography from 46.0.6 to 46.0.7 by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/165
• feat(kiro_cli): add full TUI mode support with --legacy-ui fallback (#159) by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/163

New Contributors

• @gosmonso96 made their first contribution in https://github.com/awslabs/cli-agent-orchestrator/pull/162

Full Changelog: https://github.com/awslabs/cli-agent-orchestrator/compare/v2.0.1...v2.0.2

What's Changed

• build(deps): bump cryptography from 46.0.5 to 46.0.6 by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/135
• build(deps): bump pygments from 2.19.2 to 2.20.0 by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/136
• feat(security): add allowedTools — universal tool restriction across … by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/125
• fix(kiro_cli): add --legacy-ui flag for new Kiro CLI TUI compatibility by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/138
• build(deps): bump fastmcp from 2.14.5 to 3.2.0 by @dependabot[bot] in https://github.com/awslabs/cli-agent-orchestrator/pull/139
• fix(kiro_cli): add new TUI fallback patterns + fix #137 exception handling by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/140
• fix: replace WAITING_USER_ANSWER regex to prevent stale scrollback false positives by @patricka3125 in https://github.com/awslabs/cli-agent-orchestrator/pull/142
• fix(security): honor child allowedTools=["*"] instead of inheriting p… by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/144
• fix(launch): clarify prompt, add --auto-approve, document TOOL_MAPPING by @haofeif in https://github.com/awslabs/cli-agent-orchestrator/pull/146

Full Changelog: https://github.com/awslabs/cli-agent-orchestrator/compare/v2.0.0...v2.0.1