feat(sharing): per-agent custom instructions for public & channel chats (#1205)

[dolho]

Summary

Adds a per-agent Additional instructions field on the Sharing tab that injects a custom system-prompt fragment into public-facing conversations only — public links, channel chats (Slack/Telegram/WhatsApp), and x402 paid chat. Owners can tailor persona, scope limits, disclaimers, or guardrails for outside audiences without touching how the agent behaves in their own authenticated chats, scheduled work, or agent-to-agent calls. The text-surface counterpart of the existing voice_system_prompt.

Implementation (mirrors voice_system_prompt end-to-end)

• Schema/migration — agent_ownership.public_channel_system_prompt TEXT in schema.py and the db/tables.py Core object, plus a versioned migration (Invariant Feature/vector log retention #3). Covers SQLite + Postgres.
• DB — get/set_public_channel_system_prompt (set strips whitespace, empty clears) + facade delegation.
• Models — PublicChannelPrompt / PublicChannelPromptUpdate, 4000-char cap (Invariant Add internal health route, without which main didn't start #14).
• API — owner-only GET/PUT /api/agents/{name}/public-prompt (sharing.py).
• Injection — platform_prompt_service.build_public_channel_caller_prompt folds the fragment with the MEM-001 memory block (public fragment first), wired into the three public-facing sites: message_router.py (all channels), public.py (public chat sync + async), paid.py (x402). Authenticated chat / Session tab / schedules / loops / a2a never call it — the scope exclusion holds by construction.
• UI — Additional Instructions textarea (save/clear + char counter) in SharingPanel.vue via two agents-store methods (Invariants Feature/process engine #6/security: Fix token logging and add HTML reports to gitignore #7).
• No MCP change — channel/public chats don't traverse the MCP server (Invariant feat: SMARTS trading pipeline with Telegram notifications and Miro visualization #13 N/A).

Behavior guarantees

• Strict no-op when unset — zero behavior change for existing agents.
• A DB lookup failure degrades to the memory block alone — never blocks a chat.
• Composes correctly with MEM-001 per-user memory (folded into the same caller_prompt).
• Group chats: applied (group channels are public-facing) — per the AC default.

Acceptance criteria

• New per-agent field editable from the Sharing tab, save/clear + char limit
• Appended for public links, channel router, x402 paid chat
• NOT applied to authenticated chat/session, schedules, loops, a2a
• Composes with MEM-001 memory block in caller_prompt
• Owner-only GET/PUT mirroring the voice-prompt pattern
• Empty/unset is a strict no-op
• Group-chat behavior explicit (applies to groups)

Testing

30 passed — new test_public_channel_prompt.py (db get/set/clear/isolation on SQLite + Postgres; helper composition: 4 combos + db-error degradation) plus the schema-parity and migrations suites green.

Related to #1205

🤖 Generated with Claude Code

[vybe]

Validated via /validate-pr — two blockers (the prompt-injection framing, public/channel/x402 wiring, and tests look solid otherwise):

1. Missing Postgres/Alembic migration (Invariant #3). Adds agent_ownership.public_channel_system_prompt via a SQLite migration (_migrate_agent_ownership_public_channel_prompt) + schema.py/tables.py, but no Alembic revision under src/backend/migrations/versions/. PG deployments won't get the column. (schema-parity only guards the SQLite track — same gap as #1339.)

2. Conflicts with dev after #1317. #1317 restructured SharingPanel.vue (moved operator management to the new Access tab, reframed around Identity Proof / access policy). This PR was built on the old layout, so the SharingPanel.vue / routers/sharing.py conflicts need a rebase onto the redesigned component.

— posted via /validate-pr

[github-actions]

⚠️ Nightly unit-suite check skipped — merge conflict against dev.

Resolve by running git merge dev locally and pushing the result. The next nightly run will re-test once the conflict is gone.