- receive a task from the CLI or shell
- resolve the requested, active, or default profile
- inspect the remote environment when enabled
- try to match a verified playbook
- fall back to provider planning only when needed
- classify the resulting commands with the risk engine
- build a plan review summary
- show commands, risks, changes, and rollback guidance
- request approval
- execute over SSH if approved
- capture stdout, stderr, exit codes, and timing
- summarize the outcome
- prepare a repair path when execution fails
- record task history, session events, and audit logs
During --dry-run:
- mutating
executeandrepairsteps are skipped - inspect and verify steps may still run
- skipped mutating steps are recorded explicitly
KOMU does not hide dangerous commands behind a summary. Review happens before execution and remains visible even for provider-backed plans.
Standard plans use a normal approval prompt.
Elevated or destructive plans require typed confirmation.
Plans and playbooks can now carry rollback guidance.
Current rollback support is guidance-oriented:
- some playbooks expose concrete rollback commands
- some only expose manual recovery steps
- some mark rollback as unavailable and explain why
If execution fails, KOMU:
- records the failing step
- keeps stdout and stderr
- summarizes the failure
- prepares a repair attempt when a meaningful path exists
- keeps the repair path visible and reviewed before any follow-up execution