Fixes all 4 issues from CodeRabbit review:
1. Race condition in spawn: replaced separate running_count() check +
insert() with atomic try_insert(session, max) that holds the write
lock for both the count check and insertion.
2. UTF-8 byte slice panic in subagent_manage: output truncation now
uses char_indices().nth(500) to find a safe byte boundary.
3. UTF-8 byte slice panic in truncate_task: now uses chars().count()
for length check and char_indices().nth() for safe slicing.
Added truncate_task_multibyte_safe test with emoji input.
4. cast_unsigned() replaced with 'as u64' — standard Rust cast for
duration milliseconds.
Test count: 57 (56 + 1 new multibyte safety test).
Improve docstring coverage to meet the 80% threshold required
by CI. Adds //! module docs and /// item docs to all public
types and functions in the subagent tool modules.
Add background sub-agent orchestration tools that extend the existing
delegate tool with async execution, session tracking, and lifecycle
management.
New tools:
- subagent_spawn: Spawn delegate agents in background via tokio::spawn,
returns session_id immediately. Respects security policy, depth limits,
rate limits, and configurable concurrent session cap.
- subagent_list: List running/completed/failed/killed sessions with
status filtering. Read-only, allowed in all autonomy modes.
- subagent_manage: Kill running sessions via CancellationToken or
query status with partial output. Enforces Act policy for kill.
Shared state:
- SubAgentRegistry: Thread-safe session store using
Arc<parking_lot::RwLock<HashMap>> with lazy cleanup of sessions
older than 1 hour. Tracks session metadata, status, timing, and
results.
Test coverage: 56 tests across all 4 modules covering happy paths,
error handling, security enforcement, concurrency, parameter
validation, and edge cases.
No new dependencies added. No existing tests broken.
